This change was partially scripted and partially done manually with vim
regex + manually placing the deleted constructors.
The script change looked for destructors in the public: section of a
class, if that existed the deleted constructors would go before the
destructor.
For manual placement I looked for any constructor in the public: section
of the corresponding class. If there wasn't one, then it would ideally
have gone as the first entry except below enums, classes and typedefs.
This may not have been perfect, but is hopefully good enough. Fingers
crossed.
#include "base/macros.h" is removed from files that don't use
ignore_result, which is the only other thing defined in base/macros.h.
Bug: chromium:1010217
Change-Id: I099526255a40b1ac1264904b4ece2f3f503c9418
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3171034
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Peter Boström <pbos@chromium.org>
Update ProcessMemoryLinux to be constructed from PtraceConnection
instead of being Initialize()d with a pid_t.
This allows consolidating PtraceClient's BrokeredMemory with
ProcessMemoryLinux and providing the PtraceConnection as a alternative
to the memory file (previously only done for brokered connections).
Change-Id: I1363e208030eaf595fb8051e9a2c6b255c1f9886
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3072402
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Chromium moved base::size() to base/cxx17_backports.h, so do the same in
mini_chromium and update the users in Crashpad.
Roll mini_chromium to 2f06f83f to make the new base header available.
Bug: chromium:1210983
Change-Id: Ie3dc4c189dcdfcac030b95fe285f94abb29a27bf
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2917779
Commit-Queue: Lei Zhang <thestig@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
The broker attempts to use sbrk() to allocate memory to track ptrace
attachments. If the process failed due to an OOM, this system call might
fail, the broker falls back to saving attachments on the stack, and then
overruns the stack.
This change updates the broker to use sys_mmap() instead of sbrk(),
which is expected to work at least as well. If sys_mmap() fails or
the first mapped page is exhausted, further attachments fail without
attempting to save them to the stack.
Bug: chromium:1128441
Change-Id: Ibffaa986403adaf3178ee77e6d210053fbf60f26
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2488280
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
We're working to decouple ChromeOS and Linux builds of Chrome.
Currently OS_CHROMEOS sets OS_LINUX, so we need to refactor
current OS_LINUX usage to make this explicit.
More information can be found at go/cros_is_linux_os_linux
BUG=chromium:1110266
TEST=manual build
Change-Id: Ie765da1ab6a0bf0286538ae1df3697abaa29aeaa
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2391116
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
If the file just needs the CHECK/CHECK_OP/NOTREACHED
macros, use the appropriate header for that instead.
Or if logging.h is not needed at all, remove it.
This is both a nice cleanup (logging.h is a big header,
and including it unnecessarily has compile-time costs),
and part of the final step towards making logging.h no
longer include check.h and the others.
Bug: chromium:1031540
Change-Id: Ia46806bd95fe498bcf3cf6d2c13ffa4081678043
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2255361
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Hans Wennborg <hans@chromium.org>
Add direct includes for things provided transitively by logging.h
(or by other headers including logging.h).
This is in preparation for cleaning up unnecessary includes of
logging.h in header files (so if something depends on logging.h,
it needs include it explicitly), and for when Chromium's logging.h
no longer includes check.h, check_op.h, and notreached.h.
DEPS is also updated to roll mini_chromium to ae14a14ab4 which
includes these new header files.
Bug: chromium:1031540
Change-Id: I36f646d0a93854989dc602d0dc7139dd7a7b8621
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2250251
Commit-Queue: Hans Wennborg <hans@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
There are a few files in the tree which use various functions defined
in string.h (memcpy, strlen, strnlen, memmove, etc), but never include
the necessary header file. After I've recently updated one of my systems
to a newer glibc version (2.30) this code failed to build. Adding the
missing includes fixes the problem.
The undeclared functions for each file are:
* simple_address_range_bag.h - memcpy
* http_multipart_builder.cc - strlen
* minidump_context_converter.cc - memcpy
* ptrace_client.cc - strlen
* http_transport_socket.cc - strncpy, strlen, memcpy
* process_memory.cc - memchr
* log_output_stream.cc - strlen
Change-Id: I3108c36b8a6927ac11f6839606cb495926fa9e4e
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2207139
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Bionic installs signal handlers which request crash
dumps from Android's debuggerd, but there are errors
in how signals which aren't automatically re-raised
are handled on Marshmallow (API 23).
Before requesting a dump, Bionic acquires a lock to
communicate with debuggerd and expecting imminent
death, never releases it.
While handling the dump request, debuggerd allows
the dying process to continue before
ptrace-detaching it. So, when Bionic manually
re-raises a signal, it is intercepted by debuggerd
and the dying process is allowed to live.
Bionic restores SIG_DFL for the signal it's just
handled, but if a different crash signal is later
recieved, Bionic attempts to reacquire the lock to
communicate with debuggerd and blocks forever.
Disable Bionic's signal handlers for these signals
on Marshmallow.
