diff options
Diffstat (limited to 'memory/mozalloc/mozalloc_abort.cpp')
-rw-r--r-- | memory/mozalloc/mozalloc_abort.cpp | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/memory/mozalloc/mozalloc_abort.cpp b/memory/mozalloc/mozalloc_abort.cpp new file mode 100644 index 0000000000..3cfc92533e --- /dev/null +++ b/memory/mozalloc/mozalloc_abort.cpp @@ -0,0 +1,96 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * vim: sw=2 ts=4 et : + */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/mozalloc_abort.h" + +#ifdef ANDROID +# include <android/log.h> +#endif +#ifdef MOZ_WIDGET_ANDROID +# include "APKOpen.h" +# include "dlfcn.h" +#endif +#include <stdio.h> +#include <string.h> + +#include "mozilla/Assertions.h" +#include "mozilla/Sprintf.h" + +void mozalloc_abort(const char* const msg) { +#ifndef ANDROID + fputs(msg, stderr); + fputs("\n", stderr); +#else + __android_log_print(ANDROID_LOG_ERROR, "Gecko", "mozalloc_abort: %s", msg); +#endif + +#ifdef MOZ_WIDGET_ANDROID + abortThroughJava(msg); +#endif + + MOZ_CRASH_UNSAFE(msg); +} + +#ifdef MOZ_WIDGET_ANDROID +template <size_t N> +void fillAbortMessage(char (&msg)[N], uintptr_t retAddress) { + /* + * On Android, we often don't have reliable backtrace when crashing inside + * abort(). Therefore, we try to find out who is calling abort() and add + * that to the message. + */ + Dl_info info = {}; + dladdr(reinterpret_cast<void*>(retAddress), &info); + + const char* const module = info.dli_fname ? info.dli_fname : ""; + const char* const base_module = strrchr(module, '/'); + const void* const module_offset = + reinterpret_cast<void*>(retAddress - uintptr_t(info.dli_fbase)); + const char* const sym = info.dli_sname ? info.dli_sname : ""; + + SprintfLiteral(msg, "abort() called from %s:%p (%s)", + base_module ? base_module + 1 : module, module_offset, sym); +} +#endif + +#if defined(XP_UNIX) && !defined(MOZ_ASAN) && !defined(MOZ_TSAN) && \ + !defined(LIBFUZZER) +// Define abort() here, so that it is used instead of the system abort(). This +// lets us control the behavior when aborting, in order to get better results +// on *NIX platforms. See mozalloc_abort for details. +// +// For AddressSanitizer, we must not redefine system abort because the ASan +// option "abort_on_error=1" calls abort() and therefore causes the following +// call chain with our redefined abort: +// +// ASan -> abort() -> moz_abort() -> MOZ_CRASH() -> Segmentation fault +// +// That segmentation fault will be interpreted as another bug by ASan and as a +// result, ASan will just exit(1) instead of aborting. +// +// The same applies to ThreadSanitizer when run with "halt_on_error=1" in +// combination with "abort_on_error=1". +// +// When building with libFuzzer, it pulls in the UndefinedBehaviorSanitizer +// runtime which also requires the same workaround as with ASan or TSan. +extern "C" void abort(void) { +# ifdef MOZ_WIDGET_ANDROID + char msg[64] = {}; + fillAbortMessage(msg, uintptr_t(__builtin_return_address(0))); +# else + const char* const msg = "Redirecting call to abort() to mozalloc_abort\n"; +# endif + + mozalloc_abort(msg); + + // We won't reach here because mozalloc_abort() is MOZ_NORETURN. But that + // annotation isn't used on ARM (see mozalloc_abort.h for why) so we add a + // unreachable marker here to avoid a "'noreturn' function does return" + // warning. + MOZ_ASSUME_UNREACHABLE_MARKER(); +} +#endif |