When changing a module's start_addr to account for Android packed
relocations, also adjust its size field so that the apparent module
end addr calculated by the breakpad processor does not alter.
Ensures that the mapping entry from a packed library is consistent
with that which an unpacked one would produce.
BUG=499747
R=primiano@chromium.org, rmcilroy@chromium.org
Review URL: https://codereview.chromium.org/1211863002.
Patch from Simon Baldwin <simonb@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1465 4c0a9323-5329-0410-9bdc-e9ce6186880e
in valid code for Linux exploitability rating.
This CL adds to the Linux exploitability checker by verifying that the
instruction pointer is in valid code. Verification is done by obtaining a
memory mapping of the crash and checking if the instruction pointer lies in
an executable region. If there is no memory mapping, the instruction pointer
is checked to determine if it lies within a known module.
R=ivanpe@chromium.org
Review URL: https://codereview.chromium.org/1210493003
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1464 4c0a9323-5329-0410-9bdc-e9ce6186880e
The current code is relying on info->si_pid to figure out whether
the exception handler was triggered by a signal coming from the kernel
(that will re-trigger until the cause that triggered the signal has
been cleared) or from user-space e.g., kill -SIGNAL pid, which will NOT
automatically re-trigger in the next signal handler in the chain.
While the intentions are good (manually re-triggering user-space
signals), the current implementation mistakenly looks at the si_pid
field in siginfo_t, assuming that it is coming from the kernel if
si_pid == 0.
This is wrong. siginfo_t, in fact, is a union and si_pid is meaningful
only for userspace signals. For signals originated by the kernel,
instead, si_pid overlaps with si_addr (the faulting address).
As a matter of facts, the current implementation is mistakenly
re-triggering the signal using tgkill for most of the kernel-space
signals (unless the fault address is exactly 0x0).
This is not completelly correct for the case of SIGSEGV/SIGBUS. The
next handler in the chain will stil see the signal, but the |siginfo|
and the |context| arguments of the handler will be meaningless
(retriggering a signal with tgkill doesn't preserve them).
Therefore, if the next handler in the chain expects those arguments
to be set, it will fail.
Concretelly, this is causing problems to WebView. In some rare
circumstances, the next handler in the chain is a user-space runtime
which does SIGSEGV handling to implement speculative null pointer
managed exceptions (see as an example
http://www.mono-project.com/docs/advanced/runtime/docs/exception-handling/)
The fix herein proposed consists in using the si_code (see SI_FROMUSER
macros) to determine whether a signal is coming form the kernel
(and therefore just re-establish the next signal handler) or from
userspace (and use the tgkill logic).
Repro case:
This issue is visible in Chrome for Android with this simple repro case:
- Add a non-null pointer dereference in the codebase:
*((volatile int*)0xbeef) = 42
Without this change: the next handler (the libc trap) prints:
F/libc ( 595): Fatal signal 11 (SIGSEGV), code 1, fault addr 0x487
where 0x487 is actually the PID of the process (which is wrong).
With this change: the next handler prints:
F/libc ( 595): Fatal signal 11 (SIGSEGV), code 1, fault addr 0xbeef
which is the correct answer.
BUG=chromium:481937
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/6844002.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1461 4c0a9323-5329-0410-9bdc-e9ce6186880e
Shared libraries containing Android packed relocations have a load
bias that differs from the start address in /proc/$$/maps. Current
breakpad assumes that the load bias and mapping start address are
the same.
Fixed by changing the client to detect the presence of Android packed
relocations in the address space of a loaded library, and adjusting the
stored mapping start address of any that are packed so that it contains
the linker's load bias.
For this to work properly, it is important that the non-packed library
is symbolized for breakpad. Either packed or non-packed libraries may
be run on the device; the client detects which has been loaded by the
linker.
BUG=499747
R=primiano@chromium.org, rmcilroy@chromium.org
Review URL: https://codereview.chromium.org/1189823002.
Patch from Simon Baldwin <simonb@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1459 4c0a9323-5329-0410-9bdc-e9ce6186880e
This is to add build fingerprint and product name/version to
microdumps. Conversely to what happens in the case of minidumps
with MIME fields, due to the nature of minidumps, extra metadata
cannot be reliably injected after the dump is completed.
This CL adds the plumbing to inject two optional fields plus the
corresponding tests.