Bug: chromium:1050178
Change-Id: Ia1fc5a24161a95931684d092ba8fee2f0dfbbdbb
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2134513
Reviewed-by: Mark Mentovai <mark@chromium.org>
ProcStatReader.Threads is flaky because it relies on an internal,
imprecise measurement of boot time. The flaky test asserts that a
thread started after the main thread should have a start time >= the
main thread. The start time is returned in a timeval, with microsecond
precision, but the measurement of boot time requires two system calls
and the time between those system calls can be approximately a
microsecond. An unlucky event such as a change in system time could
make this imprecision arbitrarily bad.
This patch lets the caller of ProcStatReader.StartTime() inject the
boot time, allowing ProcStatReader to guarantee that threads have
correctly ordered time, given the same input boot time.
Bug: 1016765
Change-Id: I6e4a944a1d58c3916090bab6a4b99573e71a89fc
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1891588
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
AT_SYSINFO_EHDR may be defined even if no vdso is used. e.g. 32-bit ARM
processes have a vdso on 64-bit ARM cpus, but not on 32-bit cpus.
Change-Id: I4d9ce029bb47efc33ea16cb4c5c2055c1b9330c9
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1860935
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
When all Crashpad clients have closed their crash handling sockets,
the handler's recvmsg() returns 0 and doesn't include any credentials.
Silence error logs for this normally occurring case.
Change-Id: I56acf3b38c8e95a9bbaa9bff04e0a6859a194e66
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1816286
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
This message type allows the browser to determine the handler's process
ID to be used with `prctl(PR_SET_PTRACER, ...)`.
Bug: crashpad:284
Change-Id: I2664f3e8aee269b159de9074e389397346c808f0
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1577704
Reviewed-by: Mark Mentovai <mark@chromium.org>
sendmsg() and recvmsg() are complicated to use. Refactor their usage
into functions with a simpler, tested interface and use those instead.
This also adds CreateCredentialSocketpair() to create a pair of
connected sockets with SO_PASSCRED set. This option should be set
before the possibility of any calls to sendmsg() with the socket pair
to avoid race conditions in properly setting credentials.
Also update the handler to use Strategy::kNoPtrace (which causes the
crash dump to fail without breaking the socket connection) if the
credentials were invalid, which can happen if SO_PASSCRED was set after
the call to sendmsg() or if the sending process does not exist in this
namespace.
Change-Id: Id09f87125540255687a3c35d5bed7fa01ec07cff
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1584639
Reviewed-by: Mark Mentovai <mark@chromium.org>
Multi client socket connections allow multiple clients to request crash
dumps from a handler process using a single, shared socket connection.
This connection mode does not support using a broker process which
requires a dedicated socket connection to ensure handler messages
aren't intercepted by the wrong clients.
The handler uses SIGCONT to indicate to the crasher when a crash dump
is complete (or has failed) and may continue.
Bug: crashpad:284
Change-Id: I2031029cd254f17497cbf7e7d8740c289581e8aa
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1559306
Reviewed-by: Mark Mentovai <mark@chromium.org>
This patch adds the class ExceptionHandlerProtocol to contain all the
relevant types, but should not make any functional changes.
Change-Id: I65ada239a6bf3195899fdd96f005c042cdd59749
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1575796
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
When a crashing process is in a different PID namespace than the
handler, the crasher doesn't have a way of knowing its own thread ID in
the handler's namespace and the kernel lacks mechanisms to perform this
translation before Linux 4.1 (where the information is present in
/proc/<pid>/status:NSPid).
This patch gives the handler a way of identifying the requesting thread
by sending a stack address along with the crash dump request, which
the handler can search for in each of the process' threads.
This information is useful both for attaching exception information
to the right thread and to allow the handler to send signals to the
correct thread when using a shared socket connection.
Bug: crashpad:284, crashpad:286
Change-Id: I4fa366c8fb17f932b056265cf71a4af160ba342f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1558828
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
offsets in the MemoryMap are expressed as two's complement while
Crashpad's and mini_chromium's string conversion functions expect
negative numbers to be expressed with a '-' character.
Convert the string as unsigned and then re-interpret to signed when
necessary.
Bug: 914246
Change-Id: I76aaf092ea7ad98806be7a3f380dab4ca0425ed6
Reviewed-on: https://chromium-review.googlesource.com/c/1399372
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
This is a follow-up to c8a016b99d97, following the post-landing
discussion at
https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1393921/5#message-2058541d8c4505d20a990ab7734cd758e437a5f7
base::size, and std::size that will eventually replace it when C++17 is
assured, does not allow the size of non-static data members to be taken
in constant expression context. The remaining uses of ArraySize are in:
minidump/minidump_exception_writer.cc (×1)
minidump/minidump_system_info_writer.cc (×2, also uses base::size)
snapshot/cpu_context.cc (×4, also uses base::size)
util/misc/arraysize_test.cc (×10, of course)
The first of these occurs when initializing a constexpr variable. All
others are in expressions used with static_assert.
