This bug was found when trying to upgrading the MSAN bots from Ubuntu
18.04 (where this codepath was not hit) to 20.04. The following MSAN
error is produced when running HTTPTransport/HTTPTransport.*
==3496553==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5616c540ad7d in __is_long buildtools/third_party/libc++/trunk/include/string:1674:33
#1 0x5616c540ad7d in size buildtools/third_party/libc++/trunk/include/string:1069:17
#2 0x5616c540ad7d in crashpad::(anonymous namespace)::HTTPTransportLibcurl::WriteResponseBody(char*, unsigned long, unsigned long, void*) third_party/crashpad/crashpad/util/net/http_transport_libcurl.cc:528:50
...
SUMMARY: MemorySanitizer: use-of-uninitialized-value buildtools/third_party/libc++/trunk/include/string:1674:33 in __is_long
ORIGIN: invalid (0). Might be a bug in MemorySanitizer origin tracking.
The memory is initialized in http_transport_test.cc:293, but MSAN gets
confused. Given the message output by MSAN (ORIGIN: invalid (0).
Might be a bug in MemorySanitizer origin tracking), this appears
to be a bug in MSAN, not crashpad, so this CL suppresses the error.
Bug: chromium: 1260217
Change-Id: I2d6a46e3489816270cc1fee776793ffafe0147e4
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/4015160
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Thomas Anderson <thomasanderson@chromium.org>
Copy of crrev.com/c/3952963.
Fixes locking not working on some Android filesystems due to flock not
being available. Instead, we now use the same approach as Fuchsia with
a dedicated lock file. This is an issue when running tests on
non-rooted Android devices, as we need files to be written to a
location accessible without root, but the chosen location might not
have flock support.
Bug: chromium:1358240
Change-Id: Ie910481be472403a8b0e9e36100594b0618f85e6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3999273
Commit-Queue: Brian Sheedy <bsheedy@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
sed -i '' -E -e 's/Copyright (.+) The Crashpad Authors\. All rights reserved\.$/Copyright \1 The Crashpad Authors/' $(git grep -El 'Copyright (.+) The Crashpad Authors\. All rights reserved\.$')
Bug: chromium:1098010
Change-Id: I8d6138469ddbe3d281a5d83f64cf918ec2491611
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3878262
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
registration_protocol_win.h includes <string>, which adds an
unacceptable dependency on libc++ in //components/crash/win:chrome_wer
in Chrome as that file is included in crashpad_wer.cc. Rather than
remove <string>, which would require doing a lot of transitive
refactoring work in Crashpad, we just extract the data structures into
another file, as crashpad_wer.cc only includes
registration_protocol_win.h for its struct definitions.
Bug: chromium:1357827
Change-Id: Ic20c2952be07ea75d063702cd346cdca0ab65038
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3864251
Commit-Queue: Alan Zhao <ayzhao@google.com>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
* crashpad_http_transport_impl is "socket" when targeting Fuchsia
so the dependency on //third_party/curl:libcurl isn't actually
ever added - we might as well remove it to prevent confusion
Bug: fuchsia:107235
TESTED=`fx build` in Fuchsia checkout
Change-Id: I75da6e7505f8ab09f9978472e93c48600f4c35cb
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3840964
Commit-Queue: Francois Rousseau <frousseau@google.com>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Passing -1 (or size_t max) to ScopedVMRead would succeed, because the
amount of memory to be read would overflow vm_address_t/vm_size_t and
turn into something reasonable. ScopedVMRead would return true having
only read a miniscule subset of the requested data length.
Bug: 1348341
Change-Id: I061a1d86928f211c541a6378a78ee045d489a838
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3791710
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Adds a 4K buffer to the intermediate dump writer. Aside from the final
flush, only write in multiples of 4K. This saves between 30ms and 50ms
on an iPhone 12 Pro.
Change-Id: Icc4b222477bd91fd6952c7cf43b105e1f7a50adb
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3764243
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
On iOS, holding a lock during a slow upload can lead to watchdog kills
if the app is suspended mid-upload. Instead, if the client can obtain
the lock, the database sets a lock-time file attribute and releases the
flock. The file attribute is cleared when the upload is completed. The
lock-time attribute can be used to prevent file access from other
processes, or to discard reports that likely were terminated mid-upload.
Bug:chromium:1342051
Change-Id: Ib878f6ade8eae467ee39acb52288296759c84582
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3739019
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Adds a new IOSIntermediateDumpWriter::AddPropertyCString method which
takes an address to a cstring of unknown length and page-by-page
searches for a NUL-byte terminator.
This is necessary because currently WriteModuleInfo calls strlen
directly on the dyld and module filePath without first using vm_read.
On iOS14 this occasionally crashes, and is generally unwise. Instead,
use AddPropertyCString.