BUG=chromium:410294
R=thestig@chromium.org
Review URL: https://codereview.chromium.org/1125153008
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1456 4c0a9323-5329-0410-9bdc-e9ce6186880e
The current code is relying on info->si_pid to figure out whether
the exception handler was triggered by a signal coming from the kernel
(that will re-trigger until the cause that triggered the signal has
been cleared) or from user-space e.g., kill -SIGNAL pid, which will NOT
automatically re-trigger in the next signal handler in the chain.
While the intentions are good (manually re-triggering user-space
signals), the current implementation mistakenly looks at the si_pid
field in siginfo_t, assuming that it is coming from the kernel if
si_pid == 0.
This is wrong. siginfo_t, in fact, is a union and si_pid is meaningful
only for userspace signals. For signals originated by the kernel,
instead, si_pid overlaps with si_addr (the faulting address).
As a matter of facts, the current implementation is mistakenly
re-triggering the signal using tgkill for most of the kernel-space
signals (unless the fault address is exactly 0x0).
This is not completelly correct for the case of SIGSEGV/SIGBUS. The
next handler in the chain will stil see the signal, but the |siginfo|
and the |context| arguments of the handler will be meaningless
(retriggering a signal with tgkill doesn't preserve them).
Therefore, if the next handler in the chain expects those arguments
to be set, it will fail.
Concretelly, this is causing problems to WebView. In some rare
circumstances, the next handler in the chain is a user-space runtime
which does SIGSEGV handling to implement speculative null pointer
managed exceptions (see as an example
http://www.mono-project.com/docs/advanced/runtime/docs/exception-handling/)
The fix herein proposed consists in using the si_code (see SI_FROMUSER
macros) to determine whether a signal is coming form the kernel
(and therefore just re-establish the next signal handler) or from
userspace (and use the tgkill logic).
Repro case:
This issue is visible in Chrome for Android with this simple repro case:
- Add a non-null pointer dereference in the codebase:
*((volatile int*)0xbeef) = 42
Without this change: the next handler (the libc trap) prints:
F/libc ( 595): Fatal signal 11 (SIGSEGV), code 1, fault addr 0x487
where 0x487 is actually the PID of the process (which is wrong).
With this change: the next handler prints:
F/libc ( 595): Fatal signal 11 (SIGSEGV), code 1, fault addr 0xbeef
which is the correct answer.
BUG=chromium:481937
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/6844002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1454 4c0a9323-5329-0410-9bdc-e9ce6186880e
Despite the fact that many places imply that sigaction and rt_sigaction
are essentially the same, rt_sigaction's signature is actually
different-- it takes the size of the kernel's sigset_t as an extra argument.
BUG=473973
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1447 4c0a9323-5329-0410-9bdc-e9ce6186880e
The current processor implementation is grepping for /google-breakpad(
in the logcat lines, to filter out microdump lines, which by default
look like this:
W/google-breakpad( 3728): -----BEGIN BREAKPAD MICRODUMP-----
Turns out that logcat format can vary, when passing optional arguments,
and produce something like the following:
04-13 12:30:35.563 6531 6531 W google-breakpad: -----BEGIN ...
In the latter case, the "/google-breakpad(" filter is too aggressive.
This change is relaxing it, so it is compatible also with non-default
logcat arguments.
BUG=640
R=mmandlis@chromium.org
Review URL: https://breakpad.appspot.com/2864002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1442 4c0a9323-5329-0410-9bdc-e9ce6186880e
ACCESS_VIOLATION and IN_PAGE_ERROR both specify
read/write/dep flags and address. ACCESS_VIOLATION currently
reports these, but IN_PAGE_ERROR does not. This change makes
IN_PAGE_ERROR report this information as well, and also the
additional NTSTATUS value for the underlying cause.
Patch by bungeman@chromium.org
Review URL: https://breakpad.appspot.com/1794002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1441 4c0a9323-5329-0410-9bdc-e9ce6186880e
On Android L+, signal and sigaction symbols are provided by libsigchain
that override the system's versions. There is a bug in these functions
where they essentially ignore requests to install SIG_DFL.
Workaround this issue by explicitly performing a syscall to
__NR_rt_sigaction to install SIG_DFL on Android.
BUG=473973
Patch by Chris Hopman <cjhopman@chromium.org>
Review URL: https://breakpad.appspot.com/1804002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1438 4c0a9323-5329-0410-9bdc-e9ce6186880e
This is a reland of the previous CL (r1433). r1433 did not achieve what
intended and failed the x86_64 build of Chrome with NDK r10c.
