Because the log message "Tombstone written to: $NAME" is written
before renaming the proto tombstone, it is possible that a tool that
automatically downloads new proto tombstones by watching for this
log message will fail to download the tombstone. For the tool that
I am developing, this occurs < 0.1% of the time. Fix the issue by
renaming the proto tombstone first.
Bug: 328531087
Change-Id: I5b751585f2fce897ca7eb76c0466a0c33a93d851
Extends the recoverable native crash handling support to also allow for
MTE crashes to be recovered from in apps. Backs onto the existing
GWP-ASan recoverable handling.
At least for system/core, I've renamed the (now) generic "recoverable
crash" variables to remove the notion of GWP-ASan.
Permissive MTE should no longer crash an app, and crashes are still
visible in the AppExitInfo API and tombstones.
Test: atest CtsTaggingHostTestCases
Bug: 328793166
Change-Id: I4c6ffa85af0e0d9b72d0ccd606bb6e1ca464cfff
The code was only meant for native tombstones. It might be a good idea
to make ANRs also readable by shell / adb, but in that case we have to
do more changes to make sure all files in /data/anr are. We can revert
if we implement that
Test: m
Bug: 329827513
Change-Id: Ic98c452ca500fe766a70173bef4ac1ea57438989
\(fault address prefixed with --->)
should be
\(fault address prefixed with --->\)
Test: debuggerd_test
Bug: 175635923
Bug: 327668317
Change-Id: I03bf8969e9818956ae79b916ab852efaf4f2f78a
This reverts commit d059478ee1.
Reason for revert: Potential culprit for b/327525776- verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Change-Id: I4b713aa46b2869a677a210cfce6ae880366b045e
I'm tired of seeing the bpfmt warning, so fix this for all debuggerd
blueprint files.
Test: Compiles
Change-Id: I3b25365a7272aebe9cbac28455cf8b9b86b04c6e
They are still restricted by SELinux, and apps still cannot open them
because they don't have `open` SELinux permission.
Bug: 312740614
Change-Id: I83b7e6ed39f5af64f161af3b3e8e33af0d125b20
A few files were changed without using the generate script. Modify
the original policy file and generate all of the policy files
properly.
Test: Verify the generated files are the same as before.
Change-Id: Ic6979c06c5d290b3047c8307e86ec1e78a242d44
Two things need changing for debuggerd_test to pass.
1. The seccomp policy needs to allow for PROT_MTE (0x20) in both
mprotect() and mmap(). Stack MTE processes do a mprotect()/mmap() of
the stack when launching a process.
2. The fault address and stack pointer need to be untagged when trying
to figure out the stack overflow cause.
Bug: 320448268
Bug: 292478827
Test: atest debuggerd_test --iterations=10
Change-Id: I56471c32ca40edffbb61b7547bdf2b85a6eb1ff7
Change the header param to be `tid` and remove a local `pid` variable
to use `tid` instead.
Test: m
Bug: 316970771
Change-Id: I53c13081d72f46446ac6e85df77a160ef4f50c05
The availability to runtime apex was done implicitly using a baseline map in
build/soong/apex/apex.go. Make this explicit in Android.bp
Bug: 281077552
Test: m nothing
Change-Id: Iba1f30ef57c0707189ec79813ef501029135eeba
For the tombstoned.proto test, remove arbitrary sleep and add loop
checking for the file being present.
Bug: 317286869
Test: Ran the tests on device and all pass.
Test: Modify the test and force the timeout to verify the timeout logic.
Change-Id: I9b246c8fee83909459d5c42debdb546794070845
The availability to runtime apex was done implicitly using a baseline map in
build/soong/apex/apex.go. Make this explicit in Android.bp
Bug: 281077552
Test: m nothing
Change-Id: I365270bc90380211c40294dff145ebc01eb8c14f
This is a no-op but will be used in upcoming scudo changes that allow to
change the depot size at process startup time, and as such we will no
longer be able to call __scudo_get_stack_depot_size in debuggerd.
Bug: 309446692
Change-Id: Ib64b9d042b2a2088484ec5e61944c089a1d85314
This is done so that we could depend on it elsewhere without needing all the unrelated methods.
Needed for ag/24553347
Bug: 296207744
Test: refactoring build
Change-Id: I7c6733208f3ae63ba9559753a24cffcb8e1b9d1e
This is a no-op but will be used in upcoming scudo changes that allow to
change the depot size at process startup time, and as such we will no
longer be able to call __scudo_get_stack_depot_size in debuggerd.
We already did the equivalent change for the ring buffer size in
https://r.android.com/q/topic:%22scudo_ring_buffer_size%22
Bug: 309446692
Change-Id: I761a7602c54a1f8f2d0575c5e011820d8dbaab63
The only way to get a bad architecture value in the protobuf is if
the data was corrupted or an unsupported architecture was added without
the register support.
If the protobuf is corrupted, this is strictly better since it
still produces a tombstone with the data present.
If there is an unsupported architecture, it will still result in a tombstone,
only the registers would not be present. It would also be very obviously
a problem that needs to be fixed. Again, this is strictly better since
the crash in generation is not necessarily visible unless you look at
the log. Here, the data is in the log and in the tombstone.
This also removes the only dependency in this file on the async_safe
library.
Test: Ran unit tests.
Test: Forced an invalid architecture and verified tombstone is present
Test: with error message, and error message printed in the log.
Change-Id: I8e4a2e3f778fafb5b7241c2f23d5f867f1341ed8
Timeouts in tombstoned.cpp and intercept_manager.cpp are scaled
by HwTimeoutMultiplier, but the timeouts in debuggerd_test.cpp
are not, which means the CrasherTest#intercept_timeout test will
fail for any platform that has a high enough HwTimeoutMultiplier.
Bug: 309532789
Test: debuggerd_test.CrasherTest#intercept_timeout
Change-Id: I83cd01e87644c011efa155a32fd5d92cc8a43a95