This patch also removes WriteDyldErrorStringAnnotation, as it's no
longer used going forward with iOS 15.
Bug: 1332862
Change-Id: I3801693bc39259a0127e5175dccf286a1cd97ba7
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3689516
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
This adds a runtime exception helper (& test module) for Windows and
plumbing to allow the module to be registered by the crashpad client,
and to trigger the crashpad handler. Embedders can build their own
module to control which exceptions are passed to the handler.
See: go/chrome-windows-runtime-exception-helper for motivation.
When registered (which is the responsibility of the embedding
application), the helper is loaded by WerFault.exe when Windows
Error Reporting receives crashes that are not caught by crashpad's
normal handlers - for instance a control-flow violation when a
module is compiled with /guard:cf.
Registration:
The embedder must arrange for the full path to the helper to
be added in the appropriate Windows Error Reporting\
RuntimeExceptionHelperModules registry key.
Once an embedder's crashpad client is connected to a crashpad
handler (e.g. through SetIpcPipeName()) the embedder calls
RegisterWerModule. Internally, this registration includes handles
used to trigger the crashpad handler, an area reserved to hold an
exception and context, and structures needed by the crashpad handler.
Following a crash:
WerFault.exe handles the crash then validates and loads the helper
module. WER hands the helper module a handle to the crashing target
process and copies of the exception and context for the faulting thread.
The helper then copies out the client's registration data and
duplicates handles to the crashpad handler, then fills back the various structures in the paused client that the crashpad handler will need.
The helper then signals the crashpad handler, which collects a dump then
notifies the helper that it is done.
Support:
WerRegisterExceptionHelperModule has been availble since at least
Windows 7 but WerFault would not pass on the exceptions that crashpad
could not already handle. This changed in Windows 10 20H1 (19041),
which supports HKCU and HKLM registrations, and passes in more types of
crashes. It is harmless to register the module for earlier versions
of Windows as it simply won't be loaded by WerFault.exe.
Tests:
snapshot/win/end_to_end_test.py has been refactored slightly to
group crash generation and output validation in main() by breaking
up RunTests into smaller functions.
As the module works by being loaded in WerFault.exe it is tested
in end_to_end_test.py.
Bug: crashpad:133, 866033, 865632
Change-Id: Id668bd15a510a24c79753e1bb03e9456f41a9780
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3677284
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
This is a reland of 460943dd9a71dc76f68182a8ede766d5543e5341
Original change's description:
> The DoubleForkAndExec() function was taking over 622 milliseconds to run
> on macOS 11 (BigSur) on Intel i5-1038NG7. I did some debugging by adding
> some custom traces and found that the fork() syscall is the bottleneck
> here, i.e., the first fork() takes around 359 milliseconds and the
> nested fork() takes around 263 milliseconds. Replacing the nested fork()
> and exec() with posix_spawn() reduces the time consumption to 257
> milliseconds!
>
> See https://github.com/libuv/libuv/pull/3064 to know why fork() is so
> slow on macOS and why posix_spawn() is a better replacement.
>
> Another point to note is that even base::LaunchProcess() from Chromium
> calls posix_spawnp() on macOS -
> 8f8d82dea0:base/process/launch_mac.cc;l=295-296
The reland isolates the change to non-Android POSIX systems because
posix_spawn and posix_spawnp are available in Android NDK 28, but
Chromium is building with version 23.
Change-Id: If44629f5445bb0e3d0a1d3698b85f047d1cbf04f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3721655
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
This reverts commit 460943dd9a71dc76f68182a8ede766d5543e5341.
Reason for revert: This fails to compile in Chromium Android.
posix_spawn and posix_spawnp are available in Android NDK 28, but
Chromium is building with version 23.
https://ci.chromium.org/ui/p/chromium/builders/try/android_compile_dbg/1179765/overview
Original change's description:
> posix: Replace DoubleForkAndExec() with ForkAndSpawn()
>
> The DoubleForkAndExec() function was taking over 622 milliseconds to run
> on macOS 11 (BigSur) on Intel i5-1038NG7. I did some debugging by adding
> some custom traces and found that the fork() syscall is the bottleneck
> here, i.e., the first fork() takes around 359 milliseconds and the
> nested fork() takes around 263 milliseconds. Replacing the nested fork()
> and exec() with posix_spawn() reduces the time consumption to 257
> milliseconds!
>
> See https://github.com/libuv/libuv/pull/3064 to know why fork() is so
> slow on macOS and why posix_spawn() is a better replacement.
