summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* crasher: add close(fileno(FILE*)) and close(dirfd(DIR*)).Josh Gao2018-07-181-32/+40
| | | | | | | Add some cases to trigger fdsan aborts. Test: crasher fdsan_file; crasher fdsan_dir Change-Id: I48152d333dc25900f1c8d8e0f2e8728154643508
* debuggerd_handler: use syscall(__NR_close) instead of close.Josh Gao2018-07-181-2/+12
| | | | | | | | Avoid bionic's file descriptor ownership checks by calling the close syscall manually. Test: debuggerd_test Change-Id: I10af6aca0e66fe030fd7a53506ae61c87695641d
* Clean up logging code.Christopher Ferris2018-07-161-27/+19
| | | | | Test: Verify that tombstones still contain the log message data. Change-Id: I303dec944e58a0c4f5edfed22caaf1f2462ea3e8
* Add support for new defines in v4.17.3 headers.Christopher Ferris2018-06-291-17/+29
| | | | | Test: Builds and unit tests pass. Change-Id: Ibd5711effb1e599d3239d45124383fe91e0f573d
* Merge "debuggerd: add support for Java traces."Treehugger Robot2018-06-141-5/+17
|\
| * debuggerd: add support for Java traces.Josh Gao2018-06-141-5/+17
| | | | | | | | | | Test: `debuggerd -j $(pidof com.android.settings)` Change-Id: I051c9b6d313e5350416b3d0743c3fc75f43fbd0c
* | Shared libs are supported in recovery modeJiyong Park2018-06-091-1/+8
|/ | | | | | | | | | | | | | | | | | | | | | | | | | adbd has been built as a static executable since the same binary was copied to the recovery partition where shared library is not supported. However, since we now support shared library in the recovery partition, adbd is built as a dynamic executable. In addition, the dependency from adbd to libdebuggerd_handler is removed as debuggerd is handled by the dynamic linker. A few more modules in /system/core are marked as recovery_available: true as they are transitive dependencies of the dynamic linker. This change also includes ld.config.recovery.txt which is the linker config file for the recovery mode. It is installed to /etc/ld.config.txt and contains linker namespace config for the dynamic binaries under /sbin. Bug: 63673171 Test: `adb reboot recovery; adb devices` shows the device ID Test: Select 'mount /system' in the recovery mode, then `adb shell`. $ lsof -p `pidof adbd` shows that libm.so, libc.so, etc. are loaded from the /lib directory. Change-Id: I363d5a787863f1677ee40afb5d5841321ddaae77
* Improve SIGILL support.Elliott Hughes2018-05-302-4/+22
| | | | | | | | | | | | | | | | | | | Include the illegal instruction in the header if we get a SIGILL. Otherwise (since these tend to be one-off bit flips), we don't usually have any information to try to confirm our suspicion that any given instance is actually a one-off bit flip. Also add `SIGILL` as a crasher option to easily generate such crashes. Before: signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0xab1456da After: signal 4 (SIGILL), code 1 (ILL_ILLOPC), fault addr 0xab1456da (*pc=0xe7f0def0) Bug: http://b/77274448 Test: ran crasher Change-Id: I5f8dedca5eea2b117b1b1e48430214b38e1366ed
* Build adbd for recoveryJiyong Park2018-05-241-0/+4
| | | | | | | | | | | | | adbd (and its dependencies) are marked as recovery_available:true so that recovery version of the binary is built separately from the one for system partition. This allows us to stop copying the system version to the recovery partition and also opens up the way to enable shared libraries in the recovery partition. Then we can also build adbd as a dynamic executable. Bug: 79146551 Test: m -j adbd.recovery Change-Id: Ib95614c7435f9d0afc02a0c7d5ae1a94e439e32a
* Merge "debuggerd: fix CrasherTest.seccomp_crash_oom."Treehugger Robot2018-05-181-1/+10
|\
| * debuggerd: fix CrasherTest.seccomp_crash_oom.Josh Gao2018-05-161-1/+10
| | | | | | | | | | | | | | | | | | | | Switch from _exit to raising SIGABRT when we recurse in the fallback handler, so that waiters see an abort instead of a regular exit. Bug: http://b/79717060 Test: debuggerd_test32 Test: debuggerd_test64 Change-Id: Iddee1cb1b759690adf07bbb8cd0fda2faac87571
