- Convert time_t values to UTC correctly. It is incorrect to cast a uint32_t*
to time_t* because the two types may have different widths. This is the
case on many 64-bit systems, where time_t is a 64-bit signed integer.
Conversion is unified in a single function, and additional uses of time_t
in minidump files not previously displayed in UTC are now displayed.
- Interpret the IMAGE_DEBUG_MISC structure correctly.
- When printing MINIDUMP_SYSTEM_INFO structures, always show the "x86" side
of the union, and state whether it's expected to be valid. (Existing
Breakpad-produced non-Windows minidumps for x86_64 use the "x86" side of
union, but Windows minidumps for x86_64 use the "other" side, so I want to
print both.)
R=ivanpe@chromium.org
Review URL: https://breakpad.appspot.com/5674002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1339 4c0a9323-5329-0410-9bdc-e9ce6186880e
.raSearchStart in the cases where there are alignment operators in
the program string.
If alignment operators are found in the program string, the current
value of %ebp must be valid and it is the only reliable data point
that can be used for getting to the previous frame. Previously, the
.raSearchStart calculation was based on %esp and when %esp is aligned
in the current frame (which is a lossy operation) the resulting
.raSearchStart cannot was incorrect. There is code that is trying to
work around this problem (scanning of up to 3 words for a return
address) which is unreliable and it doesn't work in many cases (e.g.
when the alignment is on a 64-byte boundary).
This fix is already deployed in Google and it was measured to reduce
the number of wrong stack traces (for Windows crashes) by 45%. No
regressions have been found so far.
Here is an example of an issue that was fixed by this change (where
register %esp is aligned on the 64-byte boundary and the workarounds
that we already had didn't work):
https://code.google.com/p/chromium/issues/detail?id=311359
0:013> uf chrome_59630000!base::MessagePumpForIO::DoRunLoop
518 59685c39 55 push ebp
518 59685c3a 8bec mov ebp,esp
518 59685c3c 83e4c0 and esp,0FFFFFFC0h <== 64-byte boundary
518 59685c3f 83ec34 sub esp,34h
518 59685c42 53 push ebx
518 59685c43 56 push esi
Program string contains 64-byte alignment:
$T1 .raSearch = $T0 $T1 4 - 64 @ = $ebp $T1 4 - ^ = $eip $T1 ^ =
$esp $T1 4 + = $20 $T0 56 - ^ = $23 $T0 60 - ^ = $24 $T0 64 - ^ =
Review URL: https://breakpad.appspot.com/694002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1232 4c0a9323-5329-0410-9bdc-e9ce6186880e
Here is the symbol parser output:
E0906 11:27:06.051507 22535 basic_source_line_resolver.cc:76] Line 380187: ParseLine failed
E0906 11:27:06.051614 22535 basic_source_line_resolver.cc:76] Line 380188: ParseLine failed
E0906 11:27:06.051648 22535 basic_source_line_resolver.cc:76] Line 380190: ParseLine failed
E0906 11:27:06.051679 22535 basic_source_line_resolver.cc:76] Line 380191: ParseLine failed
E0906 11:27:06.200814 22535 basic_source_line_resolver.cc:76] Line 446729: ParseLine failed
Here are the contents of the Breakpad symbol file:
FUNC 440d60 49 0 __copy_helper_block_
440d60 b 0 3160 <<<----------- the third number is the line number
440d6b 3e 0 3160 <<<---------------------------- same here
FUNC 440db0 36 0 __destroy_helper_block_
440db0 a 0 3160 <<<---------------------------- same here
440dba 2c 0 3160 <<<---------------------------- same here
Review URL: https://breakpad.appspot.com/629002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1214 4c0a9323-5329-0410-9bdc-e9ce6186880e
Tested with a minidump containing a version 3 structure to validate the string conversion routines. Interestingly enough the time_zone names does not appear to be abbreviation as the documentation was suggesting but full names, e.g. Eastern Standard Time:
MDRawMiscInfo
size_of_info = 232
flags1 = 0xf7
process_id = 0x54c4
process_create_time = 0x51a9323c
process_user_time = 0x1
process_kernel_time = 0x0
processor_max_mhz = 3100
processor_current_mhz = 1891
processor_mhz_limit = 3100
processor_max_idle_state = 0x1
processor_current_idle_state = 0x1
The new fileds follow:
process_integrity_level = 0x1000
process_execute_flags = 0x4d
protected_process = 0
time_zone_id = 2
time_zone.bias = 300
time_zone.standard_name = Eastern Standard Time
time_zone.daylight_name = Eastern Daylight Time
Review URL: https://breakpad.appspot.com/617002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1204 4c0a9323-5329-0410-9bdc-e9ce6186880e
More specifically:
- Detect corrupt symbols during minidump processing and provide the list of modules with corrupt symbols in the ProcessState. This will allow listing the corrupt symbol files in the final crash report.