>
> Another point to note is that even base::LaunchProcess() from Chromium
> calls posix_spawnp() on macOS -
> 8f8d82dea0:base/process/launch_mac.cc;l=295-296
>
> Change-Id: I25c6ee9629a1ae5d0c32b361b56a1ce0b4b0fd26
> Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3641386
> Reviewed-by: Mark Mentovai <mark@chromium.org>
> Commit-Queue: Mark Mentovai <mark@chromium.org>
Change-Id: I7f6161bc4734c50308438cdde1e193023ee9bfb8
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3719439
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
The DoubleForkAndExec() function was taking over 622 milliseconds to run
on macOS 11 (BigSur) on Intel i5-1038NG7. I did some debugging by adding
some custom traces and found that the fork() syscall is the bottleneck
here, i.e., the first fork() takes around 359 milliseconds and the
nested fork() takes around 263 milliseconds. Replacing the nested fork()
and exec() with posix_spawn() reduces the time consumption to 257
milliseconds!
See https://github.com/libuv/libuv/pull/3064 to know why fork() is so
slow on macOS and why posix_spawn() is a better replacement.
Another point to note is that even base::LaunchProcess() from Chromium
calls posix_spawnp() on macOS -
8f8d82dea0:base/process/launch_mac.cc;l=295-296
Change-Id: I25c6ee9629a1ae5d0c32b361b56a1ce0b4b0fd26
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3641386
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Sanitizers can prevent the installation of signal handlers, but
sigaction would still return 0 (for success). Detect this by checking
the installed signal handler via a second call to sigaction.
R=mark@chromium.org
Bug: chromium:1328749
Change-Id: I62a5777379ec5c6b1ca2d5a62e7cd3fb8ed1437b
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3702302
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
This CL adds a new method ThreadSnapshot::ThreadName(), implements
it in each snapshot implementation, and adds tests for iOS, macOS,
Linux, Windows, and Fuchsia.
Bug: crashpad:327
Change-Id: I35031975223854c19d977e057dd026a40d33fd41
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3671776
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Ben Hamilton <benhamilton@google.com>
Reviewed-by: Ben Hamilton <benhamilton@google.com>
* ATOMIC_FLAG_INIT is deprecated.
* Compound ops on volatiles are deprecated.
Bug: chromium:1284275
Change-Id: I2235662c00e4be8c5eba2aaf565663faf8d9576a
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3658639
Commit-Queue: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
IOSIntermediateDumpWriter::Close() is intended to close the FD opened
by the in-process handler.
Currently, InProcessHandler::ScopedLockedWriter::~ScopedLockedWriter() does invoke IOSIntermediateDumpWriter::Close().
However, InProcessHandler::Initialize() invokes the utility CreateWriterWithPath() which directly creates an IOSIntermediateDumpWriter. It neither uses ScopedLockedWriter nor invokes Close().
This fixes the issue by:
1) Making IOSIntermediateDumpWriter::~IOSIntermediateDumpWriter() DCHECK() that it's closed
2) Calling IOSIntermediateDumpWriter::Close() from InProcessHandler::~InProcessHandler() and from test files
Change-Id: Ibfede0a3d2aeac948c7ff3d56445e13d1a4028b5
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3648710
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Justin Cohen <justincohen@chromium.org>
Linking crashpad (//third_party/crashpad/crashpad:util) target
into a target built for a secondary toolchain could cause noop
build failure because of an incorrect `include_dirs` directive.
The library depends on a generated buildflag, which when in a
secondary toolchain is generated to $root_gen_dir, a directory
that includes the toolchain name (except for the primary one).
The target added $root_build_dir/gen to its `include_dirs`
which is equal to $root_gen_dir for the primary toolchain, but
distinct for secondary toolchain.
Moreover, `include_dirs` define directly in a `source_set` are
placed before any `include_dirs` values inherited from configs.
This means that $root_build_dir/gen was before $root_gen_dir in
the list ($root_gen_dir is inherited from default config when
building Chromium).
The result is that building any crashpad files would result in
them trying to first include the version of the buildflag that
was generated for the primary toolchain, and if not found, using
the correct one. This was then recorded in the depfile generated
by the compiler.
This meant that it was possible for the build to be incorrect
(as the content of the buildflag may be different between the
two toolchains) and cause flaky noop failures (as the buildlag
generation for the primary toolchain and the compilation of
the source file for the secondary toolchain are unordered, but
a dependency was recorded via the depfile leading ninja to
report a dirty build).
The fix is simple, use the correct value $root_gen_dir in the
`include_dirs` directive.
Fixed: chromium:1314711
Change-Id: Icba521313e4105713e66fa576d730b00c7e74c21
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3579401
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Also update mini_chromium to f87a38442a9e for python3 changes.
Change-Id: I4ca7aa4cc9dcc97698fc0bc13cfb339421668074
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3542572
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Stop the prune thread and the upload thread when moving to the
inactive/background state. This will reduce the number of 0xdead10cc
system kills from having a file lock during iOS suspend.
Wait to start the prune thread when the application is active.
