Harden failure signal handler in the face of memory corruptions

[folly.git] / folly / experimental / symbolizer / SignalHandler.cpp

diff --git a/folly/experimental/symbolizer/SignalHandler.cpp b/folly/experimental/symbolizer/SignalHandler.cpp
index 89a58d1c85e0af513bd2144a9be501189213a545..02e5ef05219c58fa43d6c7fb3f8c81f40c63fa47 100644 (file)
--- a/folly/experimental/symbolizer/SignalHandler.cpp
+++ b/folly/experimental/symbolizer/SignalHandler.cpp
@@ -188,7 +188,17 @@ void dumpSignalInfo(int signum, siginfo_t* siginfo) {
   print("), stack trace: ***\n");
 }
 
   print("), stack trace: ***\n");
 }
 

-void dumpStackTrace() {
+namespace {
+constexpr size_t kDefaultCapacity = 500;
+
+// Note: not thread-safe, but that's okay, as we only let one thread
+// in our signal handler at a time.
+SignalSafeElfCache signalSafeElfCache(kDefaultCapacity);
+}  // namespace
+
+void dumpStackTrace(bool symbolize) __attribute__((noinline));
+
+void dumpStackTrace(bool symbolize) {

   SCOPE_EXIT { fsyncNoInt(STDERR_FILENO); };
   // Get and symbolize stack trace
   constexpr size_t kMaxStackTraceDepth = 100;
   SCOPE_EXIT { fsyncNoInt(STDERR_FILENO); };
   // Get and symbolize stack trace
   constexpr size_t kMaxStackTraceDepth = 100;


@@ -197,12 +207,25 @@ void dumpStackTrace() {
   // Skip the getStackTrace frame
   if (!getStackTraceSafe(addresses)) {
     print("(error retrieving stack trace)\n");
   // Skip the getStackTrace frame
   if (!getStackTraceSafe(addresses)) {
     print("(error retrieving stack trace)\n");

-  } else {
-    Symbolizer symbolizer;
+  } else if (symbolize) {
+    Symbolizer symbolizer(&signalSafeElfCache);

     symbolizer.symbolize(addresses);
 
     FDSymbolizePrinter printer(STDERR_FILENO, SymbolizePrinter::COLOR_IF_TTY);
     symbolizer.symbolize(addresses);
 
     FDSymbolizePrinter printer(STDERR_FILENO, SymbolizePrinter::COLOR_IF_TTY);

-    printer.println(addresses);
+
+    // Skip the top 2 frames:
+    // getStackTraceSafe
+    // dumpStackTrace (here)
+    //
+    // Leaving signalHandler on the stack for clarity, I think.
+    printer.println(addresses, 2);
+  } else {
+    print("(safe mode, symbolizer not available)\n");
+    AddressFormatter formatter;
+    for (ssize_t i = 0; i < addresses.frameCount; ++i) {
+      print(formatter.format(addresses.addresses[i]));
+      print("\n");
+    }

   }
 }
 
   }
 }
 


@@ -213,6 +236,7 @@ void dumpStackTrace() {
 constexpr pthread_t kInvalidThreadId = 0;
 
 std::atomic<pthread_t> gSignalThread(kInvalidThreadId);
 constexpr pthread_t kInvalidThreadId = 0;
 
 std::atomic<pthread_t> gSignalThread(kInvalidThreadId);

+std::atomic<bool> gInRecursiveSignalHandler(false);

 
 // Here be dragons.
 void innerSignalHandler(int signum, siginfo_t* info, void* uctx) {
 
 // Here be dragons.
 void innerSignalHandler(int signum, siginfo_t* info, void* uctx) {


@@ -222,7 +246,13 @@ void innerSignalHandler(int signum, siginfo_t* info, void* uctx) {
   pthread_t prevSignalThread = kInvalidThreadId;
   while (!gSignalThread.compare_exchange_strong(prevSignalThread, myId)) {
     if (pthread_equal(prevSignalThread, myId)) {
   pthread_t prevSignalThread = kInvalidThreadId;
   while (!gSignalThread.compare_exchange_strong(prevSignalThread, myId)) {
     if (pthread_equal(prevSignalThread, myId)) {

-      print("Entered fatal signal handler recursively. We're in trouble.\n");
+      // First time here. Try to dump the stack trace without symbolization.
+      // If we still fail, well, we're mightily screwed, so we do nothing the
+      // next time around.
+      if (!gInRecursiveSignalHandler.exchange(true)) {
+        print("Entered fatal signal handler recursively. We're in trouble.\n");
+        dumpStackTrace(false);  // no symbolization
+      }

       return;
     }
 
       return;
     }
 


@@ -237,7 +267,7 @@ void innerSignalHandler(int signum, siginfo_t* info, void* uctx) {
 
   dumpTimeInfo();
   dumpSignalInfo(signum, info);
 
   dumpTimeInfo();
   dumpSignalInfo(signum, info);

-  dumpStackTrace();
+  dumpStackTrace(true);  // with symbolization

 
   // Run user callbacks
   gFatalSignalCallbackRegistry->run();
 
   // Run user callbacks
   gFatalSignalCallbackRegistry->run();