The workaround logic in this CL is identical to r1433, but the #define
magic is applied in a more appropriate proper place this time. Turns
out Breakpad already has an Android compatibility layer, which is
common/android/include. Piggybacking the fix there.
BUG=breakpad:642
R=fdegans@chromium.org, rmcilroy@chromium.org
Review URL: https://breakpad.appspot.com/3794002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1434 4c0a9323-5329-0410-9bdc-e9ce6186880e
r1397 did introduce a workaround to deal with a typo in sys/user.h
in the Android NDK. The typo has been fixed in [1]. However, breakpad
cannot just switch to the fixed version as this would require atomic
rolls of Breakpad and NDK in chromium, which would make reverts hard
to handle.
This change introduces an inelegant yet functional hack which makes
breakpad compatible with both versions of the NDK, with and without
the typo. It can be reverted once Chrome has stably rolled to NDK
r10d.
[1] https://android.googlesource.com/platform/bionic/+/f485547b
BUG=breakpad:642
R=fdegans@chromium.org, rmcilroy@chromium.org
Review URL: https://breakpad.appspot.com/7814002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1433 4c0a9323-5329-0410-9bdc-e9ce6186880e
A recent change in the client-side microdump write (r1404) ended up
introducing a call to new() to instantiate the line buffer that
microdump uses to dump its lines. new/malloc is a luxury we cannot
afford in a compromised context.
This change switches the line buffer to be backed by the dumper
page allocator, which on Linux/Android ends up requesting pages
via mmap.
Also, the microdump write bails out without crashing if the page
allocator failed (crash during severe OOM).
BUG=640
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1432 4c0a9323-5329-0410-9bdc-e9ce6186880e
This feature is enabled only when "-s" is provided as a commandline option.
minidump_stackwalk.cc:
- Add a new commandline option "-s" to output stack contents.
- Instantiate Minidump object in PrintMinidumpProcess() to keep it alive longer so that accessing process_state.thread_memory_regions() in stackwalk_common.cc doesn't result in use-after-free.
stackwalk_common.cc:
- Add a new function PrintStackContents() to output stack contents.
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/9774002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1429 4c0a9323-5329-0410-9bdc-e9ce6186880e
A computation in the stack unwind algorithm could cause an overflow if a base
pointer read from crashed process is sufficiently close to top of address space.
This causes a memory read that causes the dump thread to crash, resulting in a
failure to generate crash dump. Check fixed to properly detect that this pointer
is greater than actual memory range of current stack.
Patch by Kyle Joswiak <kjoswiak@chromium.org>
Review URL: https://breakpad.appspot.com/3754003/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1425 4c0a9323-5329-0410-9bdc-e9ce6186880e
When LinuxCoreDumper fails to copy process data from a core file, it
fills the return buffer with a repeated sequence of a special marker.
However, MinidumpWriter doesn't know about that and may incorrectly
interpret the data. In many cases, MinidumpWriter simply copies the
gibberish data to the minidump, which isn't too bad. However, the
gibberish data may cause MinidumpWriter to behave badly in some other
cases. For example, when MinidumpWriter tries to iterate through the
linked list of all loaded DSOs via the r_map field of a r_debug struct,
if the linked list is filed with the special marker, the code keeps
iterating through the same address.
This CL addresses the issue by having LinuxCoreDumper::CopyFromProcess()
returns a Boolean value to indicate if the expected data is found from
the core file. MinidumpWriter can then decide how to handle that.
BUG=chromium:453484
TEST=Run core2md with the test data attached to chromium:453484.
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/4724002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1420 4c0a9323-5329-0410-9bdc-e9ce6186880e
problems.
- The ordering of keys in stl containers cannot change. Make the relevant
members const to guarantee this assumption.
- Add handling and logging for demangle errors.
- Fix a potential double-delete bug if a function passed to AddFunction() is
already present.
BUG=chromium:449214
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/10704002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1415 4c0a9323-5329-0410-9bdc-e9ce6186880e
gcc has a single exception setting for all languages. Saying -fno-exceptions
in gcc disables exceptions and cleanups for cc files, but has no effect for mm
files.
