https://android-review.googlesource.com/#/c/331200 moved crasher to
using soong, which changed its location from /system/xbin/crasher to
/system/bin/crasher.
Bug: http://b/35100742
Test: /data/nativetest/debuggerd_test/debuggerd_test32
Test: /data/nativetest64/debuggerd_test/debuggerd_test64
Change-Id: I16a2050b257277023773cc0c960b5ab36e0c7cd4
Reading /proc/<pid>/maps does a ptrace_may_access check, which will
fail if we have fewer capabilities than the target, even if we've
already ptraced it.
Bug: http://b/35070339
Test: debuggerd -b `pidof zygote`
Change-Id: I984a061022bd945a7950b88f6d579e1bd735e893
Fixed this when I tested on internal, but failed to copy the fix over
when submitting to AOSP.
Bug: http://b/35070339
Test: `adb bugreport` on angler
Change-Id: Ib84d212e5f890958cd21f5c018fbc6f368138d1e
* changes:
debuggerd_handler: don't use clone(..., SIGCHLD, ...)
crash_dump: drop capabilities after we ptrace attach.
crash_dump: use /proc/<pid> fd to check tid process membership.
debuggerd_handler: raise ambient capset before execing.
Revert "Give crash_dump CAP_SYS_PTRACE."
Processes that handle SIGCHLD can race with the crash handler to wait
on the crash_dump process. Use clone flags that cause the forked
child's death to not be reported via SIGCHLD, and don't bail out of
dumping when waitpid returns ECHILD (in case another thread is already
in a waitpid(..., __WALL))
Note that the use of waitid was switched to waitpid, because waitid
doesn't support __WCLONE until kernel version 4.7.
Bug: none
Test: "debuggerd -b `pidof zygote64`" a few times (failed roughly 50%
of the time previously)
Change-Id: Ia41a26a61f13c6f9aa85c4c2f88aef8d279d35ad
Raise the ambient capability set to match CapEff so that crash_dump can
inherit all of the capabilities of the dumped process to be able to
ptrace. Note that selinux will prevent crash_dump from actually use
any of the capabilities.
Bug: http://b/34853272
Test: debuggerd -b `pidof system_server`
Test: debuggerd -b `pidof zygote`
Change-Id: I1fe69eff54c1c0a5b3ec63f6fa504b2681c47a88
Dump all of the threads when using `debuggerd -b`.
Bug: http://b/34719257
Test: `debuggerd -b mediaserver`
Change-Id: I2f57100985e5b0c2bf019482ba9feff31921692f
We can't do an selinux transition when this is on.
Bug: http://b/34472671
Test: logcat -c; debuggerd `pidof media.codec`; logcat
Change-Id: Ie6c1832ab838df48879c32a86126862de9a15420
Actually exit when receiving a signal via kill(2) or raise(2) and
PR_GET_DUMPABLE is 0.
Bug: none
Test: /data/nativetest/debuggerd_test/debuggerd_test32
Test: /data/nativetest64/bionic-unit-tests/bionic-unit-tests --gtest_filter=pthread_DeathTest.pthread_mutex_lock_null_64
Change-Id: I833a2a34238129237bd9f953959ebda51d8d04d7
PTRACE_DETACH is only necessary if the process is in group-stop state,
the tracer exiting is sufficient to detach and resume tracees.
Using this, set a 5 second timer with alarm(2) that just kills us, to
avoid leaving processes stopped.
Bug: http://b/34472671
Test: debuggerd_test
Test: crasher + manually inserting a 10 second sleep into crash_dump
Change-Id: Iacaa796f79037aa1585f3f2159abe45ef0069311
ptrace(PTRACE_ATTACH) does not immediately put the traced process in a
stopped state. If we manage to call PTRACE_CONT on it before it
finishes, we'll fail. Switch to using PTRACE_SEIZE and PTRACE_INTERRUPT
to guarantee that the target stops immediately.
This also has the advantage of never putting the process in group-stop
state, which means if we exit prematurely (e.g. if we crash during
stack unwinding), the target process will be resumed without any
intervention needed.
Bug: http://b/34472671
Test: while true; do debuggerd -b `pidof audioserver`; done
Change-Id: I7549f67489646cf300b8c9aa8c735e5e897806ef
crash_dump is a dynamic executable that gets the default crash dumping
handlers set by the linker. Turn them off to prevent crash_dump from
dumping itself.
Bug: http://b/34472671
Test: inserted an abort into crash_dump
Change-Id: Ic9d708805ad47afbb2a9ff37e2ca059f23f421de
Occasionally, the pseudothread wouldn't exit in time after unlocking
the mutex to get crash_dump to proceed, resulting in spurious error
messages. Instead of using a mutex to emulate pthread_join, just
implement it correctly.
Bug: http://b/34472671
Test: debuggerd_test
Change-Id: I5c2658a84e9407ed8cc0ef2ad0fb648c388b7ad1
When vold mounts the encrypted /data partition, it first checks for and
kills processes that have open fds to the tmpfs placeholder at /data.
This resulted in a 20 second boot-time regression (vold's timeout period)
when tombstoned was started before vold.
Bug: http://b/34461270
Test: boot is faster, no messages from vold in console spew
Test: tombstoned still started by init
Change-Id: Ib5e9ddb05f40c9da852f00e103861c6ff2d94888
A TOCTOU race can occur between listing threads and attaching them.
Don't abort and leave the process in a stopped state when this happens.
