261 Commits

Author SHA1 Message Date
Mark Mentovai
948fd2d019 mac: Report a metric for handler crashes
This installs signal handlers in the crashpad_handler process to log
these crashes via the Crashpad.HandlerCrash.ExceptionCode.Mac histogram.
This is roughly the same mechanism that’s used for Windows.

The signal handler tries fairly hard to avoid swallowing signals, so
that things appear to outside observers (including debuggers and crash
handlers) identically to how they would look if no signal handler was
present.

The signal handler uses a different mapping schema than the existing
Crashpad.ExceptionCode.Mac histogram for reasons explained in code
comments. Because the mappings should not overlap, the new values may be
added to the existing CrashpadMacExceptionCodes enum.

BUG=crashpad:100

Change-Id: I9b8bda1c59d0a180501c285cdc672840a54f5efc
Reviewed-on: https://chromium-review.googlesource.com/435451
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2017-02-07 18:55:57 +00:00
Mark Mentovai
e7630628e9 mac: Report richer exception codes via metrics
Previously, only the top-level exception code was reported via the
Crashpad.ExceptionCode.Mac histogram. Making this histogram work
(https://crbug.com/678720) has revealed that Chrome is triggering
EXC_RESOURCE exceptions at a rate in excess of 4x that of ordinary
crashes. These exceptions were not previously visible because they are
not uploaded unless the system treats them as fatal, which it does not
normally do absent an explicit request.

In order to learn more about the problem, this change augments the data
reported via the Crashpad.ExceptionCode.Mac histogram to report (at
least) second-level exception data. This means that we will no longer
see just EXC_RESOURCE, but potentially more useful information such as
EXC_RESOURCE / RESOURCE_TYPE_IO / FLAVOR_IO_PHYSICAL_WRITES. This also
applies to other exception types, so that the majority of crashes
currently falling into the EXC_CRASH bucket will now have additional
information decoded and will be reported as, for example, EXC_BAD_ACCESS
/ KERN_INVALID_ADDRESS, EXC_BAD_INSTRUCTION / EXC_I386_INVOP, and
EXC_CRASH / SIGABRT.

Because the old mechanism was only live (in an “it works” sense) for
several days, and the new mechanism does not overlap with histogram
values used by the old one, there’s no need to invent a new histogram
name.

BUG=chromium:684051

Change-Id: Ia0a372b4127f7b3b2e7dbbaac9304cce3b5aadfe
Reviewed-on: https://chromium-review.googlesource.com/430933
Reviewed-by: Scott Graham <scottmg@chromium.org>
2017-01-24 15:59:30 +00:00
Scott Graham
0567536f86 win: Attempt to fix unloaded modules list by using RtlGetUnloadEventTraceEx
I haven't been able to reproduce this locally, but we see errors in
crash dumps where the unloaded module list consists of a number of
modules with invalid names and implausible addresses. My assumption is
that RTL_UNLOAD_EVENT_TRACE isn't correct for some OS levels. Instead of
trying to finesse and test that, use RtlGetUnloadEventTraceEx() instead
of RtlGetUnloadEventTrace(), which returns an element size. (This
function is Vista+ which is why it wasn't used the first time around.)

R=mark@chromium.org
BUG=chromium:620175

Change-Id: I4d7080a03623276f9c1c038d6e7329af70e4a64c
Reviewed-on: https://chromium-review.googlesource.com/421564
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-12-16 20:32:25 +00:00
Sigurdur Asgeirsson
2e80cb7cb4 win: Delegate to previous UEF on exception
Change-Id: I02f6d048d8a51797f93794ecc761f4fc8ba139a7
Reviewed-on: https://chromium-review.googlesource.com/420849
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-12-15 20:06:02 +00:00
Scott Graham
68095b6a4e Don't LOG(ERROR) for usage, and fix VS2013 build after 8b3eec8
R=mark@chromium.org
BUG=crashpad:57

Change-Id: I6514a82ae5de38a695422ef86c044ec3b2ce171b
Reviewed-on: https://chromium-review.googlesource.com/412269
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-11-17 22:59:17 +00:00
Scott Graham
8b3eec83e9 win: Add signal handler for SIGABRT to handle abort() calls
R=mark@chromium.org
BUG=crashpad:57

Change-Id: Ib7141f00e74e3db9e5be427cc990847331e09912
Reviewed-on: https://chromium-review.googlesource.com/412058
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-11-17 22:00:38 +00:00
Mark Mentovai
1f2a2c82c6 doc: Small updates after Markdown migration
The strangest discovery relates to the # <h1> title in navbar.md.
Gitiles renders it small unless there’s a [home] reference, so use that.
This should only affect wrapping the site logo in the [home] link, but
it appears to control the size of the navbar title too. See
https://code.google.com/p/gitiles/issues/detail?id=130.

BUG=crashpad:138,gitiles:130

Change-Id: I11b3a79f045efa22358b3c3ef4b50ce2e6b3282e
Reviewed-on: https://chromium-review.googlesource.com/408458
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-11-07 18:43:18 +00:00
Mark Mentovai
0c41b15496 Convert AsciiDoc documentation to Markdown
Most of the world, including the Chromium universe, seems to be
standardizing on Markdown for documentation. Markdown provides the
benefit of automatic rendering on Gitiles (Gerrit), and on GitHub
mirrors as well. Crashpad should fit in with its surroundings.

There are two quirks that I was unable to resolve.

 - Markdown does not allow **emphasis** within a ```code fence```
   region. In blocks showing interactive examples, the AsciiDoc
   documentation used this to highlight what the user was expected to
   type.
 - Markdown does not have a “definition list” (<dl>). This would have
   been nice in man pages for the Options and Exit Status sections.
   In its place, I used unnumbered lists. This is a little ugly, but
   it’s not the end of the world.

The new Markdown-formatted documentation is largely identical to the
AsciiDoc that it replaces. Minor editorial revisions were made.
References to Mac OS X now mention macOS, and tool man pages describing
tools that that access task ports now mention System Integrity
Protection (SIP).

The AppEngine-based https://crashpad.chromium.org/ app in doc/appengine
is still necessary to serve Doxygen-generated documentation. This app is
updated to redirect existing generated-HTML URLs to Gitiles’ automatic
Markdown rendering.

Scripts in doc/support are updated to adapt to this change. All AsciiDoc
support files in doc/support have been removed.

BUG=crashpad:138

Change-Id: I15ad423d5b7aa1b7aa2ed1d2cb72639eec7c81aa
Reviewed-on: https://chromium-review.googlesource.com/408256
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
2016-11-04 21:13:53 +00:00
Scott Graham
b47bf6c250 Fix tests when running on Win10
The Windows 10 loader starts a few extra threads before main(). In a few
of the test cases, the tests were relying on thread ordering (generally,
the test thread being at index #1). Instead, use other signals to find
the correct thread to verify.

R=mark@chromium.org

Change-Id: Icb1f5a8fdf3a0ea6d82ab65960dbcb650965f269
Reviewed-on: https://chromium-review.googlesource.com/407073
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-11-03 18:51:01 +00:00
Scott Graham
c4cdec3d72 Handle non-crashing cases for server failure to start
Follow up #4!

R=mark@chromium.org
BUG=chromium:567850,chromium:656800
TEST=tests added to crashpad_client_test

Change-Id: I2a53f2168988e620ce240750c6c2d544ba95c8b4
Reviewed-on: https://chromium-review.googlesource.com/406741
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-11-03 16:38:22 +00:00
Scott Graham
55ba6b6780 break; after handling --initial-client-data on command line
Not surprisingly,
"0x278,0x27c,0x280,0x274,0x288,0x978a70,0x978a80,0x978a90" is not a
valid directory to store metrics in.