In clang, -fno-exceptions only disables c++ exceptions, but keeps objective-c
exceptions and cleanups enabled.
http://llvm.org/viewvc/llvm-project?view=revision&revision=220714 changed
__EXCEPTIONS to be defined for clang when cleanups are enabled, independent of
if c++ exceptions are enabled. (This was necessary to have clang work with
glibc which looks at __EXCEPTIONS to decide if cleanups are enabled.)
Breakpad tried to use __EXCEPTIONS to figure out if c++ exceptions are enabled.
In cc files, this works: -fno-exceptions will disable c++ exceptions and
cleanups. But in mm files, -fno-exceptions will disable c++ exceptions and
objective-c exceptions will still be enabled, and so cleanups must run and hence
__EXCEPTIONS is defined.
To make things work with both old and new compilers, do the try/catch hack in
mm files either if __EXCEPTIONS is not defined (for old compilers) or if the
compiler is clang and __has_feature(cxx_exceptions) isn't set (which will work
for new clangs too, and which cleanly maps to if c++ exceptions are enabled).
Patch by Nico Weber <thakis@chromium.org>
Review URL: https://breakpad.appspot.com/1774002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1409 4c0a9323-5329-0410-9bdc-e9ce6186880e
Previously, dump_syms did not handle DW_FORM_ref_addr if it appeared
in DWARF 4 debugging info.
Also fix a DW_FORM_ref_addr case so that it doesn't fall through to
the next switch case when assertions are disabled and the DWARF
version isn't recognised.
The following steps will reproduce the problem when using LLVM 3.4:
cat <<END >example1.c
int main() { return 0; }
END
cat <<END >example2.c
void foo(int x) {}
END
clang -emit-llvm -g -c example1.c -o example1.bc
clang -emit-llvm -g -c example2.c -o example2.bc
llvm-link-3.4 example1.bc example2.bc -o combined.bc
clang combined.bc -o executable
./google-breakpad/build/src/tools/linux/dump_syms/dump_syms executable
When using LLVM bitcode linking in this way, LLVM's backend generates
partially-merged DWARF debugging info in which some of the references
to the "int" type go via "DW_FORM_ref_addr". Since PNaCl uses LLVM
bitcode linking, this dump_syms failure occurs with nexes produced by
the PNaCl toolchain.
BUG= https://code.google.com/p/chromium/issues/detail?id=416368
TEST= see above
R=mark@chromium.org, mcgrathr@chromium.org
Review URL: https://breakpad.appspot.com/5744002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1408 4c0a9323-5329-0410-9bdc-e9ce6186880e
- Filter modules by prot flags (only +x) not extensions. It wouldn't
otherwise catch the case of Chrome mapping the library from the
apk (which is mapped r-x but doesn't end in .so).
- Use compile-time detection of target arch, in order to cope with
multilib OSes, where uname() doesn't reflect the run-time arch.
- Add OS information and CPU arch / count.
- Add support for aarch64.
- Add tests and stackwalk expectations for aarch64.
- Fix a potential overflow bug in the processor.
- Rebaseline the tests using smaller symbols.
- Fix microdump_writer_unittest.cc on 32-bit host.
BUG=chromium:410294
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1407 4c0a9323-5329-0410-9bdc-e9ce6186880e
and updating minidump_stackwalk to show process uptime.
I tested this with a minidump from Chrome and I got a result that
is inline with what the Windows debugger is showing for that dump:
minidump_stackwalk output:
--------------------------
Process uptime: 601 seconds
WinDBG output:
--------------
Process Uptime: 0 days 0:10:01.000
I didn't update the machine readable output of minidump_stackwalk
on purpose in order to avoid breaking someone that uses it.
It can be added later to the machine output if needed.
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/7754002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1406 4c0a9323-5329-0410-9bdc-e9ce6186880e
This introduces the microdump_stackwalk binary which takes advantage
of the MicrodumpProcessor to symbolize microdumps.
Its operation is identical to the one of minidump_stackwalk.
This CL, in fact, is also refactoring most of the common bits into
stackwalk_common.
BUG=chromium:410294
R=mmandlis@chromium.org
Review URL: https://breakpad.appspot.com/4704002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1405 4c0a9323-5329-0410-9bdc-e9ce6186880e
Adding an optional parameter --product to symupload.exe. If specified it will be passed to the symbol server as POST parameter 'product'.
As part of this, I'm also fixing:
- Removed the .vcproj file as it can be generated from the .gyp file on demand.