* | Expect optional (offset ...) in frame dump.Chih-Hung Hsieh2018-05-141-1/+6
|/ | | | | | | | | * New lld could create files that map to non-zero offset at run time. Test: debuggerd_test Bug: 79590156 Change-Id: I12db0ebef489ba8a1e648a29d214f8d3c3703996
* Merge "Remove unnecessary references to libunwind."Christopher Ferris2018-05-041-2/+0
|\
| * Remove unnecessary references to libunwind.Christopher Ferris2018-05-031-2/+0
| | | | | | | | | | | | | | Bug: 79209464 Test: Builds. Change-Id: I4193ac664e3b118270a17fcc0131fb6c6e384c41
* | tombstoned: make missing O_TMPFILE workaround actually work around.Josh Gao2018-05-031-9/+22
|/ | | | | | | | | We can't actually link an unlinked file back onto disk if it wasn't opened with O_TMPFILE. Switch to using a temporary filename instead. Bug: http://b/77729983 Test: agampe Change-Id: I1970497114f0056065a1ba65f6358f08b51ec551
* tombstoned: don't bail out if we fail to unlink a file that isn't there.Josh Gao2018-05-031-1/+1
| | | | | Test: crasher with no tombstones Change-Id: I20e0537a347dd1f83877150ab13f53441dd65d95
* Merge "tombstoned: don't create tombstones for failed dumps."android-build-prod (mdb)2018-05-021-28/+47
|\
| * tombstoned: don't create tombstones for failed dumps.Josh Gao2018-04-191-28/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | Instead of creating tombstone FDs in place and passing them out to crash_dump directly, create them as O_TMPFILEs and link them into place when crash_dump reports success, to avoid creating empty tombstones in cases like an aborting thread racing with another thread that manages to cleanly exit_group before the dump finishes. Bug: http://b/77729983 Test: debuggerd_test Test: adb shell 'for x in `seq 0 50`; do crasher; done' Change-Id: I31ce4fd4a524abf8bde57152450209483d9d0ba9
* | Fix a debuggerd test expectation.Elliott Hughes2018-05-021-1/+3
| | | | | | | | | | | | | | | | | | 70d8f289454c9b691ec5421b0ed0354b6baaace8 broke a test that was not expecting to see the new detail about the signal's sender. Bug: http://b/78594105 Test: ran tests Change-Id: Idfa3a53b9e664308efdba560ffbb1401c1904530
* | Merge "Add test_suites lines."Elliott Hughes2018-04-281-0/+2
|\ \
| * | Add test_suites lines.Elliott Hughes2018-04-271-0/+2
| | | | | | | | | | | | | | | | | | Bug: N/A Test: builds Change-Id: Ic5e2b9206bcfcb53c774989013b5db6aab462e42
* | | Merge "crash_dump: defuse our signal handlers earlier."android-build-prod (mdb)2018-04-271-11/+15
|\ \ \
| * | | crash_dump: defuse our signal handlers earlier.Josh Gao2018-04-271-11/+15
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | We have a LOG(FATAL) that can potentially happen before we turn off SIGABRT. Move the signal handler defusing to the very start of main. Bug: http://b/77920633 Test: treehugger Change-Id: I7a2f2a0f2bed16e54467388044eca254102aa6a0
* / / Show signal sender for SI_FROMUSER signals.Elliott Hughes2018-04-264-36/+54
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Suicide doesn't change: signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- But homicide now looks like this (this is `sleep 666` killed by `kill -SEGV` as root: signal 11 (SIGSEGV), code 0 (SI_USER from pid 4446, uid 0), fault addr -------- Bug: http://b/78594105 Test: manual Change-Id: I8c2feafba8cc5a3db85e8250004d428a464c5d9e
* | libdebuggerd: fix out of bounds write.Josh Gao2018-04-201-3/+2
| | | | | | | | | | | | Bug: http://b/78363964 Test: treehugger Change-Id: I79ae818e4e0c29f064335d59789afc3b1bf87c69
* | libdebuggerd: clone registers before we Unwind with them.Josh Gao2018-04-201-1/+3
|/ | | | | | Bug: http://b/77296294 Test: manual inspection of tombstone generated by crasher Change-Id: I4b017701d7d2041db4aefbbb90977e99b844c328
* debuggerd: remove maximum abort message length.Josh Gao2018-04-133-19/+27
| | | | | | | | Let the logging implementation be the imposer of limits. Bug: http://b/64759619 Test: debuggerd_test Change-Id: I8bc73bf2301ce071668993b740880224846a4e75