Bug: http://b/34472671
Test: while true; do debuggerd -b `pidof audioserver`; done
Change-Id: Ib1632c3423fddf506b5c7874223c82fada78a85e
Remove debuggerd in favor of a helper process that gets execed by
crashing processes.
Bug: http://b/30705528
Test: debuggerd_test
Change-Id: I9906c69473989cbf7fe5ea6cccf9a9c563d75906
Make it behave better in our typical use cases and support more of the kinds
of crash we want to document.
Bug: http://b/28746168
Test: crasher
Change-Id: Ifbc3dfb042f6055568244c921f4abe1ea554cec4
NULL represents system default. In the future, NULL could represent
static and dynamic tags, which can come from multiple files based on
implementation details in the liblog library.
Test: gTest logd-unit-tests & liblog-unit-tests
Bug: 31456426
Change-Id: I0e3d296de81ca299ae63d7b83781639ee67ec298
Test: Open a bunch of files, wait for the process to crash, verify dubuggerd
includes the list of open files the tombstone it generates.
Test: Added OpenFilesListTest to debuggerd_test.
Bug: 32013594
Change-Id: I6f939ae1d04dc58dc99abff0ed930da9e0ef0d1c
This will be useful for tests that want to do things with crasher's pid
before it crashes.
Bug: http://b/30705528
Test: crasher wait-abort; crasher wait-thread-abort
Change-Id: I8ba826094dc304d6cd0e6ab088e5cfdb35d2007b
Commit 807e40ecc9 'liblog: logd: Add
android_lookupEventTag_len()' which addressed a Dirty Shared memory
leak resulted in a regression. Most notably logcat <tag> stopped
working for the events log buffer.
AndroidLogEntry::tag also requires callers to check out
AndroidLogEntry::tagLen as tag is no longer guaranteed to be
nul terminated.
Test: logcat-unit-tests --gtest_filter=logcat.event_tag_filter
Bug: 31456426
Change-Id: Ibe5236131b640eb5b7e3df0ab4b5f3e25b85ad45
Point to log/log.h where necessary, define LOG_TAG where necessary.
Accept that private/android_logger.h is suitable replacement for
log/logger.h and android/log.h.
Correct liblog/README
Effectively a cleanup and controlled select revert of
'system/core: drop or replace log/logger.h' and
'system/core: Replace log/log.h with android/log.h'.
Test: compile
Bug: 30465923
Change-Id: Ic2ad157bad6f5efe2c6af293a73bb753300b17a2
Use nasty clone hacks to let us close random file descriptors to be
able to connect to debuggerd when the fd table is full.
Bug: http://b/32013594
Test: crasher exhaustfd-SIGSEGV
Change-Id: I47772e9a5994da4473bd935b105d9c36827c017a
debuggerd does not require log/logger.h, can use android/log.h
In some cases, mark why log/logger.h was required.
Test: Compile and boot smoke test
Bug: 26552300
Bug: 31289077
Bug: 31456426
Change-Id: Ia34987e25a01d81971ec8d785415f732b8376c4f
Should use android/log.h instead of log/log.h as a good example
to all others. Adjust header order to comply with Android Coding
standards.
Test: Compile
Bug: 26552300
Bug: 31289077
Change-Id: I33a8fb4e754d2dc4754d335660c450e0a67190fc
Should use android/log.h instead of cutils/log.h as a good example
to all others. Adjust header order to comply with Android Coding
standards.
Test: Compile
Bug: 26552300
Bug: 31289077
Change-Id: I2c9cbbbd64d8dccf2d44356361d9742e4a9b9031
We weren't detecting incorrect input before. Also clean up the help output
to match the style of all the toybox output. Also flush stdout so that we
don't report failure before even saying that we're going to try to contact
debuggerd...
Change-Id: I9e4bfa878f270fe46c3c210c7a7138959a108d67
The new uapi kernel headers added a new SEGV reason code, so
add it to the tombstone code.
Update sync.c to include the needed data structures itself. Someone
else will be fixing this to work on old versus new kernels.
Change-Id: Icb27713ea38a20003c7671a9bca262eebd96099b
- check hdr_size to make sure it is in the expected range
from sizeof entry_v1 to entry (entry_v4).
- alter msg() method to report NULL on invalid hdr_size
- alter all users of msg() method.
Bug: 30947841
Change-Id: I9bc1740d7aa9f37df5be966c18de1fb9de63d5dd
These were previously required when bionic used tgkill to reraise
signals, but now that we use rt_tgsigqueueinfo to reraise signals, they
are no longer necessary.
Change-Id: I46ba9f14039a727d0a2c4c3a9d93a3532ba8f263
This is needed to connect to the right debuggerd server for the crashing
process. Without this change, the following errors are observed, because a
32-bit process is trying to connect to the 64-bit debuggerd (as opposed to
debuggerd32):
Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 14153 (static_crasher)
debuggerd: handling request: pid=14153 uid=0 gid=0 tid=14153
debuggerd: Not allowed to redirect action 0 to 32 bit debuggerd
Bug: 24414818
Change-Id: I2f275fbc804b0abc6e876a743e51dd8494817103
http://b/28149048http://b/29823425
Disable -Wvarargs that gets triggered in
system/core/debuggerd/test/ptrace_fake.cpp:ptrace_fake. The second bug
above tracks that this warning gets re-enabled.
Test: Tested build, boot and common usage for Arm, Arm64, x86, x86_64,
Mips images in AOSP and internal branch.
Change-Id: Ife68675a77431bcc4717b4da297c14dc486d1413