- error C4335: Mac file format detected. Fixed the line endings for omap.cc and dia_util.cc.
- warning C4003: not enough actual parameters for macro 'max'
Symupload.exe was compiled using MSVS 2013 and DIA SDK 12.0.
Review URL: https://breakpad.appspot.com/9734002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1402 4c0a9323-5329-0410-9bdc-e9ce6186880e
Microdumps are a very lightweight variant of minidumps. They are meant
to dump a minimal crash report on the system log (logcat on Android),
containing only the state of the crashing thread.
This is to deal with cases where the user has opted out from crash
uploading but we still want to generate meaningful information on the
device to pull a stacktrace for development purposes.
Conversely to conventional stack traces (e.g. the one generated by
Android's debuggerd or Chromium's base::stacktrace) microdumps do NOT
require unwind tables to be present in the target binary. This allows
to save precious binary size (~1.5 MB for Chrome on Arm, ~10 MB on
arm64).
More information and design doc on crbug.com/410294
BUG=chromium:410294
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1398 4c0a9323-5329-0410-9bdc-e9ce6186880e
This change introduces the necessary glue typedefs to deal with the
mismatch introduced by the latest Android NDK (w.r.t. desktop Linux):
- [x86_64] Rename fpregs mxcr_mask -> .mxcsr_mask
- [mips] uc_mcontext.fpregs.fp_r.fp_dregs -> uc_mcontext.fpreg
- [mips] restore the forked user.h
Submitting this on behalf of fdegans@chromium.orgTBR=mark@chromium.org
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1397 4c0a9323-5329-0410-9bdc-e9ce6186880e
Prior to NDK r10c, Breakpad was privately backporting these system
headers. This change is now unforking and removing those headers and
using the ones from the NDK.
Rationale:
- They are finally available in the NDK, so there is no need to keep
maintaining a fork (which was necessary up until recently to support
arm64).
- These forked headers, as they are today, are not compatible with the
latest NDK (i.e. this change is required to roll NDK r10c).
The forked ucontext.h, being removed by this CL, depends on some
transitional features which are not compatible with the NDK release
being targeted here.
After this change, the NDK r10c is now required to build Breakpad on
Android. Note that NDK releases are backwards compatible and contain all
the previous API levels, so this change is NOT effectively enforcing to
build against any particular Android SDK.
Submitting this on behalf of fdegans@chromium.org
BUG=chromium:358831
R=mark@chromium.org, primiano@chromium.org, rmcilroy@chromium.org
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1396 4c0a9323-5329-0410-9bdc-e9ce6186880e
This is a refactoring of the logic which determines the
module name and path for a given MappingInfo in minidump_writer.cc.
Such logic, which will be soon shared also with the upcoming
microdump_writer.cc, is simply being moved to linux_dumper.cc,
extracting a GetMappingEffectiveNameAndPath method.
No behavioral change is intended.
BUG=chromium:410294
R=thestig@chromium.org
Review URL: https://breakpad.appspot.com/7734002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1392 4c0a9323-5329-0410-9bdc-e9ce6186880e
Server is used is done by subtracting the crashing process creation time from
the current time when the crash is generated:
uptime = now - process_creation_time
There was a bug and instead of the process creation time the code was using the
time when the process was registered with the Crash Generation Server.
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/1744002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1391 4c0a9323-5329-0410-9bdc-e9ce6186880e
This change is a pure refactoring of the common bits of minidump_writer.cc
that will be shared soon with the upcoming microdump_writer.cc.
In particular, this CL is extracting the following classes:
- ThreadInfo: handles the state of the threads in the crashing process.
- RawContextCPU: typedef for arch-specific CPU context structure.
- UContextReader: Fills out a dump RawContextCPU structure from the
ucontext struct provided by the kernel (arch-dependent).
- SeccompUnwinder: cleans out the stack frames of the Seccomp sandbox
on the supported architectures.
- MappingInfo: handles information about mappings
BUG=chromium:410294
R=mmandlis@chromium.org
Review URL: https://breakpad.appspot.com/4684002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1388 4c0a9323-5329-0410-9bdc-e9ce6186880e
When parsing /proc/pid/maps, current code merges adjacent entries that
refer to the same library and where the start of the second is equal to
the end of the first, for example:
40022000-40025000 r-xp 00000000 b3:11 827 /system/lib/liblog.so
40025000-40026000 r--p 00002000 b3:11 827 /system/lib/liblog.so
40026000-40027000 rw-p 00003000 b3:11 827 /system/lib/liblog.so
When the system linker loads a library it first reserves all the address
space required, from the smallest start to the largest end address, using
an anonymous mapping, and then maps loaded segments inside that reservation.
