mac: Tests that crash intentionally shouldn’t go to ReportCrash
Crashpad has many tests that crash intentionally. Some of these are
gtest death tests, and others arrange for intentional crashes to test
Crashpad’s own crash-catching logic. On macOS, all of the gtest death
tests and some of the other intentional crashes were being logged by
ReportCrash, the system’s crash reporter. Since these reports
corresponded to intentional crashes, they were never useful, and served
only to clutter ~/Library/Logs/DiagnosticReports.
Since Crashpad is adept at handling exceptions on its own, this
introduces the “exception swallowing server”,
crashpad_exception_swallower, which is a Mach exception server that
implements a no-op exception handler routine for all exceptions
received. The exception swallowing server is established as the task
handler for EXC_CRASH and EXC_CORPSE_NOTIFY exceptions during gtest
death tests invoked by {ASSERT,EXPECT}_DEATH_{CHECK,CRASH}, and for all
child processes invoked by the Multiprocess test infrastructure. The
exception swallowing server is not in effect at other times, so
unexpected crashes in test code can still be handled by ReportCrash or
another crash reporter.
With this change in place, no new reports are generated in the
user-level ~/Library/Logs/DiagnosticReports or the system’s
/Library/Logs/DiagnosticReports during a run of Crashpad’s full test
suite on macOS.
Bug: crashpad:33
Change-Id: I13891853a7e25accc30da21fa7ea8bd7d1f3bd2f
Reviewed-on: https://chromium-review.googlesource.com/777859
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2017-11-20 13:32:26 -05:00
|
|
|
|
// Copyright 2017 The Crashpad Authors. All rights reserved.
|
|
|
|
|
//
|
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
|
//
|
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
//
|
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
|
|
#ifndef CRASHPAD_UTIL_POSIX_DOUBLE_FORK_AND_EXEC_H_
|
|
|
|
|
#define CRASHPAD_UTIL_POSIX_DOUBLE_FORK_AND_EXEC_H_
|
|
|
|
|
|
|
|
|
|
#include <string>
|
|
|
|
|
#include <vector>
|
|
|
|
|
|
|
|
|
|
namespace crashpad {
|
|
|
|
|
|
|
|
|
|
//! \brief Executes a (grand-)child process.
|
|
|
|
|
//!
|
|
|
|
|
//! The grandchild process will be started through the
|
|
|
|
|
//! double-`fork()`-and-`execv()` pattern. This allows the grandchild to fully
|
|
|
|
|
//! disassociate from the parent. The grandchild will not be a member of the
|
|
|
|
|
//! parent’s process group or session and will not have a controlling terminal,
|
|
|
|
|
//! providing isolation from signals not intended for it. The grandchild’s
|
|
|
|
|
//! parent process, in terms of the process tree hierarchy, will be the process
|
|
|
|
|
//! with process ID 1, relieving any other process of the responsibility to reap
|
|
|
|
|
//! it via `waitpid()`. Aside from the three file descriptors associated with
|
|
|
|
|
//! the standard input/output streams and any file descriptor passed in \a
|
|
|
|
|
//! preserve_fd, the grandchild will not inherit any file descriptors from the
|
|
|
|
|
//! parent process.
|
|
|
|
|
//!
|
|
|
|
|
//! \param[in] argv The argument vector to start the grandchild process with.
|
|
|
|
|
//! `argv[0]` is used as the path to the executable.
|
2018-08-29 07:28:10 -07:00
|
|
|
|
//! \param[in] envp A vector of environment variables of the form `var=value` to
|
|
|
|
|
//! be passed to `execve()`. If this value is `nullptr`, the current
|
|
|
|
|
//! environment is used.
|
mac: Tests that crash intentionally shouldn’t go to ReportCrash
Crashpad has many tests that crash intentionally. Some of these are
gtest death tests, and others arrange for intentional crashes to test
Crashpad’s own crash-catching logic. On macOS, all of the gtest death
tests and some of the other intentional crashes were being logged by
ReportCrash, the system’s crash reporter. Since these reports
corresponded to intentional crashes, they were never useful, and served
only to clutter ~/Library/Logs/DiagnosticReports.
Since Crashpad is adept at handling exceptions on its own, this
introduces the “exception swallowing server”,
crashpad_exception_swallower, which is a Mach exception server that
implements a no-op exception handler routine for all exceptions
received. The exception swallowing server is established as the task
handler for EXC_CRASH and EXC_CORPSE_NOTIFY exceptions during gtest
death tests invoked by {ASSERT,EXPECT}_DEATH_{CHECK,CRASH}, and for all
child processes invoked by the Multiprocess test infrastructure. The
exception swallowing server is not in effect at other times, so
unexpected crashes in test code can still be handled by ReportCrash or
another crash reporter.
With this change in place, no new reports are generated in the
user-level ~/Library/Logs/DiagnosticReports or the system’s
/Library/Logs/DiagnosticReports during a run of Crashpad’s full test
suite on macOS.