Otherwise, for iOS prewarmed applications, the prune thread will
regularly start when the application is foregrounded for the first
time when the user intentionally runs the app.
It's still possible for either the prune thread or the upload thread to
have a file lock during iOS suspend, such as when a task started in the
foreground and does not complete in time for suspension. Future work
should include considering BackgroundTasks and/or NSURLSessions, which
can more safely run in the background.
Bug: crashpad: 400
Change-Id: Ic7d4687eb795fe585327f128aa84a5928141f4a9
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3517967
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
iOS applications may be terminated with the exception code 0xdead10cc
when holding on to file locks in the shared container during suspension.
One approach to minimize this is to request additional background
execution time to complete the locking operation (in this case the
CrashReportUpload thread and the PruneIntermediateDumpsAndCrashReports
thread).
Bug: crashpad:400
Change-Id: I4192ae1a92646ea337a09ac071e49761ab2d3860
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3517966
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Previous commits[1][2] modified tests to require looking at RawLog
output to validate the success or failure of the iOS InHandlerProcess.
Previously this would use freopen to direct the RawLog to a file.
However, freopen introduces a race where the log file may not be
associated with stderr, and instead may interfere with the
InProcessHandler's cached writer fd. This caused flake with the
intermediate dumps sometimes including stderr logging.
Since the test fixtures only needs to know about the output of RawLog,
instead add a crashpad::internal::SetFileHandleForTesting method to
that swaps out STDERR_FILENO with the test fixture's fd.
[1] https://crrev.com/c/3488826
[2] https://crrev.com/c/3401563
Change-Id: I87b1020db6b896a47bec5a7c916a572c192b884f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3517773
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Override malloc_default_zone and malloc_default_purgeable_zone
with allocators that exit when called from the signal or Mach exception
threads in XCUITests, to verify the allocator is not used by the
InProcessHandler. Check stderr for error messages to confirm failures.
Change-Id: I1bb92e57504d71bbf6c6eaad3571c814e8a6934c
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3488826
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Crashpad currently has a circular dependency: client->snapshot->client.
The dependency from snapshot -> client only exists to pull in a single
constant for Windows (CrashpadClient::kTriggeredExceptionCode), so this
change breaks the dependency by splitting the constant out into a new
file util/win/exception_codes.h.
Change-Id: I6b74b367df716e097758e63a44c53cb92ea5e04d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3450763
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
This patch adds optional support for Arm Pointer Authentication Codes.
X30/LR is not stored to stack at any place and restored for usage.
Therefore only adding PAC flag to .note.gnu.property section.
Change-Id: I9581059dfa1eed88af5a73df15b6a0d299caea13
Bug: crashpad: 1145581
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3440070
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Adenilson Cavalcanti <cavalcantii@chromium.org>
Use BUILDFLAG(IS_*) instead of defined(OS_*).
This was generated mostly mechnically by performing the following steps:
- sed -i '' -E -e 's/defined\(OS_/BUILDFLAG(IS_/g' \
-e 's%([ !])OS_([A-Z]+)%\1BUILDFLAG(IS_\2)%g' \
$(git grep -l 'OS_'
'**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm')
- sed -i '' -e 's/#ifdef BUILDFLAG(/#if BUILDFLAG(/' \
$(git grep -l '#ifdef BUILDFLAG('
'**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm')
- gsed -i -z -E -e \
's%(.*)#include "%\1#include "build/buildflag.h"\n#include "%' \
$(git grep -l 'BUILDFLAG(IS_'
'**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm')
- Spot checks to move #include "build/buildflag.h" to the correct parts
of files.
- sed -i '' -E -e \
's%^(#include "build/buildflag.h")$%#include "build/build_config.h"\n\1%' \
$(grep -L '^#include "build/build_config.h"$'
$(git grep -l 'BUILDFLAG(IS_'
'**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm'))
- Add “clang-format off” around tool usage messages.
- git cl format
- Update mini_chromium to 85ba51f98278 (intermediate step).
TESTING ONLY).
- for f in $(git grep -l '^#include "build/buildflag.h"$'
'**/*.c' '**/*.cc' '**/*.h' '**/*.m' '**/*.mm'); do \
grep -v '^#include "build/buildflag.h"$' "${f}" > /tmp/z; \
cp /tmp/z "${f}"; done
- git cl format
- Update mini_chromium to 735143774c5f (intermediate step).
- Update mini_chromium to f41420eb45fa (as checked in).
- Update mini_chromium to 6e2f204b4ae1 (as checked in).
For ease of review and inspection, each of these steps is uploaded as a
new patch set in a review series.