If the loaded segments do not fully occupy the reservation this leaves
gaps, and these gaps prevent merges that should occur from occurring:
40417000-4044a000 r-xp 00000000 b3:11 820 /system/lib/libjpeg.so
> 4044a000-4044b000 ---p 00000000 00:00 0
4044b000-4044c000 r--p 00033000 b3:11 820 /system/lib/libjpeg.so
4044c000-4044d000 rw-p 00034000 b3:11 820 /system/lib/libjpeg.so
Where the segments that follow this gap do not contain executable code
the failure to merge does not affect breakpad operation. However, where
they do then the merge needs to occur. Packing relocations in a large
library splits the executable segment into two, resulting in:
73b0c000-73b21000 r-xp 00000000 b3:19 786460 /data/.../libchrome.2160.0.so
> 73b21000-73d12000 ---p 00000000 00:00 0
73d12000-75a90000 r-xp 00014000 b3:19 786460 /data/.../libchrome.2160.0.so
75a90000-75c0d000 rw-p 01d91000 b3:19 786460 /data/.../libchrome.2160.0.so
Here the mapping at 73d12000-75a90000 must be merged into 73b0c000-73b21000
so that breakpad correctly calculates the base address for text.
This change enables the full merge by also merging anonymous maps which
result from unused reservation, identified as '---p' with offset 0, and
which follow on from an executable mapping, into that executable mapping.
BUG=chromium:394703
R=rmcilroy@chromium.org, thestig@chromium.org
Review URL: https://breakpad.appspot.com/7714003
Patch from Simon Baldwin <simonb@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1380 4c0a9323-5329-0410-9bdc-e9ce6186880e
processing upcoming implementation.
dump_context.cc and dump_object.cc added in r/1370
microdump_processor.cc and microdump_processor_unittest.cc added in
r/1372
BUG=chromium:410294
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1373 4c0a9323-5329-0410-9bdc-e9ce6186880e
Adds the interfaces for MicrodumpProcessor (very similar to
MinidumpProcessor) and corresponding unittest stubs.
These stubs are required for multi-side integration and to start
rolling the updated processor library into the dependent projects.
BUG=chromium:410294
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1372 4c0a9323-5329-0410-9bdc-e9ce6186880e
This CL adds three features that will allow the client to upload the report
file.
Three main modifications are made :
- Allow upload url to have a file:// scheme, and write the HTTP request to file
in that case
- Split the request in two parts in case of a file:// scheme, the request
time and the response time. A new API [handleNetworkResponse] is added.
- Give the opportunity to the client to get the configuration NSDictionary
to be able to recreate the breakpad context at response time.
Patch by Olivier Robin <olivierrobin@chromium.org>
Review URL: https://breakpad.appspot.com/2764002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1368 4c0a9323-5329-0410-9bdc-e9ce6186880e
Using the vm_region_recurse API with a vm_region_submap_info_64
structure leads to a deviation in the structure when reading the user_tag
field.
Switching to the vm_region_recurse_64 API.
Patch by Olivier Robin <olivierrobin@chromium.org>
BUG=crbug/397133
Review URL: https://breakpad.appspot.com/4664002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1363 4c0a9323-5329-0410-9bdc-e9ce6186880e
This adds a new |-g <dSYM path>| flag to dump_syms, to specify the dSYM path for
the target Mach-O argument. The UUIDs and architectures of the two paths must
match in order to dump symbols for this "split module."
This reason for this is that for x86_64 binaries on OS X, the CFI data is stored
in the __TEXT,__eh_frame segment of the Mach-O file, and the data is not copied
into the dSYM by dsymutil. Therefore, just dumping the dSYM doesn't yield CFI
data for x86_64 files, and both the dSYM and the Mach-O file must be dumped in
order to produce a complete Breakpad symbol file. For i386 binaries, the CFI data
is stored in the __DWARF,__debug_frame segment, which is part of the dSYM, so
this isn't necessary.
