When code raises an Objective-C exception, unwind the stack looking for
any exception handlers. If an exception handler is encountered, test to
see if it is a function known to be a catch-and-rethrow 'sinkhole'
exception handler. Various routines in UIKit and elsewhere do this, and
they obscure the exception stack, since the original throw location is
no longer present on the stack (just the re-throw) when Crashpad
captures the crash report. In the case of sinkholes, trigger an
immediate exception to capture the original stack.
The is an improvement over the alternative,
NSSetUncaughtExceptionHandler, which passes along the stack frames, but
not the stack memory contents and full exception context itself.
The details of what happens after a fatal exception is triggered are
unresolved in this CL. For now, simply call std::terminate.
This code was inspired by chromium/src/chrome/browser/mac/
exception_processor.mm.
Bug: crashpad:31
Change-Id: Ieebc6476a0507c466c8219c10f790ec0a624e58c
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2125254
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Bionic installs signal handlers which request crash
dumps from Android's debuggerd, but there are errors
in how signals which aren't automatically re-raised
are handled on Marshmallow (API 23).
Before requesting a dump, Bionic acquires a lock to
communicate with debuggerd and expecting imminent
death, never releases it.
While handling the dump request, debuggerd allows
the dying process to continue before
ptrace-detaching it. So, when Bionic manually
re-raises a signal, it is intercepted by debuggerd
and the dying process is allowed to live.
Bionic restores SIG_DFL for the signal it's just
handled, but if a different crash signal is later
recieved, Bionic attempts to reacquire the lock to
communicate with debuggerd and blocks forever.
Disable Bionic's signal handlers for these signals
on Marshmallow.
Bug: chromium:1050178
Change-Id: Ia1fc5a24161a95931684d092ba8fee2f0dfbbdbb
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2134513
Reviewed-by: Mark Mentovai <mark@chromium.org>
Fixes the chromium presubmit error for UTF8String:
The use of -[NSString UTF8String] is dangerous as it can return null
even if |canBeConvertedToEncoding:NSUTF8StringEncoding| returns YES.
Please use |SysNSStringToUTF8| instead.
Bug: crashpad:31
Change-Id: Iaf939012ea9d342f6a01af58119cef962319aefe
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2119613
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Gather most of the necessary information for the system snapshot.
Note that:
- The 'capture' portion of this CL will be moved out of the snapshot
interface and into a separate in-process dump to disk location.
- All of the pointer dereferences need to be wrapped in vm_read.
- The read-fast-and-dump logic in thread_snapshot may end up in a
different file completely, but until we pick a
serialization/deserialization method, keep it as-is.
Bug: crashpad:31
Change-Id: Iac82491fdb4a823163f02149f52a1e18e26fa9de
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2090173
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This may help us debug some issues where the thread is failing to
suspend.
Bug: b/151318587
Change-Id: I0d2d539f769ebb1cdd71606e1d23d8fa66673879
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2103411
Commit-Queue: John Bauman <jbauman@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
These should be the remaining instances of UB errors we see.
Bug: fuchsia:46805
Change-Id: Id8285386fd6cb52518f6076ddb79ac60025f9f87
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2067754
Reviewed-by: Scott Graham <scottmg@chromium.org>
Commit-Queue: Scott Graham <scottmg@chromium.org>
First steps at bringing up the crashpad_client on iOS. Also updates
the XCUITest to trigger various crashes, with some swizzling
necessary to allow crashes.
Change-Id: I87dd36bed1c052b509d14bfa29679ed81e58a377
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2039470
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Rohit Rao <rohitrao@chromium.org>
lld wants to remove bl/blx substitution for non-function symbols
(https://reviews.llvm.org/D73542). GNU ld apparently already doesn't
do it.
Since _ZN8crashpad14CaptureContextEP10ucontext_t wasn't marked as a function,
chromium's thumb code would then branch without mode transition into
crashpads non-thumb assembly (in arm32).
So mark the symbol as function, so that things work even if that patch
relands. This should also make things work with GNU ld, though I haven't
verified that it was broken before and works now.
I also did this for aarch64 since it seems like The Right Thing To Do
(assuming the assembler accepts it, which I also haven't checked --
the CQ will hopefully check that).