This includes an update of mini_chromium to 6e2f204b4ae1:
f41420eb45fa Use BUILDFLAG for OS checking
6e2f204b4ae1 Include what you use: string_util.h uses build_config.h
Bug: chromium:1234043
Change-Id: Ieef86186f094c64e59b853729737e36982f8cf69
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3400258
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Mig-generated files contain mig identifiers, which include timestamp and mig build info.
To improve build determinism and goma cachehits we can replace these lines with something stable.
Bug: crashpad:390
Change-Id: Iedb2f6e64428612899587c2ac4d488baf439961f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3394052
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
- Formatted util/misc/initialization_state_dcheck.h
- Included build/build_config.h file in
util/stdlib/aligned_allocator_test.cc as it uses an
OS_* macro.
Change-Id: I8fb67f1ae440834d1b60f390658513a341789428
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3390648
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Avi Drissman <avi@chromium.org>
From the Fuchsia build:
```
ERROR at //third_party/crashpad/util/BUILD.gn:658:7: Undefined identifier.
defines += [ "CRASHPAD_USE_BORINGSSL" ]
^------
See //src/developer/forensics/crash_reports/BUILD.gn:127:5: which caused the file to be included.
"//third_party/crashpad/util",
^----------------------------
```
Change-Id: I1f563e5bb599b3a7a83ee8211037ee1d7464bd62
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3370891
Reviewed-by: Francois Rousseau <frousseau@google.com>
Commit-Queue: Francois Rousseau <frousseau@google.com>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Previously we would rely on implicit re-raising to deliver signals to
the underlying handler on POSIX systems if the signal is detected as
being re-raisable via WillSignalReraiseAutonomously(). This detection
mechanism is imperfect, as it will misclassify signals delivered as
a result of kill(2) when passing a signal number usually used for
synchronous signals, but now also asynchronous MTE tag check faults,
which are delivered as SIGSEGV signals on Linux. As a result, these
signals would not be re-raised and therefore would be discarded.
Although we could, for example, teach WillSignalReraiseAutonomously()
about MTE faults, the signal would still be re-raised via raise(3)
and therefore we would lose the information in siginfo.
We can avoid discarding these signals on Linux while at the
same time preserving the siginfo by making use of the syscall
rt_tgsigqueueinfo(2) which delivers a signal together with a
user-provided siginfo. The problem still exists on non-Linux POSIX
systems because this syscall is Linux-specific.
With kernel versions prior to 3.9, the kernel will reject the
rt_tgsigqueueinfo() syscall with EPERM. If that happens, follow
the non-Linux code path.
Change-Id: Ia410fbd651a756945c9402e361edfd5c520453d6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3300991
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Causes test failures on older versions of Android (e.g. Marshmallow).
Also reverts follow-up CL "Fix dead-code warning in util/posix/signals.cc".
This reverts commits ab9a87fb5463e5d1579e16bacb1f79d0dd71119b and
04431eccfe878570b1c74a5b376d96b4c9c7e0e8.
Bug: 1272877
Change-Id: Id9ef420516c932147b6c8b67d9f4daf9d31d9b03
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3300986
Reviewed-by: Peter Boström <pbos@chromium.org>
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Testing in beta has shown a few examples of a cropped intermediate dump
still providing useful information, but due to the order intermediate
dump data is written, could be improved.
- Change the order of writing data to the intermediate dump by
increasing the priority of the Exception block from:
Header / Process / System / Threads/ Modules / Exception
to
Header / Process / System / Exception / Threads / Modules
- Annotate minidump reports generated from incomplete intermediate
dumps with the key 'crashpad_intermediate_dump_incomplete'.
- Handle partial exception contexts rather than throwing them away.
Change-Id: I543c1d3135c42e5b8e339e498ea0c86002f37ea3
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3294862
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Change IOSIntermediateDumpReader to take a new interface that can be
backed by a FilePath (as it is now) or a StringFile byte array, which
can be useful for tests, especially with fuzzing.
Change-Id: I02a25cfb7cd204975d1bcce80201bd10944f3f2e
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3270755
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Only the handler uses util/net. After
8342e6bd613a5b2e44eca1d74288e3115ccef139, the introduction of an
Objective-C class caused Chromium to emit duplicate class defintion
warnings in the component build.
Bug: chromium:1270609
Change-Id: I2770528347aef406bb21a79d295f702498f7b37e
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3290276
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This implements a per-report retry rate limit (as opposed to per upload
rate limit in ShouldRateLimitUpload). When a report upload ends in a
retry state, an in-memory only timestamp is stored with the next
possible retry time. This timestamp is a backoff from the main thread
work interval, doubling on each attemt. Because this is only stored in
memory, on restart reports in the retry state will always be tried
once, and then fall back into the next backoff. This continues until
5 retry attempts are reached.
Change-Id: Ibde8855a8a9f0743f0b0bd4d5e3de8a45c64bcb6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3087723
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
This unblocks a roll of crashpad into chromium.
