Write a memory around the instruction pointer from the crashing thread to the minidump on Linux

src/client/linux/minidump_writer/minidump_writer.cc

 // Copyright (c) 2009, Google Inc.
 // All rights reserved.
 //
 // Redistribution and use in source and binary forms, with or without
 // modification, are permitted provided that the following conditions are
 // met:
 //
 //     * Redistributions of source code must retain the above copyright
 // notice, this list of conditions and the following disclaimer.
 //     * Redistributions in binary form must reproduce the above
@@ skipping 28 matching lines @@
 //   * You may not call syscalls via the libc wrappers. This rule is a subset
 //     of the first rule but it bears repeating. We have direct wrappers
 //     around the system calls in linux_syscall_support.h.
 //   * You may not malloc. There's an alternative allocator in memory.h and
 //     a canonical instance in the LinuxDumper object. We use the placement
 //     new form to allocate objects and we don't delete them.
 
 #include "client/linux/minidump_writer/minidump_writer.h"
 #include "client/minidump_file_writer-inl.h"
 
+#include <algorithm>
+
 #include <errno.h>
 #include <fcntl.h>
 #include <link.h>
 #include <stdio.h>
 #include <unistd.h>
 #include <sys/ucontext.h>
 #include <sys/user.h>
 #include <sys/utsname.h>
 
 #include "client/minidump_file_writer.h"
@@ skipping 301 matching lines @@
       : filename_(filename),
         siginfo_(&context->siginfo),
         ucontext_(&context->context),
 #if !defined(__ARM_EABI__)
         float_state_(&context->float_state),
 #else
         //TODO: fix this after fixing ExceptionHandler
         float_state_(NULL),
 #endif
         crashing_tid_(context->tid),
-        dumper_(crashing_pid) {
+        dumper_(crashing_pid),
+        memory_blocks_(dumper_.allocator()) {
   }
 
   bool Init() {
     return dumper_.Init() && minidump_writer_.Open(filename_) &&
            dumper_.ThreadsSuspend();
   }
 
   ~MinidumpWriter() {
     minidump_writer_.Close();
     dumper_.ThreadsResume();
@@ skipping 12 matching lines @@
       dumper_.CopyFromProcess(&dyn, crashing_tid_, _DYNAMIC+i++, sizeof(dyn));
       if (dyn.d_tag == DT_DEBUG) {
         r_debug = (struct r_debug*)dyn.d_un.d_ptr;
         continue;
       } else if (dyn.d_tag == DT_NULL)
         break;
     }
 
     // A minidump file contains a number of tagged streams. This is the number
     // of stream which we write.
-    const unsigned kNumWriters = 11 + !!r_debug;
+    unsigned kNumWriters = 12;
+    if (r_debug)
+      ++kNumWriters;

[mochalatte, 2010/09/16 20:50:22]

wow, thank you for rewriting this.

 
     TypedMDRVA<MDRawHeader> header(&minidump_writer_);
     TypedMDRVA<MDRawDirectory> dir(&minidump_writer_);
     if (!header.Allocate())
       return false;
     if (!dir.AllocateArray(kNumWriters))
       return false;
     memset(header.get(), 0, sizeof(MDRawHeader));
 
     header.get()->signature = MD_HEADER_SIGNATURE;
     header.get()->version = MD_HEADER_VERSION;
     header.get()->time_date_stamp = time(NULL);
     header.get()->stream_count = kNumWriters;
     header.get()->stream_directory_rva = dir.position();
 
     unsigned dir_index = 0;
     MDRawDirectory dirent;
 
     if (!WriteThreadListStream(&dirent))
       return false;
     dir.CopyIndex(dir_index++, &dirent);
 
     if (!WriteMappings(&dirent))
       return false;
     dir.CopyIndex(dir_index++, &dirent);
 