Bug: chromium:1049649
Change-Id: I3452c16f0d52a2dc0397fd3d60d06b5c39a4b524
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2044144
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Nico Weber <thakis@chromium.org>
- Add option to log minidump in handler_main, also add option to
disable to dump minidump and generate report.
- Implement log minidump in CrashReportExceptionHandler.
Bug: crashpad:308
Change-Id: I8d2f7e118912011a8416f1ec36c9ee9d561d06e6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1995825
Commit-Queue: Tao Bai <michaelbai@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
- This tool could compress/encode or decode/decompress the minidump
log file, will be used by script to symbolize the crash.
- Added FileOutputStream and FileEncoder.
Bug: crashpad:308
Change-Id: I15c3e4908882a09983ec81a90e38249967c29fc4
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1968059
Commit-Queue: Tao Bai <michaelbai@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Emit the received data to Android logcat in Android, and noop for
other platforms.
Bug: crashpad:308
Change-Id: I6e46e2fa8bd61f93f614ad0bfb6441a79139b04b
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1958711
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
This CL modifies the creation of the Named Pipe Security Descriptor to
allow access from AppContainer processes. The DACL only allows access for
the current user and SYSTEM which matches up with the auto-assigned DACL
used previously (the read-only logon SID ACE has been removed). As this
new code uses APIs from ADVAPI32 a check is made to ensure it's not being
called while the loader lock is held to avoid hitting previous similar
issues.
Bug: crashpad: 318
Change-Id: I3f9cf5c788dbadacad21c8a2d57a0188f690ac32
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1955982
Commit-Queue: James Forshaw <forshaw@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
"\r\n" was used instead of "\n" on four new files.
No other "\r" appears in any text file, repository-wide.
Bug: crashpad:316
Change-Id: I94f5d20cd2498e76efdee6062382669362e6e53d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1954713
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
This CL adds code to check if the current thread holds the DLL loader
lock. This code can be used to enforce the requirement that certain
parts of crashpad, such as process creation are not done during calls
to DllMain which can lead to deadlocks and crashes. Only one check is
current enforced, in client process creation, and only in debug builds.
Bug: crashpad: 316
Change-Id: I5757a264bbf28ce2ab88a0cd7ac9481e46428c17
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1945993
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
Commit-Queue: James Forshaw <forshaw@chromium.org>
ProcStatReader.Threads is flaky because it relies on an internal,
imprecise measurement of boot time. The flaky test asserts that a
thread started after the main thread should have a start time >= the
main thread. The start time is returned in a timeval, with microsecond
precision, but the measurement of boot time requires two system calls
and the time between those system calls can be approximately a
microsecond. An unlucky event such as a change in system time could
make this imprecision arbitrarily bad.
This patch lets the caller of ProcStatReader.StartTime() inject the
boot time, allowing ProcStatReader to guarantee that threads have
correctly ordered time, given the same input boot time.
Bug: 1016765
Change-Id: I6e4a944a1d58c3916090bab6a4b99573e71a89fc
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1891588
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
* this renders as "HTTPTransport/HTTPTransport.ValidFormData_Gzip/http"
instead of the default "HTTPTransport/HTTPTransport.ValidFormData_Gzip/0"
* switch the parameter type from a base::FilePath::StringType to a string
Change-Id: I19743966406f92176c566827d74a79aef5a87bb5
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1900324
Reviewed-by: Scott Graham <scottmg@chromium.org>
Commit-Queue: Francois Rousseau <frousseau@google.com>
Chromium requires build artifacts to be generated deterministically so
commit a long-lived (10 years) test certificate to the repository.
Change-Id: I7a6e2441f506196ca58fbbf757648fa0ac70bc9a
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1872188
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
Or else the uploader will check fail when uploading to https://...
Change-Id: I88a765215cc7bff5809b8effd92f4e39bebd1e5b
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1860940
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
AT_SYSINFO_EHDR may be defined even if no vdso is used. e.g. 32-bit ARM
processes have a vdso on 64-bit ARM cpus, but not on 32-bit cpus.