Fortunately --metrics was processed before --initial-client-data in a
local build, otherwise this could have lurked for a long time. :(

R=mark@chromium.org
BUG=655788,656800

Change-Id: I3ac3d1b487f55ddf0172bac51f8d9efc411c3329
Reviewed-on: https://chromium-review.googlesource.com/406938
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-11-02 23:13:03 +00:00
Scott Graham
c2814e2519 Don't throttle explicitly requested uploads
R=mark@chromium.org
BUG=chromium:660955

Change-Id: Ia31846fe3487a52f4cad34859e23a7192ca4065e
Reviewed-on: https://chromium-review.googlesource.com/405533
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-10-31 21:17:45 +00:00
Scott Graham
2d87606bb5 win: Start crashpad_handler by inheriting connection data to it
Previously, StartHandler() launched the handler process, then connected
over a pipe to register for crash handling. Instead, the initial client
can create and inherit handles to the handler and pass those handle
values and other data (addresses, etc.) on the command line.

This should improve startup time as there's no need to synchronize with
the process at startup, and allows avoiding a call to CreateProcess()
directly in StartHandler(), which is important for registration for
crash reporting from DllMain().

Incidentally adds new utility functions for string/number conversion and
string splitting.

Note: API change; UseHandler() is removed for all platforms.

BUG=chromium:567850,chromium:656800

Change-Id: I1602724183cb107f805f109674c53e95841b24fd
Reviewed-on: https://chromium-review.googlesource.com/400015
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-10-21 20:35:58 +00:00
Scott Graham
a16a7fd4ef win: Make DumpAndCrash() always terminate, and tidy up special codes
Upstreaming with tidying up of
https://codereview.chromium.org/2377693002/.

R=mark@chromium.org
BUG=chromium:634418

Change-Id: Ie8b3b673c8d2a06c5cc918a034688aa9396cfbf4
Reviewed-on: https://chromium-review.googlesource.com/390436
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-29 04:44:20 +00:00
Scott Graham
5a6c961658 Add metric for handler crash on Windows
R=mark@chromium.org
BUG=crashpad:100

Change-Id: I80de83d133cd9968af17e50798d6a5c6bd121b4b
Reviewed-on: https://chromium-review.googlesource.com/390480
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-28 20:43:24 +00:00
Scott Graham
ac6c01b575 Add metrics for tracking uploads
Three new metrics:
- counting upload success/failure;
- enum tracking the reason upload was skipped;
- enum describing how an upload got to the pending state.

R=mark@chromium.org, asvitkine@chromium.org
BUG=crashpad:100

Change-Id: I5e0cbc1ac3424e974f3a51560e5cdad484ffc038
Reviewed-on: https://chromium-review.googlesource.com/388855
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-26 22:09:32 +00:00
Scott Graham
72a12e2e94 Make UMA for exception code OS-specific
R=wfh@chromium.org, mark@chromium.org
BUG=crashpad:100

Change-Id: I9368168405d1bd761ae6205955968264543541c4
Reviewed-on: https://chromium-review.googlesource.com/386989
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-19 21:57:18 +00:00
Scott Graham
b48e9bfbab Add UMA to exception handler exception catching
Includes mini_chromium DEPS roll for:
88e0a3e Add stub of sparse_histogram.h

R=mark@chromium.org
BUG=crashpad:100

Change-Id: I4c541a33be0f7f47e972af638d4765bd06682acf
Reviewed-on: https://chromium-review.googlesource.com/386385
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-19 18:10:31 +00:00
Scott Graham
27aeb2c9da Upstream Chromium UMA integration
Unmodified from https://codereview.chromium.org/2308763002/ other than
to add empty arguments to test code (that doesn't build in Chrome).

Requires https://chromium-review.googlesource.com/c/386236/.

Rolls mini_chromium to include:
438bd4f4 Add stub of persistent_histogram_allocator.h

R=mark@chromium.org
BUG=crashpad:100

Change-Id: Ibc88338ae2fd40a5a4ade7ff098be2bc19511543
Reviewed-on: https://chromium-review.googlesource.com/386084
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-09-16 20:23:06 +00:00
Scott Graham
357c7c7b7b win: Add some explanation of .com/.exe for crashpad_handler
R=mark@chromium.org
BUG=

Change-Id: Iedc42c7a157967c6fc316c04bb0bbb1f97dadf8d
Reviewed-on: https://chromium-review.googlesource.com/371963
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-08-24 23:01:15 +00:00
Scott Graham
866e60749c Add >nul to editbin command to suppress \n in build output
R=mark@chromium.org

Change-Id: Ie22b12e42196f3fa3ce797ad04ffc38981f6e9ac
Reviewed-on: https://chromium-review.googlesource.com/374084
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-08-24 22:54:27 +00:00
Gayane Petrosyan
b35ee1fca1 Adding support for on-demand uploads.
In order to allow on-demand uploads for crash reports, adding a
upload_explicitly_requested bit on 'pending' state and necessary support
for it.

BUG=chromium:620762

Change-Id: Ida38e483fe8d0e48eb5cbe95e8b8bfd96a2f8f00
Reviewed-on: https://chromium-review.googlesource.com/367328
Reviewed-by: Mark Mentovai <mark@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-08-24 21:57:02 +00:00
Scott Graham
660a5e69d6 win: switch crashpad_handler.exe to /subsystem:windows and add .com
This switches the default behaviour of crashpad_handler.exe to be a
/subsystem:windows app, so that normal usage won't cause a console to be
popped up. At the same time, creates a copy of crashpad_handler.exe in
the output dir named crashpad_handler.com. The .com doesn't affect
normal operation, as the way StartHandler() uses CreateProcess()
requires a real path to a file. However, when run from a command prompt,
.com are found before .exe, so editbin the .com to be to a console app,
which will be run in preference to the exe when run as just
"crashpad_handler", as one tends to do from a command prompt when
debugging. That is:

  d:\src\crashpad\crashpad\out\Debug>where crashpad_handler
  d:\src\crashpad\crashpad\out\Debug\crashpad_handler.com
  d:\src\crashpad\crashpad\out\Debug\crashpad_handler.exe

  d:\src\crashpad\crashpad\out\Debug>crashpad_handler --help
  Usage: crashpad_handler [OPTION]...
  ...

  d:\src\crashpad\crashpad\out\Debug>crashpad_handler.exe --help
  <no output>

  d:\src\crashpad\crashpad\out\Debug>crashpad_handler.com --help
  Usage: crashpad_handler.com [OPTION]...
  ...

We also use the .com file in test invocations so that output streams
will be visible.

R=mark@chromium.org

Change-Id: I1a27f88472d491b2a1d76e63c45e6415d9f679c0
Reviewed-on: https://chromium-review.googlesource.com/371578
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-08-17 20:50:47 +00:00
Scott Graham
ab01df1ffe win: Adjust thread suspend count for DumpAndCrashTargetProcess() case
Because DumpAndCrashTargetProcess() suspends the process, the thread
suspend count is one too high for all threads other than the injection
one in the thread snapshots. Compensate for this when we detect this
type of exception.

BUG=crashpad:103

Change-Id: Ib77112fddf5324fc0e43f598604e56f77d67ff54
Reviewed-on: https://chromium-review.googlesource.com/340372
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-05-02 18:39:29 +00:00
Scott Graham
a02ba24006 Convert from scoped_ptr to std::unique_ptr
Follows https://codereview.chromium.org/1911823002/ but fixes includes
that were messed up there.