* Mark crash_dump.policy as not supported on mipsDan Willemsen2018-02-271-0/+1
| | | | | | | | | | | | | The recent change to detect missing source files broke reading makefiles for mips, since this didn't specify a source file. Bug: 73904572 Test: lunch aosp_mips-eng; m nothing Test: lunch aosp_arm-eng; m crash_dump.policy Test: lunch aosp_arm64-eng; m crash_dump.policy Test: lunch aosp_x86-eng; m crash_dump.policy Test: lunch aosp_x86_64-eng; m crash_dump.policy Change-Id: I28864b5af59267f1ab83084128f2c59b04039374
* debuggerd_fallback: don't recursively abort.Josh Gao2018-02-222-7/+60
| | | | | | | | | | | | Calls to abort() will always result in our signal handler being called, because abort will manually unblock SIGABRT before raising it. This can lead to deadlock when handling address space exhaustion in the fallback handler. To fix this, switch our mutex to a recursive mutex, and manually keep track of our lock count. Bug: http://b/72929749 Test: debuggerd_test --gtest_filter="CrasherTest.seccomp_crash_oom" Change-Id: I609f263ce93550350b17757189326b627129d4a7
* Merge "bpfmt."Treehugger Robot2018-02-191-6/+9
|\
| * bpfmt.Elliott Hughes2018-02-161-6/+9
| | | | | | | | | | | | Bug: N/A Test: builds Change-Id: I89ad00e1c4c7e0767bc80a7ac7935a4d55e090ac
* | debuggerd seccomp: explain why we define PROT_READ/WRITE.Josh Gao2018-02-191-1/+7
| | | | | | | | | | | | | | | | | | Add a comment explaining why we define PROT_READ/PROT_WRITE, even though a current libminijail supports both cosntants. Bug: http://b/73273658 Test: treehugger Change-Id: I51c1be1b1b569e94dbc9045a90bc28221b7dc9c7
* | Define PROT_READ and PROT_WRITE when generating the policy filesJustin Yun2018-02-185-8/+10
|/ | | | | | | | | | When generating crash_dump.*.policy, replace PROT_READ and PROT_WRITE to numeric constants to make the policy backward compatible with old libminijail.so. Bug: 73273658 Test: use the new policy in OMR1 devices Change-Id: I936a733340ad4df8aef6562c03eb10c29ffdada2
* Include the map name when dumping memory around a register.Elliott Hughes2018-02-154-38/+42
| | | | | | Bug: http://b/19590178 Test: ran tests, ran crasher Change-Id: Ib9afa34c860d8732ef1943eb4decd0b7c8fb55fd
* debuggerd_fallback: fix race.Josh Gao2018-02-091-16/+89
| | | | | | | | | | | | | | | | | | | | | A race condition occurs when one thread takes more than a second to get scheduled to handle the signal we send to ask it to dump its stack. When this happens, the main thread will continue on, close the fd, and then ask the next thread to dump, but the slow thread will then wake up and try to write to the new thread's fd, or trigger an assertion in __linker_enable_fallback_allocator. Do a few things to make this less bad: - encode both target tid and fd in the shared atomic, so that we know who each fd is for - switch __linker_enable_fallback_allocator to return success instead of aborting, and bail out if it's already in use - write to the output fd right when we get to it, instead of doing it whenever the dumping code decides to, to reduce the likelihood that the timeout expires Test: debuggerd_test Change-Id: Ife0f6dae388b601e7f991605f14d7a0274013f6b
* debuggerd: update policy for recent sigaction changes.Josh Gao2018-02-085-6/+5
| | | | | | | | | | Commit 3e235911 in bionic switched LP32's sigaction implementation over to using the rt_sigaction syscall, matching LP64. Update our seccomp policy to match. Bug: http://b/73119572 Test: debuggerd_test32 Change-Id: I0a662a1c874298d434468d2dcdb4ebf9f276110c
* Add extra frame when dex_pc is non-zero.Christopher Ferris2018-01-231-0/+1
| | | | | | | | | | | | | | | Use the art dex file library to read the dex data. Add unit tests for the UnwindDexFile code. Bug: 72070049 Test: All unit tests continue to pass. Test: Dumped the backtrace of the 137-cfi test while running in interpreter Test: mode and verified that the stack trace is correct. Did this on host Test: and for arm/arm64. Change-Id: Ia6f343318c5dd6968a954015a7d59fdf101575b0