Change-Id: I4d9ce029bb47efc33ea16cb4c5c2055c1b9330c9
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1860935
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Since gtest 00938b2b228f, gtest has built-in first-class support for
skipping tests, which is functionally identical (at least in Crashpad’s
usage) to the home-grown support for run-time dynamically disabled tests
introduced in Crashpad 5e9ed4cb9f69.
Use the new standard pattern, and remove all vestiges of the custom
local one.
This was done previously in 79f4a3970a64, but was reverted in
bba9d0819c12 because Chromium’s test launcher did not support
GTEST_SKIP() at the time. The deficiency is on file as
https://crbug.com/912138.
While that bug was never specifically marked as “fixed” and I haven’t
found what changed in Chromium, I do now see some use of GTEST_SKIP() in
Chromium. I also prototyped this change in Chromium at
https://chromium-review.googlesource.com/c/1854691/ and found that
GTEST_SKIP() does indeed now appear to work.
Change-Id: I13fef8fe8bfd9854a40dfa5910a3282d1a85bc45
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1855380
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
When all Crashpad clients have closed their crash handling sockets,
the handler's recvmsg() returns 0 and doesn't include any credentials.
Silence error logs for this normally occurring case.
Change-Id: I56acf3b38c8e95a9bbaa9bff04e0a6859a194e66
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1816286
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
This change stops IsRegularFile and IsDirectory from logging
an error in the instance that a file or directory cannot be found.
Change-Id: I9f3c409933245708db775f566a27f5e49b2c71f3
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1795924
Commit-Queue: Francois Rousseau <frousseau@google.com>
Reviewed-by: Scott Graham <scottmg@chromium.org>
This patch updates gyp_crashpad_android.py to function with NDK r20,
removes the requirement to generate a standalone toolchain, and updates
documentation on building for Android.
Also some gyp build fixes.
Change-Id: Ide338417ab2a21eca7a4bf42c1fb834e5639c186
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1798746
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
This is the 1st patch for logging minidump in Android. it adds
OutputStream interface and zlib implementation for output pipline.
Bug: crashpad:308
Change-Id: I4738b8f223886049e6e259b9b25c00e5120156e5
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1745355
Commit-Queue: Tao Bai <michaelbai@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
The ProcessMemorySanitized implementation only allows reads to a given
process if it falls within a given whitelist of memory ranges. This
ensures that 'sanitized' snapshots only allow reading memory that was
explicitly allowed.
Bug: crashpad:263, chromium:973167
Change-Id: I72712d7ea3cabfd49cc91ffbe563cb349e6fcfdb
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1752593
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
generate_dump is not being used on Fuchsia (because only the system-reporter
version of Fuchsia Crashpad is actively used).
GetProcessFromKoid() is becoming increasingly difficult to implement, so simply
de-port generate_dump until we actually need it again in the future (if ever).
Removes GetRootJob().
Change-Id: Ib5e5d8e79177506da4b2e0e0382f3fdd2502840b
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1726695
Commit-Queue: Scott Graham <scottmg@chromium.org>
Reviewed-by: Francois Rousseau <frousseau@google.com>
Most Crashpad builds use Microsoft's armasm64.exe macro assembler
for .asm source files. When building in Chromium, clang-cl is used
as the assembler instead. Since the two assemblers recognize different
assembly dialects, the same .asm file can't be used for each.
As a workaround, use a prebuilt .obj file when the Microsoft-dialect
assembler isn't available.
The obj file is generated from the capture_context_win_arm64.asm
by armasm64 macro assembler. If this asm file is modified,
the obj file needs to be updated.
Change-Id: Id5a4a949997a27b04815aeb79b2540d30a52d34c
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1632749
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Removes the remaining references to the old port-based exception APIs in
favor of the new channel-based APIs.
Bug: fuchsia:ZX-4031
Test: runtests on emulator and device
Change-Id: Ieac5b66c2f676966d1018d771cab6c8635f12a8f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1700321
Reviewed-by: Francois Rousseau <frousseau@google.com>
Commit-Queue: Francois Rousseau <frousseau@google.com>
This patch also updates WorkerThread to execute DoWork() when
DoWorkNow() has been called, which is relevant when DoWorkNow() and
Stop() have both been called. This occurs regularly on Android where
the handler's current normal mode is to dump a single process and exit.