Change-Id: Ic4bad7d095ee6f5a1c9f8ca2d11ac9e67d55a626
Reviewed-on: https://chromium-review.googlesource.com/340497
Reviewed-by: Robert Sesek <rsesek@chromium.org>
2016-04-25 19:16:26 +00:00
Scott Graham
6a6a0c27ed win: Support dumping another process by causing it to crash
Adds a new client API which allows causing an exception in another
process. This is accomplished by injecting a thread that calls
RaiseException(). A special exception code is used that indicates to the
handler that the exception arguments contain a thread id and exception
code, which are in turn used to fabricate an exception record. This is
so that the API can allow the client to "blame" a particular thread in
the target process.

The target process must also be a registered Crashpad client, as the
normal exception mechanism is used to handle the exception.

The injection of a thread is used instead of DebugBreakProcess() which
does not cause the UnhandledExceptionFilter() to be executed.
NtCreateThreadEx() is used in lieu of CreateRemoteThread() as it allows
passing of a flag which avoids calling DllMain()s. This is necessary to
allow thread creation to succeed even when the target process is
deadlocked on the loader lock.

BUG=crashpad:103

Change-Id: I797007bd2b1e3416afe3f37a6566c0cdb259b106
Reviewed-on: https://chromium-review.googlesource.com/339263
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-04-22 17:27:58 +00:00
Scott Graham
dbfcb5d032 win: Cap indirect memory gathering
Add a user-configurable cap on the amount of memory that is gathered by
dereferencing thread stacks. (SyzyAsan stores a tremendously large
number of pointers on the stack, so the dumps were ending up in the ~25M
range.)

Also reduce the range around pointers somewhat.

Change-Id: I6bce57d86bd2f6a796e1580c530909e089ec00ed
Reviewed-on: https://chromium-review.googlesource.com/338463
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-04-22 17:04:33 +00:00
Scott Graham
c307f94f19 Support custom streams in the minidump
BUG=crashpad:95

Change-Id: Iee956906651dfd56e0ae3d2bcec82daabdc97067
Reviewed-on: https://chromium-review.googlesource.com/329733
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-03-02 17:39:34 +00:00
Scott Graham
7217cc0a8f Support client-specified extra memory ranges
Change-Id: I378e2513a4894fb1548445b660bb3db86e281572
Reviewed-on: https://chromium-review.googlesource.com/329564
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-02-29 22:16:13 +00:00
Scott Graham
badfacccee win: Add support for capturing unloaded modules
R=mark@chromium.org
BUG=crashpad:89

Change-Id: Ib6a67147e538811168d68f14a457fdceab30c02e
Reviewed-on: https://chromium-review.googlesource.com/327231
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-02-18 00:55:38 +00:00
Scott Graham
feb3aa3923 win: Capture memory pointed to by the stack
Change-Id: Ide75475aa9c42edf36c3a709bfc7dfbfed68b0d3
Reviewed-on: https://chromium-review.googlesource.com/322261
Reviewed-by: Mark Mentovai <mark@chromium.org>
2016-01-29 18:13:19 +00:00
Mark Mentovai
88eea80ad3 Add an “external” mode for obtaining dependencies
This augments the standalone and in-Chromium models with an external
model, in which the dependencies and Crashpad are checked out as
siblings in the same directory, organized according to this structure:

  root/crashpad[/README]
  root/gmock[/include/gmock/gmock.h]
  root/gtest[/include/gtest/gtest.h]
  root/gyp[/pylib/gyp]
  root/mini_chromium[/build/common.gypi]

This is the directory structure used in google3.

Change-Id: Ie300ead7cd085265933e4ed891509ce050e995e2
Reviewed-on: https://chromium-review.googlesource.com/324230
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Scott Graham <scottmg@chromium.org>
2016-01-27 21:13:28 +00:00
Scott Graham
417097b91f win: Better setting of DI for register capture test
The previous approach was nice for its simplicity, but unfortunately
didn't work when the compiler decided to do some of its confounded
"optimization".

R=mark@chromium.org
BUG=crashpad:86, chromium:571144

Review URL: https://codereview.chromium.org/1563273004 .
2016-01-10 13:32:20 -08:00
Scott Graham
5af9c42638 win: Capture some memory pointed at by context
R=mark@chromium.org
BUG=crashpad:86, chromium:571144

Review URL: https://codereview.chromium.org/1533183002 .
2016-01-08 17:24:04 -08:00
Scott Graham
330adfb029 Allow disabling upload rate-limiting in crashpad_handler
This is a temporary measure to try to account for lower than expected
upload volume from Chrome in the wild. So this doesn't fix bug 23, but
is related. The ability to delimit the upload rate is useful when
testing locally too.

R=mark@chromium.org
BUG=crashpad:23

Review URL: https://codereview.chromium.org/1563683002 .
2016-01-06 09:59:54 -08:00
Mark Mentovai
6d2d31d2d1 Use base/macros.h instead of base/basictypes.h
This was done in Chromium’s local copy of Crashpad in 562827afb599. This
change is similar to that one, except more care was taken to avoid
including headers from a .cc or _test.cc when already included by the
associated .h. Rather than using <stddef.h> for size_t, Crashpad has
always used <sys/types.h>, so that’s used here as well.

This updates mini_chromium to 8a2363f486e3a0dc562a68884832d06d28d38dcc,
which removes base/basictypes.h.

e128dcf10122 Remove base/move.h; use std::move() instead of Pass()
8a2363f486e3 Move basictypes.h to macros.h

R=avi@chromium.org

Review URL: https://codereview.chromium.org/1566713002 .
2016-01-06 12:22:50 -05:00
Mark Mentovai
c46a676624 Use std::move() in PruneCrashReportThread
Crashpad uses std::move() as of 6bebb1082933. scoped_ptr<>::Pass() will
be unavailable once mini_chromium is updated to or past e128dcf10122.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1562793002 .
2016-01-06 12:15:00 -05:00
Robert Sesek
18a2941305 Create the PruneCrashReportsThread in the handler.
This will prune the database on a daily basis, in accordance with the specified
condition.

BUG=crashpad:22
R=mark@chromium.org

Review URL: https://codereview.chromium.org/1534503002 .
2016-01-05 15:09:00 -05:00
Robert Sesek
5e24471188 Fix build break after 6d829e9af7d7630422d8095747905015d347b3be.
../../handler/crash_report_upload_thread.cc:142:7: error: field 'database_' will be initialized after field 'thread_' [-Werror,-Wreorder]
      database_(database),
      ^
1 error generated.

And:

..\util\thread\worker_thread_test.cc(25) : warning C4244: 'initializing' : conversion from 'double' to 'const uint64_t', possible loss of data

BUG=crashpad:22
R=mark@chromium.org

Review URL: https://codereview.chromium.org/1556043005 .
2016-01-04 17:42:04 -05:00
Robert Sesek
6d829e9af7 Create WorkerThread, an abstraction to perform some work on an interval.
This was extracted from CrashReportUploadThread and will be re-used for the
database pruning thread.

BUG=crashpad:22
R=mark@chromium.org

Review URL: https://codereview.chromium.org/1526563003 .
2016-01-04 17:10:58 -05:00
Mark Mentovai
583d1dc3ef Provide std::move() in compat instead of using crashpad::move()
This more-natural spelling doesn’t require Crashpad developers to have
to remember anything special when writing code in Crashpad. It’s easier
to grep for and it’s easier to remove the “compat” part when pre-C++11
libraries are no longer relevant.

R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1513573005 .
2015-12-09 17:36:32 -05:00
Scott Graham
e9a843c626 win: Set shutdown order to make the handler shutdown as late as possible
At the default level, we might be terminated before the process we're
watching, which would mean missing shutdown crashes.