* Fix regression caused by libbacktrace API change.Christopher Ferris2018-01-201-1/+1
| | | | | | | | | | | The stack dump was not printing leading zeros for data after the change to remove uintptr_t types from the libbacktrace API. Bug: 65682279 Test: Created an arm tombstone and an arm64 tombstone and verified Test: that the stack data has leading zeros. Change-Id: I1fbec2c4fa7c8b0fab18894c5628d18c5a580299
* Merge "debuggerd: add seccomp policies and tests."Josh Gao2018-01-199-3/+384
|\
| * debuggerd: add seccomp policies and tests.Josh Gao2018-01-189-3/+384
| | | | | | | | | | | | Bug: http://b/38508369 Test: debuggerd_test32/64 on walleye and aosp_x86_64 Change-Id: I7e69e37bcd1823d271b9f2b0a13b8c9cba9a8e84
* | Change all uintptr_t to uint64_t in API.Christopher Ferris2018-01-185-27/+27
|/ | | | | | | | | | | | | | | | | In order to support the offline unwinding properly, get rid of the usage of non-fixed type uintptr_t from all API calls. In addition, completely remove the old local and remote unwinding code that used libunwind. The next step will be to move the offline unwinding to the new unwinder. Bug: 65682279 Test: Ran unit tests for libbacktrace/debuggerd. Test: Ran debuggerd -b on a few arm and arm64 processes. Test: Ran crasher and crasher64 and verified tombstones look correct. Change-Id: Ib0c6cee3ad6785a102b74908a3d8e5e93e5c6b33
* Merge "debuggerd_handler: set PR_SET_PTRACER before running crash_dump."Treehugger Robot2018-01-081-0/+16
|\
| * debuggerd_handler: set PR_SET_PTRACER before running crash_dump.Luis Hector Chavez2017-12-271-0/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | Set and restore PR_SET_PTRACER when performing a dump, so that when Android is running on a kernel that has the Yama LSM enabled (and the value of ptrace_scope is > 0), crash_dump can attach to processes and print nice, symbolized stack traces. Bug: 70992745 Test: kill -6 `pidof surfaceflinger` && logcat -d -b crash # in both sailfish and Chrome OS Change-Id: If4646442c6000fdcc69cf4ab95fdc71ae74baaaf
* | Merge "Change seccomp to the system filter"Treehugger Robot2018-01-081-1/+1
|\ \ | |/ |/|
| * Change seccomp to the system filterVictor Hsieh2017-12-221-1/+1
| | | | | | | | | | | | Test: build Bug: 63944145 Change-Id: I55da5354b90def14b024add7979099189943d9e6
* | debuggerd: restore the location of abort message.Josh Gao2017-12-221-4/+4
| | | | | | | | | | | | | | | | | | The abort message was accidentally relocated to be printed below the registers, backtrace, and stack, which isn't very helpful. Move it back to its rightful place. Test: treehugger Change-Id: I8aa5b63e58081f27ccdb42481fed8d9eb3a892a4
* | debuggerd: wait for dump completion on crashes.Josh Gao2017-12-221-3/+8
|/ | | | | | | | | | | | | When a process crashes, both ActivityManager and init will try to kill its process group when they notice. The recent change to minimize the amount of time a process is paused results in crash dumps being killed before they finish as a result of this. Since anything that needs to be low-latency is probably not going to be too happy if it crashes, just wait for completion whenever we're processing a real crash. Bug: http://b/70343110 Test: debuggerd_test Change-Id: I894bb06efd264b1ba005df06f7326a72f4b767bb
* Merge "base: extract {ASSERT,EXPECT}_MATCH helpers from debuggerd_test."Treehugger Robot2017-12-191-16/+1
|\
| * base: extract {ASSERT,EXPECT}_MATCH helpers from debuggerd_test.Josh Gao2017-12-191-16/+1
| | | | | | | | | | | | | | | | Add some helper macros that perform regex string matching to <android-base/test_utils.h>. Test: libbase_test32/64 on host Change-Id: I1b0f03dc73f8b4fdfb8ac6c75d59ef421e0e9640
* | debuggerd: add pause time benchmark.Josh Gao2017-12-192-0/+138
|/ | | | | | | | Add a benchmark to measure how long we pause a process when dumping. Bug: http://b/62112103 Test: manually ran it Change-Id: Iceec2f722915b0ae26144c86dcbeb35793f963da