+    if (!WriteMemoryListStream(&dirent))
+      return false;
+    dir.CopyIndex(dir_index++, &dirent);
+
     if (!WriteExceptionStream(&dirent))
       return false;
     dir.CopyIndex(dir_index++, &dirent);
 
     if (!WriteSystemInfoStream(&dirent))
       return false;
     dir.CopyIndex(dir_index++, &dirent);
 
     dirent.stream_type = MD_LINUX_CPU_INFO;
     if (!WriteFile(&dirent.location, "/proc/cpuinfo"))
@@ skipping 188 matching lines @@
         if (!dumper_.GetStackInfo(&stack, &stack_len, GetStackPointer()))
           return false;
         UntypedMDRVA memory(&minidump_writer_);
         if (!memory.Allocate(stack_len))
           return false;
         uint8_t* stack_copy = (uint8_t*) dumper_.allocator()->Alloc(stack_len);
         dumper_.CopyFromProcess(stack_copy, thread.thread_id, stack, stack_len);
         memory.Copy(stack_copy, stack_len);
         thread.stack.start_of_memory_range = (uintptr_t) (stack);
         thread.stack.memory = memory.location();
+        memory_blocks_.push_back(thread.stack);
+
+        // Copy 256 bytes around crashing instruction pointer to minidump.
+        const size_t ip_memory_size = 256;

[mochalatte, 2010/09/16 20:50:22]

precede constant variable names with k

+        u_int64_t ip = GetInstructionPointer();
+        // Bound it to the upper and lower bounds of the memory map
+        // it's contained within. If it's not in mapped memory,
+        // don't bother trying to write it.
+        bool ip_is_mapped = false;
+        MDMemoryDescriptor ip_memory_d;
+        for (unsigned i = 0; i < dumper_.mappings().size(); ++i) {
+          const MappingInfo& mapping = *dumper_.mappings()[i];
+          if (ip >= mapping.start_addr &&
+              ip < mapping.start_addr + mapping.size) {
+            ip_is_mapped = true;
+            // Try to get 128 bytes before and after the IP, but
+            // settle for whatever's available.
+            ip_memory_d.start_of_memory_range =
+              std::min(mapping.start_addr,
+                       uintptr_t(ip - ip_memory_size / 2));

[mochalatte, 2010/09/16 20:50:22]

i know the order of operations is like elementary school algebra but can we have
parens around the ones we want to take place first just for clarity? :-)

+            ip_memory_d.memory.data_size =
+              std::min(ptrdiff_t(ip_memory_size),
+                       ptrdiff_t(mapping.start_addr + mapping.size
+                                 - ip_memory_d.start_of_memory_range));
+            break;
+          }
+        }
+
+        if (ip_is_mapped) {
+          UntypedMDRVA ip_memory(&minidump_writer_);
+          if (!ip_memory.Allocate(ip_memory_d.memory.data_size))
+            return false;
+          uint8_t* memory_copy =
+            (uint8_t*) dumper_.allocator()->Alloc(ip_memory_d.memory.data_size);
+          dumper_.CopyFromProcess(
+            memory_copy,
+            thread.thread_id,
+            reinterpret_cast<void*>(ip_memory_d.start_of_memory_range),
+            ip_memory_d.memory.data_size);
+          ip_memory.Copy(memory_copy, ip_memory_d.memory.data_size);
+          ip_memory_d.memory = ip_memory.location();
+          memory_blocks_.push_back(ip_memory_d);
+        }
+
         TypedMDRVA<RawContextCPU> cpu(&minidump_writer_);
         if (!cpu.Allocate())
           return false;
         my_memset(cpu.get(), 0, sizeof(RawContextCPU));
         CPUFillFromUContext(cpu.get(), ucontext_, float_state_);
         PopSeccompStackFrame(cpu.get(), thread, stack_copy);
         thread.thread_context = cpu.location();
         crashing_thread_context_ = cpu.location();
       } else {
         ThreadInfo info;
         if (!dumper_.ThreadInfoGet(dumper_.threads()[i], &info))
           return false;
         UntypedMDRVA memory(&minidump_writer_);
         if (!memory.Allocate(info.stack_len))
           return false;
         uint8_t* stack_copy =
             (uint8_t*) dumper_.allocator()->Alloc(info.stack_len);
         dumper_.CopyFromProcess(stack_copy, thread.thread_id, info.stack,
                                 info.stack_len);
         memory.Copy(stack_copy, info.stack_len);
         thread.stack.start_of_memory_range = (uintptr_t)(info.stack);
         thread.stack.memory = memory.location();
+        memory_blocks_.push_back(thread.stack);
+
         TypedMDRVA<RawContextCPU> cpu(&minidump_writer_);
         if (!cpu.Allocate())
           return false;
         my_memset(cpu.get(), 0, sizeof(RawContextCPU));
         CPUFillFromThreadInfo(cpu.get(), info);
         PopSeccompStackFrame(cpu.get(), thread, stack_copy);
         thread.thread_context = cpu.location();
       }
 