R=mark@chromium.org
BUG=crashpad:84

Review URL: https://codereview.chromium.org/1505423002 .
2015-12-08 16:55:02 -08:00
Mark Mentovai
7efdc94f59 Fixes for Chromium checkperms.py PRESUBMIT
BUG=chromium:472900
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1508193002 .
2015-12-08 16:24:54 -05:00
Scott Graham
894a06070e win: Fix some warnings reported by /analyze
Reported by brucedawson@chromium.org.

R=mark@chromium.org
BUG=chromium:427616

Review URL: https://codereview.chromium.org/1489293004 .
2015-12-02 13:52:03 -08:00
Dana Jansens
6bebb10829 Replace use of .Pass() with crashpad::move().
Since C++11 library support isn't available everywhere crashpad is
compiled, add our own move() method in the crashpad namespace to replace
std::move() for now. Replace uses of .Pass() with this method.

R=mark@chromium.org, scottmg@chromium.org
BUG=chromium:557422

Review URL: https://codereview.chromium.org/1483073004 .
2015-11-30 14:20:54 -08:00
Mark Mentovai
4a7d599b64 mac: Scope crashpad_handler’s SIGTERM handler more broadly
Previously, there was a window after starting the upload thread but
before the SIGTERM handler was installed, where receipt of SIGTERM
could have interrupted an in-progress upload. There was also the
possibility that a second SIGTERM sent after the exception handler
stopped running would interrupt an in-progress upload. By pulling the
signal handler out of ExceptionHandlerServer and into the main
function, these races are avoided.

BUG=crashpad:25
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1429353002 .
2015-11-09 16:29:25 -05:00
Scott Graham
6c1bd97df0 Fix compile after 20869d9
TBR=mark@chromium.org
BUG=chromium:546288

Review URL: https://codereview.chromium.org/1431813003 .
2015-11-06 10:59:33 -08:00
Scott Graham
20869d9468 Break crashpad_handler into lib and exe for Windows
I've heard/lived enough horror stories about AV, outbound-blocking
firewalls, etc. on Windows, that I think the best approach is to have
chrome.exe embed the majority of crashpad_handler and jump to it as
early as possible when running in that mode.

So, move most of crashpad_handler into a static_library with just main()
in the executable target.

R=mark@chromium.org
BUG=chromium:546288, crashpad:27

Review URL: https://codereview.chromium.org/1416873016 .
2015-11-06 10:52:09 -08:00
Mark Mentovai
827e045279 win: Fix build after 2eeaa3ac549a
Review URL: https://codereview.chromium.org/1424713008 .
2015-11-05 14:06:18 -05:00
Mark Mentovai
2eeaa3ac54 win: Add HandleToInt() and IntToHandle()
This consolidates all of the twisted casts and comments that discuss how
HANDLEs are really only 32 bits wide even in 64-bit processes on 64-bit
operating systems into a single location.

R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1422503015 .
2015-11-05 14:00:26 -05:00
Mark Mentovai
3e988865ad win: crashpad_handler should create its own pipe name in ephemeral mode
Allowing the client to create its own pipe name string caused a race
between client and server. Instead, in this mode, the server now creates
the pipe name along with a pipe, and returns it to its client via a
--handshake-handle. This guarantees that by the time the client gets the
pipe name, the server has already created it.

Ephemeral mode is now implied by --handshake-handle. The --persistent
option is gone. --persistent mode is enabled when using --pipe-name.

BUG=crashpad:69
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1432563003 .
2015-11-03 19:26:18 -05:00
Mark Mentovai
809affe793 mac: Add a mode to crashpad_handler to run from launchd
By invoking crashpad_handler with --mach-service instead of
--handshake-fd, the handler will run as a well-behaved launchd job. The
launchd job may be as a launch agent or launch daemon, or be submitted
to launchd by on_demand_service_tool.

BUG=crashpad:25
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1414533006 .
2015-11-03 19:20:29 -05:00
Mark Mentovai
ee6fc23fb3 mac: Restart crashpad_handler from the initial client if it dies
BUG=crashpad:68
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1413033007 .
2015-11-03 19:13:48 -05:00
Mark Mentovai
7f939285de win: Rename CrashpadClient::SetHandler() to SetHandlerIPCPipe()
In https://codereview.chromium.org/1414533006/, I'm adding a few
Mac-specific SetHandler() variants, so it makes sense to name each
SetHandler() variant for what it does.

I'm also making it take a wstring argument, which seems like a more
natural fit for what it does. There should be fewer string conversions
this way.

R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1406993008 .
2015-11-02 17:00:06 -05:00
Mark Mentovai
740c668e87 win: Implement CrashpadClient::StartHandler()
BUG=crashpad:69
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1428803006 .
2015-11-02 13:59:36 -05:00
Scott Graham
4860f64923 win: Handle binary with embedded CodeView debug record
I considered writing the CodeView records to the minidump, but I didn't
find a ton of docs and debugging is only lightly supported (e.g.
http://www.debuginfo.com/articles/gendebuginfo.html#debuggersandformats
and it doesn't attempt to load at all on more recent Visual Studios).

As we won't be generating symbols in this format, and we don't expect to
have symbols for any weird modules that get injected into us in the
wild, it seems like we don't lose anything by just ignoring them.

R=mark@chromium.org
BUG=crashpad:47

Review URL: https://codereview.chromium.org/1430773003 .
2015-10-31 11:45:39 -07:00
Mark Mentovai
c1b841442f mac: Add NotifyServer::DefaultInterface, a default no-op implementation
Each routine in this implementation returns MIG_BAD_ID. These routines
may be overridden.

Most things that implement NotifyServer::Interface will only need to
implement one of the interface routines. Since another user of
NotifyServer will be added soon, it makes sense to provide a default
no-op implementation rather than forcing everyone to write the same
no-op boilerplate repeatedly.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1414413006 .
2015-10-30 15:44:40 -04:00
Mark Mentovai
fc7d8b3a27 mac: Make crashpad_handler get its receive right from its client
Previously, crashpad_handler made its own receive right, and transferred
a corresponding send right to its client. There are two advantages to
making the receive right in the client:

 - It is possible to monitor the receive right for a port-destroyed
   notificaiton in the client, allowing the handler to be restarted if
   it dies.
 - For the future run-from-launchd mode (bug crashpad:25), the handler
   will obtain its receive right from the bootstrap server instead of
   making its own. Having the handler get its receive right from
   different sources allows more code to be shared than if it were to
   sometimes get a receive right and sometimes make a receive right and
   transfer a send right.

This includes a restructuring in crashpad_client_mac.cc that will make
it easier to give it an option to restart crashpad_handler if it dies.
The handler starting logic should all behave the same as before.

BUG=crashpad:68
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1409073013 .
2015-10-29 18:09:03 -04:00
Mark Mentovai
9d03d54d0b win: Construct ExceptionHandlerServer() with its pipe argument
This allows better code sharing in crashpad_handler’s main(). It doesn’t
look like much of an improvement now, but a separate change will cause
the Mac ExceptionHandlerServer() to be constructed with an argument. It
will be beneficial for Mac and Windows to be able to share the Run()
call.