BUG=https://code.google.com/p/chromium/issues/detail?id=393594R=mark@chromium.org
Review URL: https://breakpad.appspot.com/6704002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1359 4c0a9323-5329-0410-9bdc-e9ce6186880e
This GYP-ifies the src/processor and src/common directories on those platforms
as well. The Makefile build uses much more granular unittest executables, so
the new processor_unittests does not yet link because of multiple main() symbols,
but this will be fixed later.
Update issue 575
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/10674002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1358 4c0a9323-5329-0410-9bdc-e9ce6186880e
PageAllocator maps memory via sys_mmap(), implemented in
linux_syscall_support.h. We need to explicitly inform MSan that this memory is
initialized.
Patch by Sergey Matveev <earthdok@chromium.org>
BUG=chromium:394028
Review URL: https://breakpad.appspot.com/2744002/
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1356 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch makes two changes to breakpad to enable crash reporting to work correctly when the library is inside another file (an archive):
- Do not filter mappings which map an executable at a non-zero offset.
- If such an executable is mapped look in the ELF information for the
shared object name and use that name in the minidump.
Note this change doesn't care about the archive format and isn't Android
specific (though loading the shared library this way is currently only done on Android).
BUG=390618
R=thestig@chromium.org
Review URL: https://breakpad.appspot.com/7684002
Patch from Anton Carver <anton@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1355 4c0a9323-5329-0410-9bdc-e9ce6186880e
__system_property_get has been removed from the Android NDK for 'L' so Breakpad
no longer links. This CL just removes the call in WriteOSInformation because
Chrome already passes the build fingerprint as a crash key called "android_build_fp" in the crash report HTTP POST message.
BUG=394841,393903
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/1694002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1351 4c0a9323-5329-0410-9bdc-e9ce6186880e
After handling an uncaught NSException, release the Breakpad object
so there will not be a second crash dump logged.
Prior to this change, for every uncaught NSException handled through
the Breakpad::UncaughtExceptionHandler(), a second crash without
any useful information (generally __cxa_rethrow and std::__terminate)
is recorded.
R=qsr@chromium.org
Review URL: https://breakpad.appspot.com/9664002
Patch from Peter Lee <pkl@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1344 4c0a9323-5329-0410-9bdc-e9ce6186880e
This bug manifests itself on Android x64 (in ExceptionHandlerTest::ExternalDumper), but is possible on any platform.
The compiler is unaware of the code which runs in the signal handler which reads this variable. Without volatile the compiler is free to optimise away writes to this variable which it believes are never read.
BUG=381142, 346626
R=thestig@chromium.org
Review URL: https://breakpad.appspot.com/8664002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1343 4c0a9323-5329-0410-9bdc-e9ce6186880e
- Convert time_t values to UTC correctly. It is incorrect to cast a uint32_t*
to time_t* because the two types may have different widths. This is the
case on many 64-bit systems, where time_t is a 64-bit signed integer.
Conversion is unified in a single function, and additional uses of time_t
in minidump files not previously displayed in UTC are now displayed.
- Interpret the IMAGE_DEBUG_MISC structure correctly.
- When printing MINIDUMP_SYSTEM_INFO structures, always show the "x86" side
of the union, and state whether it's expected to be valid. (Existing
Breakpad-produced non-Windows minidumps for x86_64 use the "x86" side of
union, but Windows minidumps for x86_64 use the "other" side, so I want to
print both.)
R=ivanpe@chromium.org
Review URL: https://breakpad.appspot.com/5674002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1339 4c0a9323-5329-0410-9bdc-e9ce6186880e
This fixes exception_handler.cc:77:8: error: fields must have a constant size:
'variable length array in structure' extension will never be supported
char protected_buffer[PAGE_SIZE] __attribute__((aligned(PAGE_SIZE)));
BUG=None
TEST=breakpad builds on ios8
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/9654002
Patch from Justin Cohen <justincohen@chromium.org>.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1338 4c0a9323-5329-0410-9bdc-e9ce6186880e
This CL introduces "--sobasedir" command-line option to minidump-2-core.
By default, paths to shared lib files included in generated core file are
formatted as "/var/lib/breakpad/[GUID]libFoobar.so". By using "--sobasedir",
this will be "[user-supplied-path]libFoobar.so".
This option can be used to ease debugging minidump files from developer's local
builds. By specifying "minidump-2-core --sobasedir `pwd`/out/Debug/lib/
foobar.mdmp", user can load the generated core file in gdb without setting up
the symlinks for "/var/lib/breakpad".