- Skip and recover from symbol data parse errors - don't give up until 100 parse errors are seen.
- In order to recover from '\0' (null terminator) in the middle of a symbol file, a couple of methods have to be updated to require both buffer pointer and length. Previously they required only a buffer pointer (char *) and the size of the buffer was evaluated using strlen which is not reliable when the data is corrupt. Most of the changes are due to these signature updates.
- Added and updated unittests.
Also, updated minidump_stackwalk to show a WARNING for corrupt symbols. Output looks like this:
...
Loaded modules:
0x000da000 - 0x000dafff Google Chrome Canary ??? (main)
0x000e0000 - 0x0417dfff Google Chrome Framework 0.1500.0.3 (WARNING: Corrupt symbols, Google Chrome Framework, 4682A6B4136436C4BFECEB62D498020E0)
0x044a8000 - 0x04571fff IOBluetooth 0.1.0.0
...
Review URL: https://breakpad.appspot.com/613002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1200 4c0a9323-5329-0410-9bdc-e9ce6186880e
../../breakpad/src/processor/tokenize.cc:65:7: error: logical not is only applied to the left hand side of this comparison [-Werror,-Wlogical-not-parentheses]
if (!remaining > 0) {
^ ~
../../breakpad/src/processor/tokenize.cc:65:7: note: add parentheses after the '!' to evaluate the comparison first
if (!remaining > 0) {
^
( )
../../breakpad/src/processor/tokenize.cc:65:7: note: add parentheses around left hand side expression to silence this warning
if (!remaining > 0) {
^
( )
R=thakis@chromium.org
Review URL: https://breakpad.appspot.com/608002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1196 4c0a9323-5329-0410-9bdc-e9ce6186880e
doesn't see the correct thread stack memory. Instead, it loads garbage
(from offset 0 of the minidump file - well that's not garbage, but it is
not the stack memory region either) and attempts to walk it. A typical
symptom of this issue is when you get a single stack frame after
processing - the context frame - for which you don't need stack memory.
This issue is caused by an invalid RVA in the memory descriptor stored
inside the MINIDUMP_THREAD structure for the thread. Luckily, the
invalid RVA is 0, and the start_of_memory_region appears to be correct,
so this issue can be easily detected and the correct memory region can be
loaded using an RVA specified in the MinidumpMemoryList.
I couldn't find a reasonable description on MSDN regarding
MINIDUMP_MEMORY_DESCRIPTOR.MINIDUMP_LOCATION_DESCRIPTOR having RVA of 0
except maybe for full dumps where the 64-bit version of the structure
(MINIDUMP_MEMORY_DESCRIPTOR64) is used and it has no RVA at all. It has
a 64-bit DataSize which if interpreted as the 32-bit structure will very
likely result in 0 for the RVA:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms680384(v=vs.85).aspx
Anyways, the dump that I looked at was not a full dump so 0 for RVA is a
bit puzzling (at least easily detectable):
...
Microsoft (R) Windows Debugger Version 6.2.9200.20512 X86
Copyright (c) Microsoft Corporation. All rights reserved.
...
User Mini Dump File: Only registers, stack and portions of memory are available
...
MINIDUMP_HEADER:
Version A793 (62F0)
NumberOfStreams 11
Flags 160
0020 MiniDumpWithUnloadedModules
0040 MiniDumpWithIndirectlyReferencedMemory
0100 MiniDumpWithProcessThreadData
Review URL: https://breakpad.appspot.com/606002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1194 4c0a9323-5329-0410-9bdc-e9ce6186880e
This is achieved by:
1. Extending the span of the scan for return address in the conext frame. Initially, I wanted to extend the span of the scan for all frames but then I noticed that there is code for ARM already that is extending the search only for the context frame. This kind of makes sense so I decided to reuse the same idea everywhere.
2. Attempting to restore the EBP chain after a successful scan for return address so that the stackwalker can switch back to FRAME_TRUST_CFI for the rest of the frames when possible.
I also fixed the lint errors in the files touched.
Review URL: https://breakpad.appspot.com/605002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1193 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch improves several things for Linux/ARM:
- Better detection of the number of CPUs on the target
device. The content of /proc/cpuinfo only matches the
number of "online" CPUs, which varies over time with
recent Android devices.
- Reconstruct the CPUID and ELF hwcaps values from
/proc/cpuinfo, this is useful to better identify
target devices in minidumps.
- Make minidump_dump display the new information
in useful ways.
