xUnwind is a collection of Android native stack unwinding solutions.
- Support unwinding by:
- CFI (Call Frame Info): Provided by Android system library.
- EH (Exception handling GCC extension): Provided by compiler.
- FP (Frame Pointer): ARM64 only.
- Support unwinding from:
- Current execution position.
- A specified context (which may be obtained from a signal handler).
- Support unwinding for process:
- Local process.
- Remote process: CFI only.
- Support unwinding for thread(s):
- Current thread.
- Specified thread: CFI only.
- All threads: CFI only.
- Provide java method to get native backtrace directly in java code.
- Support Android 4.1 - 13 (API level 16 - 33).
- Support armeabi-v7a, arm64-v8a, x86 and x86_64.
- MIT licensed.
xUnwind is published on Maven Central, and uses Prefab package format for native dependencies, which is supported by Android Gradle Plugin 4.0+.
allprojects {
repositories {
mavenCentral()
}
}
android {
buildFeatures {
prefab true
}
}
dependencies {
implementation 'io.hexhacking:xunwind:1.1.1'
}
If you only use the java interface of xUnwind, please skip this step.
CMakeLists.txt
find_package(xunwind REQUIRED CONFIG)
add_library(mylib SHARED mylib.c)
target_link_libraries(mylib xunwind::xunwind)
Android.mk
include $(CLEAR_VARS)
LOCAL_MODULE := mylib
LOCAL_SRC_FILES := mylib.c
LOCAL_SHARED_LIBRARIES += xunwind
include $(BUILD_SHARED_LIBRARY)
$(call import-module,prefab/xunwind)
android {
defaultConfig {
ndk {
abiFilters 'armeabi-v7a', 'arm64-v8a', 'x86', 'x86_64'
}
}
}
If you are using xUnwind in an SDK project, you may need to avoid packaging libxunwind.so into your AAR, so as not to encounter duplicate libxunwind.so file when packaging the app project.
android {
packagingOptions {
exclude '**/libxunwind.so'
}
}
On the other hand, if you are using xUnwind in an APP project, you may need to add some options to deal with conflicts caused by duplicate libxunwind.so file.
android {
packagingOptions {
pickFirst '**/libxunwind.so'
}
}
There is a sample app in the xunwind-sample folder you can refer to.
#include "xunwind.h"
#define XUNWIND_CURRENT_PROCESS (-1)
#define XUNWIND_CURRENT_THREAD (-1)
#define XUNWIND_ALL_THREADS (-2)
void xunwind_cfi_log(pid_t pid, pid_t tid, void *context, const char *logtag, android_LogPriority priority, const char *prefix);
void xunwind_cfi_dump(pid_t pid, pid_t tid, void *context, int fd, const char *prefix);
char *xunwind_cfi_get(pid_t pid, pid_t tid, void *context, const char *prefix);
These three functions correspond to three ways of obtaining backtrace. They are:
log
to Android logcat.dump
to a place associated with FD (such as file, pipe, socket, etc.).get
and return a string (which is allocated on the heap withmalloc()
, you need tofree()
it yourself).
The pid
parameter is used to specify the backtrace of which process needs to be obtained, which can be the current process (XUNWIND_CURRENT_PROCESS
/ getpid()
) or another process.
The tid
parameter is used to specify the backtrace of which thread or threads need to be obtained, which can be the current thread (XUNWIND_CURRENT_THREAD
/ gettid()
), a specified thread, or all threads (XUNWIND_ALL_THREADS
).
The optional context
parameter is used to pass a register context information. For example, in signal handler, you may need to start unwinding from a specific context.
The optional prefix
parameter is used to specify a prefix string for each line of backtrace.
size_t xunwind_fp_unwind(uintptr_t* frames, size_t frames_cap, void *context);
size_t xunwind_eh_unwind(uintptr_t* frames, size_t frames_cap, void *context);
void xunwind_frames_log(uintptr_t* frames, size_t frames_sz, const char *logtag, android_LogPriority priority, const char *prefix);
void xunwind_frames_dump(uintptr_t* frames, size_t frames_sz, int fd, const char *prefix);
char *xunwind_frames_get(uintptr_t* frames, size_t frames_sz, const char *prefix);
Currently, FP unwinding is ARM64 only.
xunwind_fp_unwind
and xunwind_eh_unwind
saves the absolute-PCs of the unwinding result in the array pointed to by frames
(frames_cap
is the size of the array), and returns the number of absolute-PCs actually obtained.
The meaning of the optional context
parameter is the same as that of CFI unwinding.
The remaining three functions are used to convert the absolute-PCs in the frames
array into backtrace (the size of the array is specified by frames_sz
). Same as CFI unwinding, respectively output to Android logcat, FD, and return as a string.
import io.hexhacking.xunwind.XUnwind;
public static void init();
The only thing init()
does is System.loadLibrary("xunwind")
. If you only use xUnwind in native code, no initialization is required.
public static void logLocalCurrentThread(String logtag, int priority, String prefix);
public static void logLocalThread(int tid, String logtag, int priority, String prefix);
public static void logLocalAllThread(String logtag, int priority, String prefix);
public static void logRemoteThread(int pid, int tid, String logtag, int priority, String prefix);
public static void logRemoteAllThread(int pid, String logtag, int priority, String prefix);
public static void dumpLocalCurrentThread(int fd, String prefix);
public static void dumpLocalThread(int tid, int fd, String prefix);
public static void dumpLocalAllThread(int fd, String prefix);
public static void dumpRemoteThread(int pid, int tid, int fd, String prefix);
public static void dumpRemoteAllThread(int pid, int fd, String prefix);
public static String getLocalCurrentThread(String prefix);
public static String getLocalThread(int tid, String prefix);
public static String getLocalAllThread(String prefix);
public static String getRemoteThread(int pid, int tid, String prefix);
public static String getRemoteAllThread(int pid, String prefix);
All native CFI unwinding capabilities have corresponding java functions. They call the native CFI unwinding functions through JNI.
FP and EH unwinding do not have corresponding java functions. Because compared to CFI unwinding, their main advantage is faster execution speed (but the backtrace is not as complete as CFI unwinding), so they are always only used in native code. If you are a java programmer, just use the CFI unwinding functions here.
xUnwind is MIT licensed, as found in the LICENSE file.
xCrash 2.x contains a set of methods xcc_unwind_* to get backtrace, which is used to try to get backtrace directly from the signal handler when the dumper child process fails. Now we have improved and expanded this set of functions so that they can be used in more scenarios.