Bug: None
Change-Id: I54fc53e0b53b8a7c7ff8e28c4657b46587bfad8d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3287226
Commit-Queue: Peter Boström <pbos@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This pulls in "base/ignore_result.h" from mini_chromium through DEPS and
updates existing uses of "base/macros.h" to use "base/ignore_result.h".
Bug: chromium:1010217
Change-Id: I283e2bcfb2775de420d7e767b3b4a639dbba9e20
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3286105
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Peter Boström <pbos@chromium.org>
Previously we would rely on implicit re-raising to deliver signals to
the underlying handler on POSIX systems if the signal is detected as
being re-raisable via WillSignalReraiseAutonomously(). This detection
mechanism is imperfect, as it will misclassify signals delivered as
a result of kill(2) when passing a signal number usually used for
synchronous signals, but now also asynchronous MTE tag check faults,
which are delivered as SIGSEGV signals on Linux. As a result, these
signals would not be re-raised and therefore would be discarded.
Although we could, for example, teach WillSignalReraiseAutonomously()
about MTE faults, the signal would still be re-raised via raise(3)
and therefore we would lose the information in siginfo.
We can avoid discarding these signals on Linux while at the
same time preserving the siginfo by making use of the syscall
rt_tgsigqueueinfo(2) which delivers a signal together with a
user-provided siginfo. The problem still exists on non-Linux POSIX
systems because this syscall is Linux-specific.
Change-Id: I6df58d9371e29f75e19b4f899b723d4047f12936
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3278691
Commit-Queue: Peter Collingbourne <pcc@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This adds support for capturing memory snippets for addresses
currently stored in registers to Linux/Android/CrOS.
Modeled after the existing support on Windows.
Bug: crashpad:30
Change-Id: Ib7cb523555a6e8e4d70145c205d67dcfbc9c7fcc
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3273712
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
This effectively reverts f0ee5f0efee651ab82aa854761f107193b3db5de, but
updates the subclass with the new required NSStream methods. Crashpad
switched to using CFReadStream because NSInputStream required overriding
two private methods of NSInputStream in order to use it with
NSURLConnection. With Mac OS X 10.11 (the earliest that Chromium
supports), this is no longer the case. On iOS, using the private
CFReadStreamCreate() API is not permissible. Switch back to using a
custom NSInputStream subclass instead.
Bug: crashpad:382
Change-Id: I92b1260f49c6fa6c304475f7dc9b27ae1a5f35c4
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3271448
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
size_t is written to intermediate dump properties, but the parser was
reading off_t. off_t can go negative, which is a bad thing to pass
to a std::vector constructor.
Bug: crashpad:31
Change-Id: I52ebda0b29ece50d6d1cbc9064a70b2e221a4df1
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3261749
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This will prune the database on a daily basis, in accordance with the
specified condition. This will also unlock any leftover intermediate
dump files.
Bug: crashpad:31
Change-Id: I229f8b8006b44d31062fbf73bb9d316d69ab2dcf
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3231618
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Instead use a custom mechanism based on the filename. Rather than a
filename of <uuid>, instead name the file <bundle-id>|<uuid>[.locked].
A locked file will have the optional .locked extension. Files can be
unlocked after writing an intermediate dump, or during initialization by
looking for matching bundle-ids.
Clients that call ProcessIntermediateDumps() will clean up any leftover
locked intermediate dumps. Clients that never call
ProcessIntermediateDumps, such as extensions that leave this up to the
main application, will be cleaned up in a followup change.
Bug: crashpad:31
Change-Id: Icd4aaa3b79351870fbe9b8463cfbdf7cff7d5f87
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3229429
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Rohit Rao <rohitrao@chromium.org>
Manage the intermediate minidump generation, and own the crash report
upload thread and database.
Change-Id: I272d790a827cd13f6872e56f4675f366d13719c5
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3087721
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
The way that division operations behave have changed between Armv7
and Armv8. On the later one, divisions by zero will *not* yield an
exception of any kind (for both a 32bit and 64bit app), for hardware
integer divide operation.
On Arm processors exceptions may also be a factor of:
- if the hardware implementation supports it.
- if the kernel has set the proper internal state registers/flags.
- C library implementations (e.g. libgcc x clang_rt).
Aside that, a division by zero is within the realm of UD (Undefined
Behavior) in C/C++.
Since there are two categories of tests (explicit raise x caused by
instructions), it just makes sense to disable the second for Arm
since there is no reliable way to cause a SIGFPE without an explicit
raise() POSIX call.
For x86, we keep the previous implementation idea but streamlined
the code by deploying 'volatile' to ensure that the compiler
won't optimize away the result of the division (i.e no need
to call stat() and fstat()).