- Write a small helper class to parse /proc/cpuinfo
and also use it for x86/64.
- Write a small helper class to parse sysfds cpu lists.
- Add a my_memchr() implementation.
- Add unit tests.
Tested on a Nexus S (1 CPU), Galaxy Nexus (2 CPUs)
and a Nexus 4 (4 CPUs).
Review URL: https://breakpad.appspot.com/540003
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1160 4c0a9323-5329-0410-9bdc-e9ce6186880e
structured logging. This is basically wrapping std::ostream within a new type.
No functional differences from this change are expected.
Patch by Ivan Penkov <ivan.penkov@gmail.com>
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1140 4c0a9323-5329-0410-9bdc-e9ce6186880e
In order to better distinguish Android and Linux minidumps, introduce
a new MD_OS_ANDROID definition, and modify related source code accordingly.
Also append the build-fingerprint to the minidump location descriptor.
This gives more information about the system image the device runs on.
Review URL: https://breakpad.appspot.com/405002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@981 4c0a9323-5329-0410-9bdc-e9ce6186880e
do with FPO (frame-pointer-omission) optimized context
frames where the context frame represents a Windows
System call stub.
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@971 4c0a9323-5329-0410-9bdc-e9ce6186880e
Change MinidumpModuleList::GetMainModule() to use GetModuleAtIndex() instead
of GetModuleAtSequence() because the former gets the first module that was
in the minidump file, while the latter actually gets the first module when
sorted by address. While this is pretty much the same thing at the moment,
I have another change in the works that can sometimes affect the module
order in the file.
BUG=chromium-os:25355
TEST=Ran Breakpad tests
Review URL: https://breakpad.appspot.com/366001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@941 4c0a9323-5329-0410-9bdc-e9ce6186880e
A memory leak in DisassemblerX86 is detected by valgrind. This patch
fixes the DisassemblerX86 destructor to properly free the |current_instr_|
variable.
BUG=471
TEST=Run valgrind on disassembler_x86_unittest to verify the leak is gone.
Review URL: https://breakpad.appspot.com/371001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@940 4c0a9323-5329-0410-9bdc-e9ce6186880e
The new API allows to automatically upload repports to the crash server when the application restarts.
This change also:
- Correct a bug on the test for correct alignment of the abrt signal handler
- Add user friendly information on crashes for SIGABRT and NSException
Review URL: https://breakpad.appspot.com/361001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@935 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch fixes a compilation error with gcc / clang on Linux / Mac OS.
BUG=none
TEST=Tested the following:
1. Build on 32-bit and 64-bit Linux with gcc 4.4.3 and gcc 4.6.
2. Build on Mac OS X 10.6.8 with gcc 4.2 and clang 3.0 (with latest gmock).
3. All unit tests pass.
Patch by Ben Chan <benchan@chromium.org>
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@924 4c0a9323-5329-0410-9bdc-e9ce6186880e
The assertion (context.context_flags & MD_CONTEXT_X86) in synth_minidump.cc
produces a different message on Mac OS X than other platforms. This patch
changes the ContextDeathTest.X86BadFlags test to handle both message patterns.
BUG=424
TEST=Verified ContextDeathTest.X86BadFlags on Windows, Linux and Mac OS X.
Review URL: http://breakpad.appspot.com/333001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@894 4c0a9323-5329-0410-9bdc-e9ce6186880e
The value of MD_CONTEXT_CPU_MASK in use assumes that only the lower 6 bits are used for flags, and the upper 26 bits are for the CPU type. However, as of Windows 7 SP1, the 7th bit is being used as a flag (per http://msdn.microsoft.com/en-us/library/hh134238%28v=vs.85%29.aspx and the Windows SDK headers). Adjusting MD_CONTEXT_CPU_MASK works, but unfortunately that masks off the existing value of MD_CONTEXT_ARM. This patch also changes the value of MD_CONTEXT_ARM and adjusts the minidump context reading machinery to gracefully handle minidumps with the old value.
R=mark at http://breakpad.appspot.com/302001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@831 4c0a9323-5329-0410-9bdc-e9ce6186880e
is no reason not to keep it locally. Implemented a basic disassembler which can be used
to scan bytecode for interesting conditions. This should be pretty easy to add to for
things other than exploitability if there is a desire. This also adds several tests to
the windows exploitability ranking code to take advantage of the disassembler for x86
code.
BUG=None
TEST=DisassemblerX86Test.*
Review URL: http://breakpad.appspot.com/203001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@705 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch avoids unnecessary use of the <cfoo> headers in files that don't
actually use the identifiers they declare in the std:: namespace.