R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1402333004 .
2015-10-29 15:12:23 -04:00
Mark Mentovai
062138106c mac: ChildPortHandshake: allow receive rights to be sent
The intended use is to flip the client-server relationship in
CrashpadClient so that the initial client (parent process) furnishes the
handler process with a receive right. The parent can optionally receive
a port-destroyed notification allowing it to restart the handler if it
exits prematurely.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1408473002 .
2015-10-29 14:14:15 -04:00
Scott Graham
90ef7475cd win: Validate readability of memory ranges added to minidump
R=mark@chromium.org
BUG=crashpad:59

Review URL: https://codereview.chromium.org/1412243005 .
2015-10-21 16:07:03 -07:00
Mark Mentovai
6c0d42ce9d Mach port scopers should use get() instead of type conversion operators
In https://codereview.chromium.org/1411523006, the Mach port scopers are
becoming better ScopedGenerics and are losing the type conversion
operators in the process. This is needed to adapt to that change. get()
is ugly, but being explicit about conversion isn’t a bad thing, and
these scopers will gain functionality such as Pass() as part of the
switch.

As a bonus, some would-be uses of get() to check for valid port rights
are becoming a more descriptive is_valid().

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1405273002 .
2015-10-20 11:03:25 -04:00
Mark Mentovai
d075a9eb2e win: Add and use GET_FUNCTION() and GET_FUNCTION_REQUIRED()
These wrap the GetProcAddress(LoadLibrary(), …) idiom into macros that
are much less wordy.

TEST=crashpad_util_test GetFunction.GetFunction and all others
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1405323003 .
2015-10-19 14:32:07 -04:00
Scott Graham
d1e49bd221 Fix CRITICAL_SECTION test
I thought I had confirmed that this still allocated and ignored the flag
on older OSs, but I must have not had the PLOG active yet? I'm not sure
what I did. (I might try to blame VMware as it has an annoying habit of
caching old binaries when you use it's "Shared Folders" feature to point
at the dev machine's build dir.)

I confirmed that it does work on Win8 and Win10 but doesn't on Win XP
and Win 7.

R=mark@chromium.org
BUG=crashpad:52

Review URL: https://codereview.chromium.org/1405243002 .
2015-10-16 14:55:14 -07:00
Scott Graham
4893a9b76d win: Capture some CRITICAL_SECTION debugging data
Capture the memory for the loader lock (can be inspected by !cs), as
well as all locks that were created with .DebugInfo which can be viewed
with !locks.

e.g.

0:000> !cs ntdll!LdrpLoaderLock
-----------------------------------------
Critical section   = 0x778d6410 (ntdll!LdrpLoaderLock+0x0)
DebugInfo          = 0x778d6b6c
NOT LOCKED
LockSemaphore      = 0x0
SpinCount          = 0x04000000

0:000> !locks -v

CritSec ntdll!RtlpProcessHeapsListLock+0 at 778d7620
LockCount          NOT LOCKED
RecursionCount     0
OwningThread       0
EntryCount         0
ContentionCount    0

CritSec +7a0248 at 007a0248
LockCount          NOT LOCKED
RecursionCount     0
OwningThread       0
EntryCount         0
ContentionCount    0

CritSec crashy_program!g_critical_section_with_debug_info+0 at 01342c48
LockCount          NOT LOCKED
RecursionCount     0
OwningThread       0
EntryCount         0
ContentionCount    0

CritSec crashy_program!crashpad::`anonymous namespace'::g_test_critical_section+0 at 01342be0
WaiterWoken        No
LockCount          0
RecursionCount     1
OwningThread       34b8
EntryCount         0
ContentionCount    0
*** Locked

Scanned 4 critical sections

R=mark@chromium.org
BUG=crashpad:52

Review URL: https://codereview.chromium.org/1392093003 .
2015-10-15 13:18:08 -07:00
Scott Graham
019a0cec8b win: Write memory map info as MINIDUMP_MEMORY_INFO[_LIST]
Makes !vprot work in windbg, e.g.

0:000> !vprot 0x970000
BaseAddress:       00970000
AllocationBase:    00970000
AllocationProtect: 00000004  PAGE_READWRITE
RegionSize:        00001000
State:             00001000  MEM_COMMIT
Protect:           00000001  PAGE_NOACCESS
Type:              00020000  MEM_PRIVATE

...

0:000> !vprot 0x97a000
BaseAddress:       0097a000
AllocationBase:    00970000
AllocationProtect: 00000004  PAGE_READWRITE
RegionSize:        00001000
State:             00001000  MEM_COMMIT
Protect:           00000140  PAGE_EXECUTE_READWRITE + PAGE_GUARD
Type:              00020000  MEM_PRIVATE

Follows https://codereview.chromium.org/1377133006.

R=mark@chromium.org
BUG=crashpad:20, crashpad:46

Review URL: https://codereview.chromium.org/1379873005 .
2015-10-13 13:15:44 -07:00
Mark Mentovai
553a643475 crashpad_database_util: Don’t create a database unless explicitly asked
I’ve accidentally created Crashpad databases when running
crashpad_database_util by mistyping the argument to --database. Typical
users of crashpad_database_util probably don’t want the database to be
created.

This adds a new --create option to crashpad_database_util that is
required to get it to create a database. If not present, a database will
not be created if it does not already exist.

TEST=crashpad_client_test CrashReportDatabaseTest.*
R=rsesek@chromium.org, scottmg@chromium.org

Review URL: https://codereview.chromium.org/1395653002 .
2015-10-08 13:10:02 -04:00
Mark Mentovai
08e5e10167 mac: Add --use-system-default-handler option to crashpad_handler
This is a weird option that causes crashpad_handler to discard the crash
handler it inherited and replace it with the system default. Its use is
not recommended.

BUG=chromium:538373
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1391463002 .
2015-10-06 14:15:18 -04:00
Mark Mentovai
ca2925e2a0 mac: Revise incorrect comments about EXC_RESOURCE and EXC_GUARD
launchd actually does set the EXC_RESOURCE and EXC_GUARD handlers
exactly the same way that it sets the EXC_CRASH handler. See 10.9.5
launchd-842.92.1/src/core.c job_setup_exception_port().

Cases where an EXC_CRASH handler is set but EXC_RESOURCE and EXC_GUARD
handlers are not set occur when the exception ports are set by
/usr/bin/login instead of launchd. login looks up the
exception-reporting service by name and sets the exception port without
including EXC_MASK_RESOURCE or EXC_MASK_GUARD in the mask. See 10.10.5
system_cmds-643.30.1/login.tproj/login.c main().

login is a setuid executable, so it does not inherit its parent process’
exception handlers. See 10.10.5 xnu-2782.40.9/osfmk/kern/ipc_tt.c
ipc_task_reset().

Terminal.app executes login when establishing its command-line
environment, so the exception handlers set for Terminal.app itself
(including EXC_MASK_CRASH, EXC_MASK_RESOURCE, and EXC_MASK_GUARD) are
discarded, and then login sets an exception handler only for
EXC_MASK_CRASH. The same thing occurs for any other process descended
from login, including SSH sessions, because sshd executes login.

This is a bug in login filed as Apple radar 22978644. This bug led to a
misunderstanding about the use of EXC_RESOURCE and EXC_GUARD. Comments
that discuss this behavior are now reworded to be accurate, and
non-fatal EXC_RESOURCE exceptions are made eligible for forwarding to
the user ReportCrash (because it would normally handle them in the
absence of Crashpad) while Crashpad itself will still skip processing
them.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1391453002 .
2015-10-05 17:09:45 -04:00
Mark Mentovai
cd85c9f700 mac: Add CrashpadClient::UseSystemDefaultHandler()
Chrome’s relauncher process needs a way to sever ties with the
crashpad_handler instance running from the disk image in order to cause
that instance to exit so that the disk image may be unmounted. This new
function is otherwise not thought to be interesting, and its use is not
recommended.

This comes with a small refactoring to create a
SystemCrashReporterHandler() function, and a fix for a minor port leak
in CrashReportExceptionHandler::CatchMachException().