This change ensures the upload thread has a chance to upload the report
before the handler exits.
This change should not affect upload on Chrome/WebView/Chromecast which
don't pass Crashpad a --url option and are still responsible for their
own uploads.
Change-Id: Ie5553eafc13714f0438b4b133a92516f7abec153
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1643710
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Previously, both the invocation to mig and mig's internal code would use xcrun
to locate binaries. When we're using the hermetic toolchain, we want to
explicitly specify the binaries to use and we want to avoid calls to xcrun.
Bug: chromium:971452
Change-Id: I8527368e0846bc72789e6454fcd626b028d297ff
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1650147
Commit-Queue: Erik Chen <erikchen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
The ProcessInfo initialization fails on ARM on Windows with
'ReadProcessData failed'.
The 64-bit detection logic only checks whether it's on x64 and ignores
ARM64. On ARM64, the ReadProcessData template should be instantiated
with internal::Traits64 as it is on x64.
Test: Run crashpad_tests on ARM, 'ReadProcessData failed' is gone
Change-Id: I0f47d8601a39aaa1b8ba07d34d1f41b7739233e7
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1615024
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
This message type allows the browser to determine the handler's process
ID to be used with `prctl(PR_SET_PTRACER, ...)`.
Bug: crashpad:284
Change-Id: I2664f3e8aee269b159de9074e389397346c808f0
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1577704
Reviewed-by: Mark Mentovai <mark@chromium.org>
sendmsg() and recvmsg() are complicated to use. Refactor their usage
into functions with a simpler, tested interface and use those instead.
This also adds CreateCredentialSocketpair() to create a pair of
connected sockets with SO_PASSCRED set. This option should be set
before the possibility of any calls to sendmsg() with the socket pair
to avoid race conditions in properly setting credentials.
Also update the handler to use Strategy::kNoPtrace (which causes the
crash dump to fail without breaking the socket connection) if the
credentials were invalid, which can happen if SO_PASSCRED was set after
the call to sendmsg() or if the sending process does not exist in this
namespace.
Change-Id: Id09f87125540255687a3c35d5bed7fa01ec07cff
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1584639
Reviewed-by: Mark Mentovai <mark@chromium.org>
Multi client socket connections allow multiple clients to request crash
dumps from a handler process using a single, shared socket connection.
This connection mode does not support using a broker process which
requires a dedicated socket connection to ensure handler messages
aren't intercepted by the wrong clients.
The handler uses SIGCONT to indicate to the crasher when a crash dump
is complete (or has failed) and may continue.
Bug: crashpad:284
Change-Id: I2031029cd254f17497cbf7e7d8740c289581e8aa
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1559306
Reviewed-by: Mark Mentovai <mark@chromium.org>
This patch adds the class ExceptionHandlerProtocol to contain all the
relevant types, but should not make any functional changes.
Change-Id: I65ada239a6bf3195899fdd96f005c042cdd59749
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1575796
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Until now we've been stuffing ELF debug symbol link information into a
CodeViewPDB70. This has reached the limits of its usefulness. We now add
a CodeViewRecord that can contain a proper ELF build ID.
Change-Id: Ice52cb2a958a1b9031943f280d9054da02d2f17d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1574107
Commit-Queue: Casey Dahlin <sadmac@google.com>
Reviewed-by: Mark Mentovai <mark@chromium.org>
When a crashing process is in a different PID namespace than the
handler, the crasher doesn't have a way of knowing its own thread ID in
the handler's namespace and the kernel lacks mechanisms to perform this
translation before Linux 4.1 (where the information is present in
/proc/<pid>/status:NSPid).
This patch gives the handler a way of identifying the requesting thread
by sending a stack address along with the crash dump request, which
the handler can search for in each of the process' threads.
This information is useful both for attaching exception information
to the right thread and to allow the handler to send signals to the
correct thread when using a shared socket connection.
Bug: crashpad:284, crashpad:286
Change-Id: I4fa366c8fb17f932b056265cf71a4af160ba342f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1558828
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
now that we import fuchsia-sysinfo and fdio, this isn't really just zx anymore
Change-Id: Ic42359ce3d230e214ebdbbefb880ccb021434a0f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1555533
Reviewed-by: Scott Graham <scottmg@chromium.org>
Commit-Queue: Francois Rousseau <frousseau@google.com>
Writing directly into buf.tmp causes the nul-terminator to overflow
into buf.crlf, which upsets some overflow detectors.