It also changes some files to better conform with the "Names and Order of
Includes" rules in the Google C++ Style Guide.
A=jimb R=mark
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@619 4c0a9323-5329-0410-9bdc-e9ce6186880e
The google_breakpad::TestAssembler classes are used in both the processor's
and the Linux dumper's test suites, and will soon be used in the Mac
dumper's tests as well. This patch moves their source files from
src/processor to src/common.
a=jimblandy, r=thestig
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@574 4c0a9323-5329-0410-9bdc-e9ce6186880e
When building with G++ 4.1.2, src/processor/cfi_frame_info.cc fails to
build with the error below. G++ 4.2.1 and later do not seem to report this
problem.
This patch works around the problem by casting stream.tellp() to
std::streamoff before doing the comparison.
src/processor/cfi_frame_info.cc: In member function `std::string google_breakpad::CFIFrameInfo::Serialize() const':
src/processor/cfi_frame_info.cc:105: error: ambiguous overload for `operator!=' in `stream.std::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >::<anonymous>.std::basic_ostream<_CharT, _Traits>::tellp [with _CharT = char, _Traits = std::char_traits<char>]() != 0'
src/processor/cfi_frame_info.cc:105: note: candidates are: operator!=(std::streamoff, int) <built-in>
/usr/lib/gcc/x86_64-redhat-linux/4.1.2/../../../../include/c++/4.1.2/bits/postypes.h:143: note: bool std::fpos<_StateT>::operator!=(const std::fpos<_StateT>&) const [with _StateT = __mbstate_t]
a=jimblandy, r=mmentovai
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@572 4c0a9323-5329-0410-9bdc-e9ce6186880e
pdb filenames in crash reports may contain embedded newlines. When
minidump-stackwalk prints these lines, it ends up with:
Module|olek8r4u.dll|6.0.6000.16386|\\xc2\\xeb\\x17\\x04J\\xb6:\\xbaT\\xf3\\xef\\xe8Y\\x90\\x86\\xaa\\xe5\\x16n\\xb1\\x80\\x85\\t\\x12!\\x16\\x0f\\x98\\xf8\\x89\\x16"\\x96\\xd4\\x84\\x88\\xea\\xe3\\r\\r\\x1b\\xca\\x85*^h\\xf5\\xdc\n\\xd9\\xf4}j\\x1d7\\xe39o\\x1f\\xc5\\xc4\\xa6x\\x8ba\\xe8\\xd6K\\x89H\\xe1\\xff\\xe7\\xf5\\xf0Y\\xfd\\xf5\\xdbu\\x0c\\x07\\x86\\xed|29E0B04FCCBE47EB86A6C819E8B89D051|0x00f60000|0x00ff2fff|0\n
Which has an embedded newline and the machine parser can't handle it. This
patch just strips the embedded newline, just as we strip embedded |
separator characters.
a=bsmedberg, r=jimblandy
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@571 4c0a9323-5329-0410-9bdc-e9ce6186880e
This adds support for 'STACK CFI' records (DWARF CFI) to the AMD64
stack walker. This is necessary for the stack trace to include any
frames other than the youngest. Unit tests are included.
a=jimblandy, r=mmentovai
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@554 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch allows the Breakpad minidump processor to use data from
STACK CFI records to generate stack traces for the ARM processor.
In the symbol dumper, we need a table mapping DWARF CFI register
numbers to their names: STACK CFI records refer to registers by name.
In the processor, we expand StackwalkerARM::GetCallerFrame to see if
there are STACK CFI records covering the callee, and then use those to
recover the caller's register values.
There's no good reason the ARM walker couldn't use the SimpleCFIWalker
interface declared in cfi_frame_info.h. Unfortunately, that interface
assumes that one can map register names to member pointers of the raw
context type, while MDRawContextARM uses an array to hold the
registers' values: C++ pointer-to-member types can't refer to elements
of member arrays. So we have to write out SimpleCFIWalker::FindCallerRegisters
in StackwalkerARM::GetCallerFrame.
We define enum MDARMRegisterNumbers in minidump_cpu_arm.h, for
convenience in referring to certain ARM registers with dedicated
purposes, like the stack pointer and the PC.
We define validity flags in StackFrameARM for all the registers, since
CFI could theoretically recover any of them. In the same vein, we
expand minidump_stackwalk.cc to print the values of all valid
callee-saves registers in the context --- and use the proper names for
special-purpose registers.
We provide unit tests that give full code and branch coverage (with
minor exceptions). We add a testing interface to StackwalkerARM that
allows us to create context frames that lack some register values.
a=jimblandy, r=mmentovai
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@553 4c0a9323-5329-0410-9bdc-e9ce6186880e