BUG=chromium:538373
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1375573005 .
2015-10-02 14:40:38 -04:00
Scott Graham
ecf3b37863 win: Save contents of TEBs allowing !teb and !gle to work in windbg
crashy_program's log looks something like this now:

0:000> .ecxr
eax=00000007 ebx=7f24e000 ecx=7f24d000 edx=00000000 esi=00497ec8 edi=00d39ca0
eip=00cf5d12 esp=001ffcd8 ebp=001ffcdc iopl=0         nv up ei ng nz ac po cy
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010293
crashy_program+0x5d12:
00cf5d12 ??              ???
0:000> !teb
TEB at 7f24d000
    ExceptionList:        001ff548
    StackBase:            00200000
    StackLimit:           001fd000
    SubSystemTib:         00000000
    FiberData:            00001e00
    ArbitraryUserPointer: 00000000
    Self:                 7f24d000
    EnvironmentPointer:   00000000
    ClientId:             00003658 . 00004630
    RpcHandle:            00000000
    Tls Storage:          7f24d02c
    PEB Address:          7f24e000
    LastErrorValue:       2
    LastStatusValue:      c000000f
    Count Owned Locks:    0
    HardErrorMode:        0
0:000> !gle
LastErrorValue: (Win32) 0x2 (2) - The system cannot find the file specified.
LastStatusValue: (NTSTATUS) 0xc000000f - {File Not Found}  The file %hs does not exist.

R=mark@chromium.org
BUG=crashpad:46

Review URL: https://codereview.chromium.org/1364803004 .
2015-10-01 14:04:49 -07:00
Scott Graham
d7f90b45b6 win: Fix incorrect thread suspend count due to ScopedProcessSuspend
After https://codereview.chromium.org/1303173011/, the thread suspend
count would be one too large because the count is adjusted when the
process is suspended. Counteract this by passing in whether the
process is suspended or not so that the thread's suspension count
can be adjusted.

Add a test to sanity-check thread suspend count.

R=mark@chromium.org

Review URL: https://codereview.chromium.org/1326443007 .
2015-09-09 12:29:29 -07:00
Scott Graham
5111a1823f win: Implement and use ScopedProcessSuspend
R=mark@chromium.org
BUG=crashpad:1

Review URL: https://codereview.chromium.org/1303173011 .
2015-09-08 10:09:26 -07:00
Mark Mentovai
1c7843bd44 Fix relative path in crashpad_handler.ad
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1325343003 .
2015-09-04 14:51:32 -04:00
Mark Mentovai
9086d25ce8 Don’t trigger EXC_CORPSE_NOTIFY on OS X 10.11
CrashReportExceptionHandler::CatchMachException() must always set a
valid new_state. Failing to do so appears to trigger corpse generation
on OS X 10.11. This is addressed by calling ExcServerCopyState().
Previously, this was not done for exceptions forwarded to the user
ReportCrash, under the apparent mistaken assumption that ReportCrash
would do it. However, ReportCrash is given copies of out-parameters like
new_state to explicitly prevent it from influencing Crashpad’s returned
state.

ExcServerSuccessfulReturnValue() must not return MACH_RCV_PORT_DIED for
an EXC_CRASH handler on OS X 10.11. This appears to trigger corpse
generation. This is addressed by always returning KERN_SUCCESS from
EXC_CRASH handlers on OS X 10.11.

This also adds generic EXC_CORPSE_NOTIFY support throughout Crashpad.
The crashpad_handler does not listen for this exception type, but it is
now possible to work with this exception type using tools like
exception_port_tool and catch_exception_tool.

BUG=crashpad:48
TEST=Crashes handled by crashpad_handler do not result in the generation
     of reports in the root /Library/Logs/DiagnosticReports.

R=kerrnel@chromium.org, rsesek@chromium.org

Review URL: https://codereview.chromium.org/1305893010 .
2015-09-04 14:29:12 -04:00
Scott Graham
5de461e8c8 Refactor handler/main for Windows, implement CrashHandlerExceptionServer
BUG=crashpad:1
R=mark@chromium.org

Review URL: https://codereview.chromium.org/1314093002 .
2015-09-03 13:31:19 -07:00
Scott Graham
6978bf7646 win: Crash handler server
This replaces the registration server, and adds dispatch to a delegate
on crash requests.

(As you are already aware) we went around in circles on trying to come
up with a slightly-too-fancy threading design. All of them seemed to
have problems when it comes to out of order events, and orderly
shutdown, so I've gone back to something not-too-fancy.

Two named pipe instances (that clients connect to) are created. These
are used only for registration (which should take <1ms), so 2 should be
sufficient to avoid any waits. When a client registers, we duplicate
an event to it, which is used to signal when it wants a dump taken.

The server registers threadpool waits on that event, and also on the
process handle (which will be signalled when the client process exits).
These requests (in particular the taking of the dump) are serviced
on the threadpool, which avoids us needing to manage those threads,
but still allows parallelism in taking dumps. On process termination,
we use an IO Completion Port to post a message back to the main thread
to request cleanup. This complexity is necessary so that we can
unregister the threadpool waits without being on the threadpool, which
we need to do synchronously so that we can be sure that no further
callbacks will execute (and expect to have the client data around
still).

In a followup, I will readd support for DumpWithoutCrashing -- I don't
think it will be too difficult now that we have an orderly way to
clean up client records in the server.

R=cpu@chromium.org, mark@chromium.org, jschuh@chromium.org
BUG=crashpad:1,crashpad:45

Review URL: https://codereview.chromium.org/1301853002 .
2015-09-03 11:06:17 -07:00
Mark Mentovai
899821d4c7 Fix -Winconsistent-missing-override in CrashReportUploadThread
Chromium builds with a newer clang than the Crashpad buildbot, and it
reports:

../../../handler/crash_report_upload_thread.cc:148:16: error: 'ThreadMain' overrides a member function but is not marked 'override' [-Werror,-Winconsistent-missing-override]
  virtual void ThreadMain() {
               ^
../../../util/thread/thread.h:46:16: note: overridden virtual function is here
  virtual void ThreadMain() = 0;
               ^
1 error generated.

R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1302833002 .
2015-08-19 22:41:46 -04:00
Scott Graham
4f2d2018de Fix port of CrashReportUploadThread to windows
util/thread/ doesn't automatically start, contrary to previous pthread
implementation.

Thanks to mihnea@arkaos.net for the patch.

R=mark@chromium.org
BUG=https://codereview.chromium.org/1295363002/#msg5

Review URL: https://codereview.chromium.org/1286383006 .
2015-08-19 09:41:46 -07:00
Scott Graham
86419cf788 Port CrashReportUploadThread to Windows
Just a simple port now that we have a common Thread class.
Compiled but not yet in use on Windows.

R=mark@chromium.org
BUG=crashpad:1

Review URL: https://codereview.chromium.org/1295363002 .
2015-08-18 15:34:10 -07:00
Erik Wright
9ff3d9335f Introduce RegistrationServer, which implements a Crashpad client registration protocol for Windows.
BUG=
R=cpu@chromium.org, scottmg@chromium.org

Review URL: https://codereview.chromium.org/1126783004
2015-05-26 14:31:04 -04:00
Scott Graham
69d135acda win: make CrashpadInfo retrievable
The main goal was to get the beginnings of module iteration and retrieval
of CrashpadInfo in snapshot. The main change for that is to move
crashpad_info_client_options[_test] down out of mac/.