Bug: chromium:919548, chromium:1184398
Change-Id: Ib0fd4bdf503dcd50149dccae0577c777488c0238
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3213431
Commit-Queue: Adenilson Cavalcanti <cavalcantii@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This change was partially scripted and partially done manually with vim
regex + manually placing the deleted constructors.
The script change looked for destructors in the public: section of a
class, if that existed the deleted constructors would go before the
destructor.
For manual placement I looked for any constructor in the public: section
of the corresponding class. If there wasn't one, then it would ideally
have gone as the first entry except below enums, classes and typedefs.
This may not have been perfect, but is hopefully good enough. Fingers
crossed.
#include "base/macros.h" is removed from files that don't use
ignore_result, which is the only other thing defined in base/macros.h.
Bug: chromium:1010217
Change-Id: I099526255a40b1ac1264904b4ece2f3f503c9418
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3171034
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Peter Boström <pbos@chromium.org>
This migrates all the logic that used to live in ios/snapshots that
gathers all the various information during an exception.
Everything in InProcessIntermediateDumpHandler is considered
`RUNS-DURING-CRASH`.
Change-Id: Icc47c9de0f66be2b14a46a13d1038176082a3218
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2920547
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
More cleanly integration the ObjExceptionPreprocessor with the
Crashpad client and in process handler, to record bought
'caught' and 'uncaught' NSExceptions.
Bug: crashpad: 31
Change-Id: I77a77ca6d893cdc74da476c1888d9bcb338339d8
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2920851
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
UMA_HISTOGRAM_COUNTS is documented as deprecated and defaults to
creating larger histograms than are needed by Crashpad.
Bug: chromium:1237013
Change-Id: Ic133e05bce41759a11dbb523d84afc5246c6dc37
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3075884
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
The actual number of enums that will be recorded is approx ~75.
Bug: crashpad: 31
Change-Id: If33671c7627d6e55e94c86308c8482711e33cef4
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3035823
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Update ProcessMemoryLinux to be constructed from PtraceConnection
instead of being Initialize()d with a pid_t.
This allows consolidating PtraceClient's BrokeredMemory with
ProcessMemoryLinux and providing the PtraceConnection as a alternative
to the memory file (previously only done for brokered connections).
Change-Id: I1363e208030eaf595fb8051e9a2c6b255c1f9886
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3072402
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
This will accommodate moving third_party/mini_chromium around.
The default location is unchanged for now.
There are GN variables that may need to be updated when Fuchsia's source
re-organizes its layout:
* mini_chromium_source_parent : this contains a BUILD.gn with groups and
encloses the mini_chromium_source_root. This is controlled by the
structure of the project that depends on this project.
* _mini_chromium_source_root : this is what is normally checked out from
git, the upstream source directory
* mini_chromium_import_root : points inside source_root to make GN files
accessible.
This first step breaks out case logic for "if (crashpad_is_in_fuchsia)"
even if the value is unchanged for now. This will faciliate a smaller
change when Fuchsia re-structures third_party sources.
Change-Id: I09e5362f4be8fdb440e3891422881b1053052341
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3062424
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
These macros were introduced in 2018. See
https://github.com/google/googletest/commit/c5f08bf.
Mark mocks "override" where needed and move
"-Wno-inconsistent-missing-override" to gmock_all_test since
googletest/googlemock/test/gmock-function-mocker_test.cc doesn't always
specify "override" on mocks.
Change-Id: Icdc0a0ac986ab8d8d904173d093096c8f666ec04
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3079439
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Standalone Crashpad for Android can now be built with gn.
Change-Id: I0ee7f8e1af8c2bc0edb88e93b345abd7d739f33c
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3034984
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
It's currently included by string_piece.h, but that include is going
away.
Bug: crashpad:none
Change-Id: I5214e888f086b12e91121f81ef94c8038fe9558a
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/3015681
Commit-Queue: Hans Wennborg <hans@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Justin Cohen <justincohen@chromium.org>
Remove unneeded base/strings/stringprintf.h includes.
ARCH_CPU_X86_64 macro is used without including build/build_config.h
Missing base/check.h
Change-Id: Ib7864ab7b30ef8fc37649783f7b90b618d0d6a0b
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2920552
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Chromium moved base::size() to base/cxx17_backports.h, so do the same in
mini_chromium and update the users in Crashpad.
Roll mini_chromium to 2f06f83f to make the new base header available.
Bug: chromium:1210983
Change-Id: Ie3dc4c189dcdfcac030b95fe285f94abb29a27bf
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2917779
Commit-Queue: Lei Zhang <thestig@chromium.org>
Commit-Queue: Mark Mentovai <mark@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Due to the limitations of in-process handling, an intermediate dump file
is written during exceptions. The data is streamed to a file using only
in-process safe methods. The file format is similar to binary JSON,
supporting keyed properties, maps and arrays.