Bug: crashpad:289
Change-Id: I241f1ae239ed8360ac5dfd245cb70e919ae73cd1
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1545014
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
* a thread blocked in an exception is technically not suspended on Fuchsia
* this will take care of the spurious error message "thread failed to suspend: ZX_ERR_TIMED_OUT (-21)" introduced in https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1536268
Bug: fuchsia/ZX-3772
Tested: `fx run-test crashpad_test` on Fuchsia; verified with `fx shell crasher` no error message
Change-Id: I5306732ef7c5a4f2c0fe84bc072506d57a43931e
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1538558
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Francois Rousseau <frousseau@google.com>
Previously, we included lib/fdio/util.h, but that header is being
removed. The declarations we need are in lib/fdio/fdio.h now.
Change-Id: I094b328766f1c67571044f85717b788eded1d142
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1508635
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Adam Barth <abarth@chromium.org>
9d26012e9c73 relaxed the requirement on ScopedMmap such that the length
of the region supervised no longer needed to be provided as a round
number of pages. This was accomplished by internally rounding up the
provided length to a page length. Unfortunately, this made
ScopedMmap::len() return something other than the passed-in length,
which is undesirable. This change makes ScopedMmap store the passed-in
length internally, making it available unmodified via the accessor, and
rounding it up to page length at internal points of use.
Change-Id: I827925af68e38f33bfa3cee535db0f098884fc6b
Reviewed-on: https://chromium-review.googlesource.com/c/1492774
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
apple_cf is just a header, but we’ve got a BUILD.gn for
third_party/cpp-httplib, which is also just a header.
Change-Id: Ib42c25657b5964678d14682a0a802ebef0e4cb2f
Reviewed-on: https://chromium-review.googlesource.com/c/1489182
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
ScopedMmap was asserting that the length of a mapped region must be an
exact number of pages, but this is not required or useful.
Change-Id: I6141712a1980a217565e31ddcd4c23cf6a32503c
Reviewed-on: https://chromium-review.googlesource.com/c/1480440
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Explicitly check that mach_vm_read() successfully read the entire
requested region. This is a speculative fix for an infrequent crash that
occurs in the wild where only part of the region read by ReadMapped()
was actually mapped into memory.
Bug: chromium:918626
Change-Id: I4f4b3902d11480dc4a003608cfb1d371ec89425b
Reviewed-on: https://chromium-review.googlesource.com/c/1455170
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
-ftrivial-auto-var-init=pattern automatically initializes all variables
with a pattern. This revealed two issues:
1. Unitialized read of field from CrashpadInfoClientOptions.
2. The PC distance check in TestCaptureContext (due to additional
instrumentation, the distance is now 76 on x86-64 and 92 on aarch64).
Change-Id: I528e5f21c70d2849c9300776da783fde59411e9e
Reviewed-on: https://chromium-review.googlesource.com/c/1471691
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Nico Weber <thakis@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
This reverts commit 79f4a3970a6425ef0475263974bf9a012279ba4f.
Chromium’s test launcher is not prepared to handle GTEST_SKIP().
Bug: chromium:912138
Change-Id: Iaeffaedcd92093ec61b013f2a919dc4670094581
Reviewed-on: https://chromium-review.googlesource.com/c/1464099
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Since gtest 00938b2b228f3, gtest has built-in first-class support for
skipping tests, which is functionally identical (at least in Crashpad’s
usage) to the home-grown support for run-time dynamically disabled tests
introduced in Crashpad 5e9ed4cb9f69.
Use the new standard pattern, and remove all vestiges of the custom
local one.
Change-Id: Ia332136c356d523885fc5d86bc8f06fefbe6a792
Reviewed-on: https://chromium-review.googlesource.com/c/1427242
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
The test currently compile because of ADL (argument-dependent lookup). It
does not compile with a more recent googletest version. See associated
bug for linked to failed builds and compiler error messages.