This also requires adding some of the supporting code of snapshot in
ProcessReaderWin, ProcessSnapshotWin, and ModuleSnapshotWin. These are
partially copied from Mac or stubbed out with lots of TODO annotations.
This is a bit unfortunate, but seemed like the most productive way to
make progress incrementally. That is, it's mostly placeholder at the
moment, but hopefully has the right shape for things to come.

R=mark@chromium.org
BUG=crashpad:1

Review URL: https://codereview.chromium.org/1052813002
2015-05-01 13:48:23 -07:00
Mark Mentovai
1baff4ff92 Accept non-fatal resource exceptions without generating crash reports.
This adds IsExceptionNonfatalResource() and its test, and uses it in
crashpad_handler. When non-fatal resource exceptions are encountered, no
crash report is generated. crashpad_handler swallows these exceptions.
Alternatively, it could allow them to be sent to the system’s host-level
resource exception handler, normally com.apple.ReportCrash.root, which
would allow them to be processed in the same way as when Crashpad is not
in use. I’m not sure which option is better. I chose to swallow them
because there doesn’t appear to be much value in letting
com.apple.ReportCrash.root and spindump look at them.

This also moves ExcCrashRecoverOriginalException() to the new file as a
sibling of IsExceptionNonfatalResource(). This provides better
organization.

BUG=crashpad:35, chromium:474163, chromium:474326
TEST=crashpad_util_test ExceptionTypes.IsExceptionNonfatalResource
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1066243002
2015-04-08 17:46:09 -04:00
Mark Mentovai
ab23906193 crashpad_database_util: add --new-report.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1018853006
2015-04-03 18:57:01 -04:00
Mark Mentovai
e1347a740c Handle EXC_RESOURCE and EXC_GUARD exceptions properly.
These two exception types use all 64 bits of the code[0] field.  The
ExceptionSnapshot was unprepared to stuff this into a 32-bit field.  To
resolve the discrepancy, the more-significant data is taken from the
high 32 bits of code[0]. No information is lost because the full code[0]
is made available as part of the Codes() vector.

BUG=crashpad:34
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1050313003
2015-04-02 15:49:51 -04:00
Mark Mentovai
40b1d7cb1d Add ConstThreadState to mach_extensions.h and use it everywhere.
TEST=everything
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1058523002
2015-04-02 15:28:28 -04:00
Mark Mentovai
332e8219ed Migrate content from wiki.
The wiki existed at https://code.google.com/p/crashpad/wiki, but given
Google Code Project Hosting’s impending shutdown[1], it’s prudent to
move wiki documents into the source code repository.

This change moves the existing contents of doc into doc/support, to make
way for documentation in doc. The two existing wiki pages, ProjectStatus
and DevelopingCrashpad, are converted to AsciiDoc format (a fairly
straightforward conversion) and checked in to doc. generate_asciidoc.sh
is updated to produce HTML output from these files. The generated HTML
will show up at http://docs.crashpad.googlecode.com/git/doc/. Note that
generated HTML is still hosted on Google Code Project Hosting, but it’ll
be easy to find a new home for them.

[1]
http://google-opensource.blogspot.com/2015/03/farewell-to-google-code.html

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1055523002
2015-04-01 12:39:53 -04:00
Mark Mentovai
352160906b Add ExcServerCopyState().
ExcServerCopyState() properly sets the new_state and new_state_count
out-parameters for exception handler routines that may deal with
state-carrying exceptions.

This used to exist inline in catch_exception_tool, but that
implementation had a bug caught by the new test.

TEST=crashpad_util_test ExcServerVariants.ExcServerCopyState and others
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1049023003
2015-04-01 12:16:22 -04:00
Mark Mentovai
961141f4f5 Convert tabs to spaces in handler.gyp.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1040193002
2015-03-31 19:08:24 -04:00
Mark Mentovai
d5ddd14ee1 Improve map insertion operations.
Add MapInsertOrReplace<>() to insert a key-value pair into a map if the
key is not already present, or replace the existing value for key if the
key is present. The original value can optionally be returned to the
caller in this case.

Map insertions now use either MapInsertOrReplace<>() or
std::map<>::insert() directly.

Use MapInsertOrReplace<>() when the map should be updated to contain a
mapping from a key to a value regardless of whether the key is already
present.

Use std::map<>::insert() to insert a mapping from a key to a value
without replacing any existing mapping from a key, if present. If it is
important to know whether an existing mapping from a key was present,
use the returned std::pair<>.second. If it is important to know the
existing value, use the returned std::pair<>.first->second.

This change has a slight positive impact on performance.

TEST=crashpad_util_test MapInsert.MapInsertOrReplace and others
BUG=
R=scottmg@chromium.org

Review URL: https://codereview.chromium.org/1044273002
2015-03-31 14:29:32 -04:00
Mark Mentovai
6f4e6aacc8 Add crashpad_database_util and its man page.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1022663002
2015-03-19 18:41:01 -04:00
Mark Mentovai
af9e78940e Allow man pages to link to each other
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1018023002
2015-03-18 17:13:22 -04:00
Mark Mentovai
c052c97c7e Update crashpad_handler man page to document all options.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1009743004
2015-03-18 17:10:55 -04:00
Mark Mentovai
c2502f45c9 doc: Add documentation-generating scripts to the Crashpad tree.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1009223003
2015-03-18 17:10:12 -04:00
Mark Mentovai
1d022a86db handler/mac: Support the in-Chromium component=shared_library
configuration.

When depending on shared libraries such as libbase.dylib,
crashpad_handler must have an LC_RPATH pointing to the
out/{Debug,Release} directory relative to its home deep within
Chromium.app.

BUG=chromium:466964
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1009633002
2015-03-13 18:23:17 -04:00
Mark Mentovai
6bf80c3e48 Add MinidumpCrashpadInfo::report_id.
Now that Chrome’s about:crashes displays the crash report UUID, I wanted
to add it to the minidump. In the future, we may be able to index these
on the server. This will also help identify dumps that correspond to the
same event once we’re equipped to convert between different formats.

Ideally, this new field is populated with the same UUID used locally in
the crash report database. To make this work,
CrashReportDatabase::NewReport must carry the UUID. This was actually
part of CrashReportDatabaseWin’s private extension to NewReport, so that
extension subclass can now be cleaned up.

TEST=crashpad_minidump_test MinidumpCrashpadInfoWriter.*,
     crashpad_client_test CrashReportDatabaseTest.NewCrashReport

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1000263003
2015-03-13 13:00:56 -04:00
Robert Sesek
94471409a1 handler/mac: Increase the upload timeout from the default 15s to 60s.
R=mark@chromium.org

Review URL: https://codereview.chromium.org/1008623002
2015-03-12 18:51:00 -04:00
Mark Mentovai
29cdc74579 CrashpadClient::StartHandler(): accept database, url, and annotations arguments.
This makes it easier for clients to start the Crashpad handler, instead
of requiring them to know how to construct arguments for the handler
themselves. Note in the TEST that -a is no longer required.

TEST=run_with_crashpad --handler crashpad_handler \
         --database=/tmp/crashpad_db \
         --url=https://clients2.google.com/cr/staging_report \
         --annotation=prod=crashpad \
         --annotation=ver=0.7.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1001993002
2015-03-12 14:28:19 -04:00
Mark Mentovai
5f19d639e1 handler/mac: Log a warning when an exception message has a suspicious
origin.

This adds AuditPIDFromMachMessageTrailer() to get the process ID of a
Mach message’s sender. Exception messages are considered suspicious when
not sent by the kernel or the exception process.