BUG=None
A=kouhei@chromium.org
Original code review: https://breakpad.appspot.com/1214002/R=kouhei@chromium.org
Review URL: https://breakpad.appspot.com/1584002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1317 4c0a9323-5329-0410-9bdc-e9ce6186880e
This has a substantial performance improvement over using the getSymbolsByAddr iterator, especially on certain 64bit DLLS. e.g. Time to process chrome_child.dll drops from 51 minutes to 21 secs.
Note: new test data looks different because the ordering of lines is no longer by memory address. This does not affect processing. The test data has been manually compared to old data and matches (except additional PUBLIC symbols). Also, INFO lines are omitted because the source executable files are not checked in, so they are unavailable.
R=ivanpe@chromium.org, mark@chromium.org
Review URL: https://breakpad.appspot.com/1574002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1316 4c0a9323-5329-0410-9bdc-e9ce6186880e
After r1299, the LinuxCoreDumperTest::VerifyDumpWithMultipleThreads and
ElfCoreDumpTest::ValidCoreFile would both hang on Android. This appears to be due to the tkill
signal not being recieved by the thread which is meant to crash, even though tkill returns 0.
This CL retries sending the tkill signal multiple times, which prevents the Hang.
BUG=579
R=thestig@chromium.org
Review URL: https://breakpad.appspot.com/1524002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1313 4c0a9323-5329-0410-9bdc-e9ce6186880e
As part of that:
- Updated MSSymbolServerConverter to also download the executable files from the symbol server and pass them to the PDBSourceLineWriter as it is required for successful conversion of symbols for 64-bit modules.
- Added a .gyp file and target for the ms_symbol_server_converter library.
- Updated PDBSourceLineWriter to allow executable files to be in locations different from the locations of the PDB files.
- Minor style issue:
* #define guards.
* No space before ')' and after '('.
R=mark@chromium.org, wfh@chromium.org
Review URL: https://breakpad.appspot.com/1434002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1309 4c0a9323-5329-0410-9bdc-e9ce6186880e
The ElfCoreDumpTest.ValidCoreFile unit test assumed that the number of
NT_FPREGSET / NT_PRXFPREG notes in the core dump file equals to the number of
threads of the crashed process. This assumption isn't always true as the kernel
skips filling the NT_FPREGSET / NT_PRXFPREG note of a thread if the FPU state
isn't available. The kernel indicates the availability of NT_FPREGSET /
NT_PRXFPREG via the pr_fpvalid field of the NT_PRSTATUS note. This CL modifies
the ElfCoreDumpTest.ValidCoreFile unit test to verify the number of NT_FPREGSET
and NT_PRXFPREG notes based on the pr_fpvalid field of the NT_PRSTATUS notes.
BUG=577
TEST=Run unit tests on x86 and x86_64 Linux platform.
R=vapier@chromium.org
Review URL: https://breakpad.appspot.com/1404002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1303 4c0a9323-5329-0410-9bdc-e9ce6186880e
This is an initial attempt to add Arm64 (aarch64) support to Breakpad for
Linux / Android platforms. This CL adds the Arm64 data structures, but does
not yet implement the Android getcontext support or CPUFillFromThreadInfo /
CPUFillFromUContext.
BUG=354405,335641
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/1354002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1301 4c0a9323-5329-0410-9bdc-e9ce6186880e
The current CreateChildCrash logic is racy when it comes to creating a
crash dump for two reasons:
The main thread that calls kill() on a different thread is guaranteed
the signal will be *queued* when it returns, but not *delivered*. If
the kernel doesn't automatically schedule the receiving thread, but
instead lets the main thread run to the exit() call, then the signal
never triggers a coredump and the whole process simply exits.
The main thread is using kill() to try to deliver a signal to a
specific thread, but that function is for sending signals to a
process. That means the kernel is free to deliver the signal to
any thread in the process and not just the one requested. This
manifests itself as the pr_pid in the coredump not being the one
expected. Instead, we must use tkill() with the tid (which we
already took care of gathering) to deliver to a specific thread.
These are a lot easier to see on a UMP system as contention is heavier.
BUG=chromium:207918
TEST=`dumper_unittest` still passes, and doesn't flake out in a UMP system
TEST=`linux_client_unittest` still passes
R=benchan@chromium.org
Review URL: https://breakpad.appspot.com/1304005
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1299 4c0a9323-5329-0410-9bdc-e9ce6186880e