Bug: crashpad:274
Change-Id: I7f2dd736453deb2a1af7bcacefc421961e1eb95e
Reviewed-on: https://chromium-review.googlesource.com/c/1422786
Commit-Queue: Victor Costan <pwnall@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
Use-after-return detection happens to currently be enabled on Linux and
Android but is not exclusive to those platforms. Disable tests
incompatible with ASan UAR detection on all platforms.
Bug: 915245
Change-Id: I40447c126dac9dc7d0f72e400136afb8c292324d
Reviewed-on: https://chromium-review.googlesource.com/c/1414614
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
zx_task_suspend() now supports suspending processes. This is somewhat
more reliable than suspending the constituent threads because after the
call returns and the token is being held, any subsequently started
threads will start in the the suspended state.
However, because the suspend is asynchronous the threads of the process
still need to be iterated to wait for them to assert ZX_THREAD_SUSPENDED
(and that can and does still fail to happen for a number of reasons). So
while improved, this class is still only best-effort.
Additionally, as the version of ScopedTaskSuspend that took a thread
wasn't being used, remove that.
Bug: crashpad:269
Change-Id: Ifb3f8e0d780a5e22af33613f92a61d25459f5139
Reviewed-on: https://chromium-review.googlesource.com/c/1377201
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Scott Graham <scottmg@chromium.org>
The prohibition on using Mach receive rights with kqueue() was lifted in
10.12. Add the source code reference that should have been here all
along, and explain how xnu has changed. When the minimum runtime target
is 10.12 or later, the port set in this code will be unnecessary, and it
will be possible to remove it.
Change-Id: I8fdf91a124efb081e4748ccf60680b12a38c4d18
Reviewed-on: https://chromium-review.googlesource.com/c/1406894
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
This was part of a change to delete base::ThreadLocalStorage::StaticSlot.
Bug: crashpad:271
Change-Id: I0df76318aef05cbaecab660253cb388e3929f693
Reviewed-on: https://chromium-review.googlesource.com/c/1405788
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
offsets in the MemoryMap are expressed as two's complement while
Crashpad's and mini_chromium's string conversion functions expect
negative numbers to be expressed with a '-' character.
Convert the string as unsigned and then re-interpret to signed when
necessary.
Bug: 914246
Change-Id: I76aaf092ea7ad98806be7a3f380dab4ca0425ed6
Reviewed-on: https://chromium-review.googlesource.com/c/1399372
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Fixes a -Wunused-value warning found by the latest version of clang.
R=mark@chromium.org
Bug: 917419
Change-Id: I6178c1534adc7e25e5b75f6a6ab90497a86de23f
Reviewed-on: https://chromium-review.googlesource.com/c/1395945
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Reid Kleckner <rnk@chromium.org>
This is a follow-up to c8a016b99d97, following the post-landing
discussion at
https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1393921/5#message-2058541d8c4505d20a990ab7734cd758e437a5f7
base::size, and std::size that will eventually replace it when C++17 is
assured, does not allow the size of non-static data members to be taken
in constant expression context. The remaining uses of ArraySize are in:
minidump/minidump_exception_writer.cc (×1)
minidump/minidump_system_info_writer.cc (×2, also uses base::size)
snapshot/cpu_context.cc (×4, also uses base::size)
util/misc/arraysize_test.cc (×10, of course)
The first of these occurs when initializing a constexpr variable. All
others are in expressions used with static_assert.
Includes:
Update mini_chromium to 737433ebade4d446643c6c07daae02a67e8deccao
f701716d9546 Add Windows ARM64 build target to mini_chromium
87a95a3d6ac2 Remove the arraysize macro
1f7255ead1f7 Placate MSVC in areas of base::size usage
737433ebade4 Add cast
Bug: chromium:837308
Change-Id: I6a5162654461b1bdd9b7b6864d0d71a734bcde19
Reviewed-on: https://chromium-review.googlesource.com/c/1396108
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Adds new scripts: mig_gen.py for using MIG to generate a Mach interface, mig_fix.py for fixing the resulting interface. mig.py now wraps both into the same user interface.
mig_fix.py also has the option to write its fixed output to new files, rather than overwriting the existing output. This should increase compatibility with certain build configurations.