Bug: crashpad:33
Change-Id: I13891853a7e25accc30da21fa7ea8bd7d1f3bd2f
Reviewed-on: https://chromium-review.googlesource.com/777859
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2017-11-20 13:32:26 -05:00
|
|
|
|
//! \param[in] preserve_fd A file descriptor to be inherited by the grandchild
|
|
|
|
|
//! process. This file descriptor is inherited in addition to the three file
|
|
|
|
|
//! descriptors associated with the standard input/output streams. Use `-1`
|
|
|
|
|
//! if no additional file descriptors are to be inherited.
|
|
|
|
|
//! \param[in] use_path Whether to consult the `PATH` environment variable when
|
|
|
|
|
//! requested to start an executable at a non-absolute path. If `false`,
|
|
|
|
|
//! `execv()`, which does not consult `PATH`, will be used. If `true`,
|
|
|
|
|
//! `execvp()`, which does consult `PATH`, will be used.
|
|
|
|
|
//! \param[in] child_function If not `nullptr`, this function will be called in
|
|
|
|
|
//! the intermediate child process, prior to the second `fork()`. Take note
|
|
|
|
|
//! that this function will run in the context of a forked process, and must
|
|
|
|
|
//! be safe for that purpose.
|
|
|
|
|
//!
|
2018-08-29 07:28:10 -07:00
|
|
|
|
//! Setting both \a envp to a value other than `nullptr` and \a use_path to
|
|
|
|
|
//! `true` is not currently supported.
|
|
|
|
|
//!
|
mac: Tests that crash intentionally shouldn’t go to ReportCrash
Crashpad has many tests that crash intentionally. Some of these are
gtest death tests, and others arrange for intentional crashes to test
Crashpad’s own crash-catching logic. On macOS, all of the gtest death
tests and some of the other intentional crashes were being logged by
ReportCrash, the system’s crash reporter. Since these reports
corresponded to intentional crashes, they were never useful, and served
only to clutter ~/Library/Logs/DiagnosticReports.
Since Crashpad is adept at handling exceptions on its own, this
introduces the “exception swallowing server”,
crashpad_exception_swallower, which is a Mach exception server that
implements a no-op exception handler routine for all exceptions
received. The exception swallowing server is established as the task
handler for EXC_CRASH and EXC_CORPSE_NOTIFY exceptions during gtest
death tests invoked by {ASSERT,EXPECT}_DEATH_{CHECK,CRASH}, and for all
child processes invoked by the Multiprocess test infrastructure. The
exception swallowing server is not in effect at other times, so
unexpected crashes in test code can still be handled by ReportCrash or
another crash reporter.
With this change in place, no new reports are generated in the
user-level ~/Library/Logs/DiagnosticReports or the system’s
/Library/Logs/DiagnosticReports during a run of Crashpad’s full test
suite on macOS.
Bug: crashpad:33
Change-Id: I13891853a7e25accc30da21fa7ea8bd7d1f3bd2f
Reviewed-on: https://chromium-review.googlesource.com/777859
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2017-11-20 13:32:26 -05:00
|
|
|
|
//! \return `true` on success, and `false` on failure with a message logged.
|
|
|
|
|
//! Only failures that occur in the parent process that indicate a definite
|
|
|
|
|
//! failure to start the the grandchild are reported in the return value.
|
|
|
|
|
//! Failures in the intermediate child or grandchild processes cannot be
|
|
|
|
|
//! reported in the return value, and are addressed by logging a message and
|
|
|
|
|
//! terminating. The caller assumes the responsibility for detecting such
|
|
|
|
|
//! failures, for example, by observing a failure to perform a successful
|
|
|
|
|
//! handshake with the grandchild process.
|
|
|
|
|
bool DoubleForkAndExec(const std::vector<std::string>& argv,
|
2018-08-29 07:28:10 -07:00
|
|
|
|
const std::vector<std::string>* envp,
|
mac: Tests that crash intentionally shouldn’t go to ReportCrash
Crashpad has many tests that crash intentionally. Some of these are
gtest death tests, and others arrange for intentional crashes to test
Crashpad’s own crash-catching logic. On macOS, all of the gtest death
tests and some of the other intentional crashes were being logged by
ReportCrash, the system’s crash reporter. Since these reports
corresponded to intentional crashes, they were never useful, and served
only to clutter ~/Library/Logs/DiagnosticReports.
Since Crashpad is adept at handling exceptions on its own, this
introduces the “exception swallowing server”,
crashpad_exception_swallower, which is a Mach exception server that
implements a no-op exception handler routine for all exceptions
received. The exception swallowing server is established as the task
handler for EXC_CRASH and EXC_CORPSE_NOTIFY exceptions during gtest
death tests invoked by {ASSERT,EXPECT}_DEATH_{CHECK,CRASH}, and for all
child processes invoked by the Multiprocess test infrastructure. The
exception swallowing server is not in effect at other times, so
unexpected crashes in test code can still be handled by ReportCrash or
another crash reporter.
With this change in place, no new reports are generated in the
user-level ~/Library/Logs/DiagnosticReports or the system’s
/Library/Logs/DiagnosticReports during a run of Crashpad’s full test
suite on macOS.
Bug: crashpad:33
Change-Id: I13891853a7e25accc30da21fa7ea8bd7d1f3bd2f
Reviewed-on: https://chromium-review.googlesource.com/777859
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2017-11-20 13:32:26 -05:00
|
|
|
|
int preserve_fd,
|
|
|
|
|
bool use_path,
|
|
|
|
|
void (*child_function)());
|
|
|
|
|
|
|
|
|
|
} // namespace crashpad
|
|
|
|
|
|
|
|
|
|
#endif // CRASHPAD_UTIL_POSIX_DOUBLE_FORK_AND_EXEC_H_
|