linux/unwind.c

/*
 *
 * honggfuzz - architecture dependent code (LINUX/UNWIND)
 * -----------------------------------------
 *
 * Author: Robert Swiecki <swiecki@google.com>
 *
 * Copyright 2010-2015 by Google Inc. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License. You may obtain
 * a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * permissions and limitations under the License.
 *
 */

#include "common.h"
#include "linux/unwind.h"

#include <libunwind-ptrace.h>

#include "log.h"

#if defined(__ANDROID__)
#include <sys/endian.h>         /* For __BYTE_ORDER */
#endif

/*
 * WARNING: Ensure that _UPT-info structs are not shared between threads
 * http://www.nongnu.org/libunwind/man/libunwind-ptrace(3).html
 */

/*
 * TODO: Subtract from load map to have relative PC stored in report file. 
 * link_map seems to be the easiest road for that.
 */

// libunwind error codes used for debugging
static const char *UNW_ER[] = {
    "UNW_ESUCCESS",             /* no error */
    "UNW_EUNSPEC",              /* unspecified (general) error */
    "UNW_ENOMEM",               /* out of memory */
    "UNW_EBADREG",              /* bad register number */
    "UNW_EREADONLYREG",         /* attempt to write read-only register */
    "UNW_ESTOPUNWIND",          /* stop unwinding */
    "UNW_EINVALIDIP",           /* invalid IP */
    "UNW_EBADFRAME",            /* bad frame */
    "UNW_EINVAL",               /* unsupported operation or bad value */
    "UNW_EBADVERSION",          /* unwind info has unsupported version */
    "UNW_ENOINFO"               /* no unwind info found */
};

#ifndef __ANDROID__
size_t arch_unwindStack(pid_t pid, funcs_t *funcs)
{
    size_t frames = 0;
    void *ui = NULL;

    unw_addr_space_t as = unw_create_addr_space(&_UPT_accessors, __BYTE_ORDER);
    if (!as) {
        LOGMSG(l_ERROR, "[pid='%d'] unw_create_addr_space failed", pid);
        goto out;
    }

    ui = _UPT_create(pid);
    if (ui == NULL) {
        LOGMSG(l_ERROR, "[pid='%d'] _UPT_create failed", pid);
        goto out;
    }

    unw_cursor_t c;
    int ret = unw_init_remote(&c, as, ui);
    if (ret < 0) {
        LOGMSG(l_ERROR, "[pid='%d'] unw_init_remote failed (%s)", pid, UNW_ER[-ret]);
        goto out;
    }

    for (frames = 0; unw_step(&c) > 0 && frames < _HF_MAX_FUNCS; frames++) {
        unw_word_t ip;
        ret = unw_get_reg(&c, UNW_REG_IP, &ip);
        if (ret < 0) {
            LOMGSG(l_ERROR, "[pid='%d'] [%d] failed to read IP (%s)", pid, frames, UNW_ER[-ret]);
            funcs[ret].pc = 0;
        }
        else
            funcs[ret].pc = (void *)ip;
    }

 out:
    ui ? _UPT_destroy(ui) : 0;
    as ? unw_destroy_addr_space(as) : 0;
    return ret;
}

#else                          /* !defined(__ANDROID__) */
size_t arch_unwindStack(pid_t pid, funcs_t *funcs)
{
    size_t num_frames = 0;    
    struct UPT_info *ui = NULL;
    unw_addr_space_t as = NULL;

    as = unw_create_addr_space(&_UPT_accessors, __BYTE_ORDER);
    if (!as) {
        LOGMSG(l_ERROR, "[pid='%d'] unw_create_addr_space failed", pid);
        goto out;
    }

    ui = (struct UPT_info*)_UPT_create(pid);
    if (ui == NULL) {
        LOGMSG(l_ERROR, "[pid='%d'] _UPT_create failed", pid);
        goto out;
    }

    unw_cursor_t cursor;
    int ret = unw_init_remote(&cursor, as, ui);
    if (ret < 0) {
        LOGMSG(l_ERROR, "[pid='%d'] unw_init_remote failed (%s)", pid, UNW_ER[-ret]);
        goto out;
    }

    do {
        unw_word_t pc = 0, offset = 0;
        char buf[_HF_FUNC_NAME_SZ] = { 0 };

        unw_proc_info_t frameInfo;
        ret = unw_get_proc_info(&cursor, &frameInfo);
        if (ret < 0) {
            LOGMSG(l_DEBUG, "[pid='%d'] [%d] unw_get_proc_info (%s)",
                    pid, num_frames, UNW_ER[-ret]);
            // Not safe to keep reading
            goto out;
        }

        ret = unw_get_reg(&cursor, UNW_REG_IP, &pc);
        if (ret < 0) {
            LOGMSG(l_ERROR, "[pid='%d'] [%d] failed to read IP (%s)",
                    pid, num_frames, UNW_ER[-ret]);
            // We don't want to try to extract info from an arbitrary IP
            // TODO: Maybe abort completely (goto out))
            goto skip_frame_info;
        }

        ret = unw_get_proc_name(&cursor, buf, sizeof(buf), &offset);
        if (ret < 0) {
            LOGMSG(l_DEBUG, "[pid='%d'] [%d] unw_get_proc_name() failed (%s)",
                    pid, num_frames, UNW_ER[-ret]);
            buf[0] = '\0';
        }

skip_frame_info:
        // Compared to bfd, line var plays the role of offset from func_name
        // Reports format is adjusted accordingly to reflect in saved file
        funcs[num_frames].line = offset;
        funcs[num_frames].pc = (void *)pc;
        memcpy(funcs[num_frames].func, buf, sizeof(funcs[num_frames].func));

        num_frames++;

        ret = unw_step(&cursor);
    } while (ret > 0 && num_frames < _HF_MAX_FUNCS);

 out:
    ui ? _UPT_destroy(ui) : NULL;
    as ? unw_destroy_addr_space(as) : NULL;

    ui = NULL;
    as = NULL;

    return num_frames;
}
#endif                          /* defined(__ANDROID__) */