Change-Id: I743ea1bab3f63c5b92f361948b544d498ed01cbc
Reviewed-on: https://chromium-review.googlesource.com/c/1389095
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
As Mark noted in [1] ProcessMemory should accept VMSize instead of
size_t, the two types can differ on platforms where a cross-bitness
handler could cause a 32-bit handler to inspect a 64-bit process. By
centralizing the checks in ProcessMemory, we can leave the individual
platform-specific implementations (in ProcessMemory*::ReadUpTo) to
accept size_ts.
[1] crrev.com/c/1388017/2/snapshot/crashpad_types/crashpad_info_reader.cc#70
Bug: crashpad:270
Change-Id: I3aab483221de36f3b1478cb9503101b142dae681
Reviewed-on: https://chromium-review.googlesource.com/c/1387756
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Didn't notice these until I hit presubmit in chromium.
Bug: crashpad:263
Change-Id: I7d86c508928c95a65b7972a19fbdf3bd19c9b29b
Reviewed-on: https://chromium-review.googlesource.com/c/1387885
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Delete TaskMemory tests made redundant by equivalent
ProcessMemoryTests. Some TaskMemory tests are still not redundant
because they test TaskMemory::ReadMapped() or they exercise platform-
specific behavior like TaskMemory::Read() not being able to read a
VM_PROT_NONE page.
Bug: crashpad:263
Change-Id: I72a56b4f3564444b02943f11a0069749bf1b074b
Reviewed-on: https://chromium-review.googlesource.com/c/1387270
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Currently TaskMemory re-implements a number of Read* routines that are
implemented in a platform-independent way in ProcessMemory with access
to a single platform-specific ReadUpTo method. Implement the ReadUpTo
method for TaskMemory and subclass it from ProcessMemory to inherit the
remaining methods.
The ProcessMemoryTests didn't work on macOS because MultiprocessExec
can not access the child process' task port without root privileges or
the task_for_pid entitlement. Create an adaptor class for those tests to
use MachMultiprocess so that the child process sends its task port to
the parent.
Bug: crashpad:263
Change-Id: Id8e1788a74fe957f05703a5eb569ca3bf9870369
Reviewed-on: https://chromium-review.googlesource.com/c/1387265
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Use platform independent helpers to simplify initializing a
ProcessMemory object in this test.
Bug: crashpad:263
Change-Id: Id0f9e006f6dbaca31453803b8c790a6832e855e5
Reviewed-on: https://chromium-review.googlesource.com/c/1387264
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Currently, TaskMemory implements the ProcessMemory interface almost
exactly; however, it's initialized using a constructor instead of an
Initialize method which makes it incompatible with a number of
ProcessMemory tests. Change its initialization to match the other
ProcessMemory classes.
Bug: crashpad:263
Change-Id: I8022dc3e1827a5bb398aace0058ce9494b6b6eb6
Reviewed-on: https://chromium-review.googlesource.com/c/1384447
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Update the "...namespaces.md..." link to its current URL.
Change-Id: Ic30c6be5dba4f531e5b8a55af37555626398df5a
Reviewed-on: https://chromium-review.googlesource.com/c/1381777
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Currently, TaskMemory::ReadCStringInternal() treats the
ReadCStringSizeLimited(size=0) case by returning an empty string;
however, that is inconsistent with the documentation for that function
and the equivalent implementation in ProcessMemory. The comment for the
size parameter is: "The maximum number of bytes to read. The string is
required to be `NUL`-terminated within this many bytes." My
interpretation is that the ProcessMemory behavior is correct in failing
on size=0 as a NUL can never be read.
ReadCStringSizeLimited() is only used with a possibly null size in
MachOImageReader::ReadDylinkerCommand(). In that case we read the
dylinker_command string, which appears to also be verified to be a
non-zero length null terminated string in load_dylinker() in
bsd/kern/mach_loader.c so we shouldn't hit this case in the wild.
Bug: crashpad:263
Change-Id: I2bd9c0ce3055154a98afdd19af95bb48d05f05a3
Reviewed-on: https://chromium-review.googlesource.com/c/1384448
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Vlad Tsyrklevich <vtsyrklevich@chromium.org>