- Property [key:int, length:int, value:intarray]
- StartMap [key:int], followed by repeating Properties until EndMap
- StartArray [key:int], followed by repeating Maps until EndArray
- EndMap, EndArray, EndDocument
Similar to JSON, maps can contain other maps, arrays and properties.
Once loaded, the binary file is read into a set of data structures that
expose the data, maps and arrays.
Bug: crashpad: 31
Change-Id: I43a19204935303afd753c8c7090c54099634ccd6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2870807
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Via tools/mac/rewrite_modern_objc.py in the Chromium repo
Bug: chromium:324079
Change-Id: I3160331899b3ea75e0ebc78abd9a0a84e9339b40
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2904179
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Leonard Grey <lgrey@chromium.org>
Adds wrapper to vm_read and vm_deallocate memory to allow for safe
in-process memory reads during crashes.
Also adds a logging utility safe for in-process exception handling.
Bug: crashpad: 31
Change-Id: I658f3181cbec40a79e304b7306466e10c003564f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2875349
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Justin Cohen <justincohen@chromium.org>
There's no default curl available when building on host Linux in the
Fuchsia tree, so add an explicit dependency when using the curl
transport in Fuchsia.
Change-Id: I0afe5e2cc8ea0a70f3ef4e1635d4d808237c93b6
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2832147
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Scott Graham <scottmg@chromium.org>
The //build/confic/mac/BUILD.gn which defines this target does not
build properly in some cronet ios build configurations, and the
dependency is not necessary for ios builds.
Fixed: 1161219
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2656759
Commit-Queue: Ken Rockot <rockot@google.com>
Auto-Submit: Ken Rockot <rockot@google.com>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#848224}
Message-Id: Merged from chromium a9f64a9dbf42e411a38e3c93b131984a0a02a84a
Change-Id: Ifd03c41d42b3756cb77bb7cc3ece5d3f23b1262d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2818147
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Also fixes a usage of ->assign in the class which will be unsafe to use.
Bug: crashpad:31
Change-Id: I434df35b0669dde2323817f3c0cef1727926c85f
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2650088
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This change removes usages of the base::char16 and base::string16 type
aliases in favor of using char16_t and std::u16string directly.
Bug: chromium:1184339
Change-Id: Ieb790cbe2ce98d91865cd21d98616195a57b3903
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2742482
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
Use SIMULATOR_MODEL_IDENTIFIER to get the equivalent device model.
Bug: crashpad:31
Change-Id: I17950d77c214533614781a5ca41170d6c3a77ae3
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2726978
Commit-Queue: Justin Cohen <justincohen@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
This particular action was crashing when being traced.
Bug: fuchsia:68780
Change-Id: Ia83d48b2a88f53bd8e139ea9c787429f93a24533
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2662398
Commit-Queue: Scott Graham <scottmg@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
This change replaces calls to the deprecated base::c16memcmp,
base::c16len and base::c16memcpy in favor of using static methods on
std::char_traits<base::char16> directly.
Bug: chromium:911896
Change-Id: I739410cf41a77da9d43e59513cace086f93f0c36
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2637704
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Jan Wilken Dörrie <jdoerrie@chromium.org>
This change removes several unaligned accesses, as well a null pointer
offset and an out of bounds array access.
Bug: fuchsia:46805
Change-Id: I0110d0b7faf672655d978894b868760eee7b2988
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2583025
Commit-Queue: Scott Graham <scottmg@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
When using the new Goma RBE and use_system_xcode, the referenced .defs
input files are located below the root build directory and so are
considered build outputs. The sdk_inputs target is an empty action that
lets GN consider them to be generated outputs.
Bug: chromium:1157103
Change-Id: I38a959d2c00c20fa403a1c15b1eac69ef2043d5d
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2582922
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
C++20 removed std::allocator<void>, so we need to use a void* instead.
TEST=no behavior change
Change-Id: Ifd1ee686e86ee55accab8c4b23e80000cdbdf227
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2578864
Reviewed-by: Joshua Peraza <jperaza@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
The broker attempts to use sbrk() to allocate memory to track ptrace
attachments. If the process failed due to an OOM, this system call might
fail, the broker falls back to saving attachments on the stack, and then
overruns the stack.
This change updates the broker to use sys_mmap() instead of sbrk(),
which is expected to work at least as well. If sys_mmap() fails or
the first mapped page is exhausted, further attachments fail without
attempting to save them to the stack.
Bug: chromium:1128441
Change-Id: Ibffaa986403adaf3178ee77e6d210053fbf60f26
Reviewed-on: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/2488280
Reviewed-by: Mark Mentovai <mark@chromium.org>
Commit-Queue: Joshua Peraza <jperaza@chromium.org>