Includes:
Update mini_chromium to 737433ebade4d446643c6c07daae02a67e8deccao
f701716d9546 Add Windows ARM64 build target to mini_chromium
87a95a3d6ac2 Remove the arraysize macro
1f7255ead1f7 Placate MSVC in areas of base::size usage
737433ebade4 Add cast
Bug: chromium:837308
Change-Id: I6a5162654461b1bdd9b7b6864d0d71a734bcde19
Reviewed-on: https://chromium-review.googlesource.com/c/1396108
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Add MemoryMap::Iterator to support different strategies for locating
the start of module mappings on Android and Linux.
Beginning with API 21, Bionic provides android_dlopen_ext() which
allows passing a file descriptor with an existing relro segment to the
loader. This means that the mapping containing the dynamic segment
could have a name, device, and inode which are different than the
other mappings for the module.
The revised strategy for Android at API 21+ is to search all mappings
in reverse order from they dynamic array mapping until a module is
parsed with the expected dynamic array address.
Linux and Android 20- continue to select mappings using the device,
inode, and file offsets of the mappings.
Bug: crashpad:268
Change-Id: I30e95e51cb6874c00875d2a9c57f1249877736d4
Reviewed-on: https://chromium-review.googlesource.com/c/1374375
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Dirents with short names can have a d_name that fits inside padding at
the end of Dirent64.
Change-Id: I18057dad01f5a7d4a063028ca9f61fbe89ae7fc0
Reviewed-on: https://chromium-review.googlesource.com/c/1310413
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Modules mapped from zipfiles will have mappings named for the zipfile
rather than the module name and an offset into that zipfile instead of
0.
Bug: crashpad:253, crashpad:254
Change-Id: I0503d13e7b80ba7bd1cc2d241633d9c68c98f1cd
Reviewed-on: https://chromium-review.googlesource.com/1232294
Reviewed-by: Mark Mentovai <mark@chromium.org>
The general strategy used by Crashpad to determine loaded modules is to
read the link_map to get the addresses of the dynamic arrays for all
loaded modules. Those addresses can then be used to query the MemoryMap
to locate the module's mappings, and in particular the base mapping
from which Crashpad can parse the entire loaded ELF file.
ELF modules are typically loaded in several mappings with varying
permissions for different segments. The previous strategy used to find
the base mapping for a module was to search backwards from the mapping
for the dynamic array until a mapping from file offset 0 was found for
the same file. This fails when the file is mapped multiple times from
file offset 0, which can happen if the first page of the file contains
a GNU_RELRO segment.
This new strategy queries the MemoryMap for ALL mappings associated
with the dynamic array's mapping, mapped from offset 0. The consumer
(process_reader_linux.cc) can then determine which mapping is the
correct base by attempting to parse a module at that address and
corroborating the PT_DYNAMIC or program header table address from the
parsed module with the values Crashpad gets from the link_map or
auxiliary vector.
Bug: crashpad:30
Change-Id: Ibfcbba512e8fccc8c65afef734ea5640b71e9f70
Reviewed-on: https://chromium-review.googlesource.com/1139396
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
When building in chromium, the test is linked into the crashpad_tests
target instead of crashpad_util_test.
Change-Id: I4e0f6b9956f191ebac10f0aaa3812e30885a4e0a
Reviewed-on: https://chromium-review.googlesource.com/1131688
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Sanitization is controlled by a SanitizationInformation struct to be
read from the client's memory. The address of this struct is either
passed in a ClientInformation when the client requests a crash dump,
or as a flag to the handler --sanitization_information.
Bug: crashpad:30
Change-Id: I2744f8fb85b4fea7362b2b88faa4bef1da74e36b
Reviewed-on: https://chromium-review.googlesource.com/1083143
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
This change:
1. Updates the broker's memory reading protocol to enable short reads.
2. Updates Ptracer to allow short reads.
3. Updates the broker to allow reading from a memory file.
4. Updates the broker's default file root to be "/proc/[pid]/".
5. Adds PtraceConnection::Memory() to produce a suitable memory reader
for a connection type.
Bug: crashpad:30
Change-Id: I8c004016065d981acd1fa74ad1b8e51ce07c7c85
Reviewed-on: https://chromium-review.googlesource.com/991455
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
user_vfp is not declared anymore in sys/user.h, but in specific
internal kernel asm user.h in GLIBC. So building crashpad on ARMEL
with such a GLIBC will fail to build.
Also, sys/ptrace.h will not include the declarations for
PTRACE_GET_THREAD_AREA and PTRACE_GETVFPREG in arm (they are in
asm/ptrace.h and not included from sys/ptrace.h). So provide
compatibility declarations accordingly for arm architecture.
Change-Id: I58ab5274a66d84c0cbc9e9e9b23e0abc37bf67e5
Reviewed-on: https://chromium-review.googlesource.com/996073
Reviewed-by: Mark Mentovai <mark@chromium.org>
Some files, such as /proc/[pid]/maps, may not be accessible to the
handler. This enables the handler access to the contents of those files
via the broker.
This change reads maps and auxv using ReadFileContents.
Bug: crashpad:30
Change-Id: Ia19b498bae473c616ea794ab51c3f22afd5795be
Reviewed-on: https://chromium-review.googlesource.com/989406
Reviewed-by: Mark Mentovai <mark@chromium.org>