       list.CopyIndexAfterObject(i, &thread, sizeof(thread));
@@ skipping 80 matching lines @@
       if (!minidump_writer_.WriteString(mapping.name, filepath_len, &ld))
         return false;
       mod.module_name_rva = ld.rva;
 
       list.CopyIndexAfterObject(j++, &mod, MD_MODULE_SIZE);
     }
 
     return true;
   }
 
+  bool WriteMemoryListStream(MDRawDirectory* dirent) {
+    TypedMDRVA<uint32_t> list(&minidump_writer_);
+    if (!list.AllocateObjectAndArray(memory_blocks_.size(),
+                                     sizeof(MDMemoryDescriptor)))
+      return false;
+
+    dirent->stream_type = MD_MEMORY_LIST_STREAM;
+    dirent->location = list.location();
+
+    *list.get() = memory_blocks_.size();
+
+    for (size_t i = 0; i < memory_blocks_.size(); ++i) {
+      list.CopyIndexAfterObject(i, &memory_blocks_[i],
+                                sizeof(MDMemoryDescriptor));
+    }
+    return true;
+  }
+
   bool WriteExceptionStream(MDRawDirectory* dirent) {
     TypedMDRVA<MDRawExceptionStream> exc(&minidump_writer_);
     if (!exc.Allocate())
       return false;
     my_memset(exc.get(), 0, sizeof(MDRawExceptionStream));
 
     dirent->stream_type = MD_EXCEPTION_STREAM;
     dirent->location = exc.location();
 
     exc.get()->thread_id = crashing_tid_;
@@ skipping 95 matching lines @@
     delete[] dso_debug_data;
 
     return true;
   }
 
  private:
 #if defined(__i386)
   uintptr_t GetStackPointer() {
     return ucontext_->uc_mcontext.gregs[REG_ESP];
   }
+
+  uintptr_t GetInstructionPointer() {
+    return ucontext)->uc_mcontext.gregs[REG_EIP];
+  }
 #elif defined(__x86_64)
   uintptr_t GetStackPointer() {
     return ucontext_->uc_mcontext.gregs[REG_RSP];
   }
+
+  uintptr_t GetInstructionPointer() {
+    return ucontext_->uc_mcontext.gregs[REG_RIP];
+  }
 #elif defined(__ARM_EABI__)
   uintptr_t GetStackPointer() {
     return ucontext_->uc_mcontext.arm_sp;
   }
+
+  uintptr_t GetInstructionPointer() {
+    return ucontext_->uc_mcontext.arm_ip;
+  }
 #else
 #error "This code has not been ported to your platform yet."
 #endif
 
   void NullifyDirectoryEntry(MDRawDirectory* dirent) {
     dirent->stream_type = 0;
     dirent->location.data_size = 0;
     dirent->location.rva = 0;
   }
 
@@ skipping 229 matching lines @@
   }
 
   const char* const filename_;  // output filename
   const siginfo_t* const siginfo_;  // from the signal handler (see sigaction)
   const struct ucontext* const ucontext_;  // also from the signal handler
   const struct _libc_fpstate* const float_state_;  // ditto
   const pid_t crashing_tid_;  // the process which actually crashed
   LinuxDumper dumper_;
   MinidumpFileWriter minidump_writer_;
   MDLocationDescriptor crashing_thread_context_;
+  // Blocks of memory written to the dump. These are all currently
+  // written while writing the thread list stream, but saved here
+  // so a memory list stream can be written afterwards.
+  wasteful_vector<MDMemoryDescriptor> memory_blocks_;
 };
 
 bool WriteMinidump(const char* filename, pid_t crashing_process,
                    const void* blob, size_t blob_size) {
   if (blob_size != sizeof(ExceptionHandler::CrashContext))
     return false;
   const ExceptionHandler::CrashContext* context =
       reinterpret_cast<const ExceptionHandler::CrashContext*>(blob);
   MinidumpWriter writer(filename, crashing_process, context);
   if (!writer.Init())
     return false;
   return writer.Dump();
 }
 
 }  // namespace google_breakpad