TEST=crashpad_util_test
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/1001943002
2015-03-12 14:00:38 -04:00
Mark Mentovai
359bdd8622 Carry the client ID from the database all the way through upload.
The client ID is added to a new field, MinidumpCrashpadInfo::client_id,
in each minidump file that is written. The ProcessSnapshot::ClientID()
gives access to value at the snapshot level. In the upload thread,
client IDs are retrieved from minidump files and used to populate the
“guid” HTTP form parameter.

The Breakpad client supplies these values at upload without hyphens and
with all capital letters. Currently, the Crashpad client uses hyphens
and lowercase letters when communicating with a Breakpad server.

TEST=crashpad_minidump_test MinidumpCrashpadInfoWriter.*,
     crashpad_snapshot_test ProcessSnapshotMinidump.*,
     run_with_crashpad --handler crashpad_handler \
         -a --database=/tmp/crashpad_db \
         -a --url=https://clients2.google.com/cr/staging_report \
         -a --annotation=prod=crashpad \
         -a --annotation=ver=0.7.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/998033002
2015-03-11 17:10:50 -04:00
Mark Mentovai
9b7ff0ea5a Allow exception forwarding to the system’s native crash reporter to be
disabled.

ClientInfo::set_system_crash_reporter_forwarding() can be used to
disable forwarding. The first module that is found with a non-default
value in this field will dictate whether forwarding is enabled or
disabled. It is possible to enable or disable reporting with this call,
as well as reset it to default, which will allow later modules a chance
to influence the behavior.

ClientInfo::set_crashpad_handler_behavior() is also provided, which can
be used to disable Crashpad’s handling of the exception. Most users
should not call this, but should use Settings::SetUploadsEnabled()
instead.

TEST=crashpad_snapshot_test \
         CrashpadInfoClientOptions.*:MachOImageReader.Self_DyldImages; \
     run_with_crashpad --handler crashpad_handler \
         -a --database=/tmp/crashpad_db \
         -a --url=https://clients2.google.com/cr/staging_report \
         -a --annotation=prod=crashpad \
         -a --annotation=ver=0.7.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/997713002
2015-03-11 17:07:11 -04:00
Mark Mentovai
b8d2129bc1 handler/mac: Forward exceptions to the system crash reporter.
TEST=run_with_crashpad --handler crashpad_handler \
         -a --database=/tmp/crashpad_db \
         -a --url=https://clients2.google.com/cr/staging_report \
         -a --annotation=prod=crashpad \
         -a --annotation=ver=0.7.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/998733002
2015-03-10 17:09:59 -04:00
Mark Mentovai
42db629ee3 handler/mac: Respect the uploads-enabled user preference and rate-limit
upload attempts to no more than 1 per hour.

The rate limiting is simplistic but duplicates the existing Breakpad
client’s behavior, and is suitable for the time being.

TEST=run_with_crashpad --handler crashpad_handler \
         -a --database=/tmp/crashpad_db \
         -a --url=https://clients2.google.com/cr/staging_report \
         -a --annotation=prod=crashpad \
         -a --annotation=ver=0.7.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/992303002
2015-03-10 15:31:25 -04:00
Mark Mentovai
b665a0db07 Allow Crashpad to build in the Chromium tree.
When building in the Chromium tree, this swaps out Crashpad’s copies of
mini_chromium, gtest, and gmock for the equivalents provided by
Chromium. A GYP variable, crashpad_in_chromium, is used to determine the
behavior.

gclient doesn’t sync sub-DEPS, so when doing an in-Chromium build,
Crashpad’s copies of mini_chromium, gtest, and gmock are not available.

BUG=crashpad:12
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/986033002
2015-03-09 15:25:42 -04:00
Mark Mentovai
b256df0534 Set target_name on many targets to use a crashpad_ prefix.
In Chromium, many targets are built, sharing a single output directory.
Collisions are likely. When integrating Crashpad into Chromium, the
ui/snapshot library and Crashpad’s snapshot library were found to
conflict.

This change gives most Crashpad targets a “crashpad_” prefix to avoid
conflicts. All library and test targets are given a target_name with
this prefix. Existing tools are not likely to conflict with anything
else and are not given a prefix.

BUG=crashpad:12
R=rsesek@chromium.org, scottmg@chromium.org

Review URL: https://codereview.chromium.org/990553003
2015-03-08 16:25:34 -04:00
Mark Mentovai
b770a51f2b Set the chromium_code GYP variable.
When building in the Chromium tree, chromium_code is necessary to apply
Chromium’s build/filename_rules.gypi. Crashpad’s build depends on these
rules. chromium_code also enables a high warning level, which is
desirable for Crashpad.

BUG=crashpad:12
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/986873002
2015-03-08 15:17:22 -04:00
Mark Mentovai
79177046d3 Mac 10.6 SDK compatibility.
A couple of the problems related to not having a C++11 library:

 - You can’t put const elements into a std::vector<>, so
   CrashReportDatabase::GetPendingReports() and
   CrashReportDatabase::GetCompletedReports() need to change. There was
   no data-safety benefit to const elements.
 - std::string::pop_back() does not exist, another mechanism must be
   used to trim strings in BreakpadHTTPFormParametersFromMinidump().

One relates to a feature that does not exist in 10.6:

 - The O_CLOEXEC flag to open() was introduced in 10.7. Although it
   would be possible to use fcntl(..., F_SETFD, FD_CLOEXEC) on 10.6, the
   O_CLOEXEC behavior is just removed from
   CrashReportDatabaseMac::ObtainReportLock(), in line with other open()
   calls in Crashpad.

And one was a real bug:

 - #define __STDC_FORMAT_MACROS before #including <inttypes.h> to get
   format macros like SCNx32, used in UUID::InitializeFromString().

TEST=* (gyp_crashpad.py -Dmac_sdk=10.6 -Dmac_deployment_target=10.6)
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/987693004
2015-03-06 18:43:28 -05:00
Mark Mentovai
ae1ccf621b handler: Add report upload.
The handler is now capable of uploading crash reports from the database.
At present, only one upload attempt is made, and the report will be
moved to “completed” in the database after the attempt, regardless of
whether it succeeded or failed.

The handler also has support to push annotations from its command line
into the process annotations map of each crash report it writes. This is
intended to set basic information about each crash report, such as the
product ID and version. Each potentially crashy process can’t be relied
on to maintain this information on their own.

With this change, Crashpad is now 100% capable of running a handler that
maintains a database and uploads crash reports to a Breakpad-type server
such that Breakpad properly interprets the reports. This is all possible
from the command line.

TEST=run_with_crashpad --handler crashpad_handler \
         -a --database=/tmp/crashpad_db \
         -a --url=https://clients2.google.com/cr/staging_report \
         -a --annotation=prod=crashpad \
         -a --annotation=ver=0.6.0 \
         crashy_program

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/982613002
2015-03-05 15:40:47 -05:00
Mark Mentovai
4b6d54b2e1 handler: Add crash report upload. Almost.
Upload isn’t actually hooked up yet, but this establishes the upload
thread and provides all of the plumbing to process pending reports. For
the time being, SkipReportUpload() is called for all pending reports.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/918743002
2015-02-12 15:03:59 -05:00
Mark Mentovai
409742cd40 handler: Write crash reports to a crash report database.
R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/904493002
2015-02-04 18:32:42 -05:00
Mark Mentovai
588d7dba1c Add the crashpad_handler executable.
crashpad_handler is Crashpad’s exception handler server.

Currently, it runs a loop to receive exceptions, and exits when it no
longer has any clients. In the future, this will be extended to write
and potentially upload dumps.

The handler is expected to be started by its initial client via the
CrashpadClient interface.

R=rsesek@chromium.org

Review URL: https://codereview.chromium.org/789693005
2014-12-30 14:23:47 -05:00