4f5f558d3810348126ff651492849eaf748ccc2a |
|
23-Jun-2017 |
Andreas Gampe <agampe@google.com> |
Debuggerd: Extend crash_dump timeout to 5 seconds Some processes have lots of threads and minidebug-info. Unwinding these can take more than the original two seconds. Bug: 62828735 Test: m Test: debuggerd_test Test: adb shell kill -s 6 `pid system_server` Merged-In: I0041bd01753135ef9d86783a3c6a5cbca1c5bbad Change-Id: I0041bd01753135ef9d86783a3c6a5cbca1c5bbad (cherry picked from commit b02851a984391d25bfc5b3094f281432906b47ed)
/system/core/debuggerd/crash_dump.cpp
|
8126d2de3ef97bf3c4794cfdb2fc543d9243ab07 |
|
01-Jun-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: don't notify ActivityManager if it crashed. Bug: http://b/38427757 Test: killall -ABRT system_server, plus added logging Merged-In: Ic15e0b0870b1ec08a2f165ad0e5356afed02eece Change-Id: Ic15e0b0870b1ec08a2f165ad0e5356afed02eece (cherry picked from commit b0e51e388b8c952e28280f0e7035dc18fb9aa4e5)
/system/core/debuggerd/crash_dump.cpp
|
615d9399743fcbeec222a1a5b6f63ed159d20263 |
|
01-Jun-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: clear the signal mask. crash_dump inherits its signal mask from the thread that forked it, which always has all of its signals blocked, now that sigchain respects sa_mask. Manually clear the signal mask, and reduce the timeout to a still-generous 2 seconds. Bug: http://b/38427757 Test: manually inserted sleep in crash_dump Merged-In: If1c9adb68777b71fb19d9b0f47d6998733ed8f52 Change-Id: If1c9adb68777b71fb19d9b0f47d6998733ed8f52 (cherry picked from commit e740250b9d966c7eb9a7959a47526906780d7715)
/system/core/debuggerd/crash_dump.cpp
|
57f58f8e4a143f1208593c8b397b9a17d055dad0 |
|
16-Mar-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: fetch process/thread names before dropping privileges. Processes that don't have dumpable set to 1 cannot have their process/thread names read by processes that don't have all of their capabilities. Fetch these names in crash_dump before dropping privileges. Bug: http://b/36237221 Test: debuggerd_test Test: debuggerd -b `pidof android.hardware.bluetooth@1.0-service` Change-Id: I174769e7b3c1ea9f11f9c8cbdff83028a4225783
/system/core/debuggerd/crash_dump.cpp
|
c7fe0600cc14f0324e8f603309c92263aefb7193 |
|
13-Mar-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: fix warnings, turn on -Werror. Test: mma Change-Id: I0722fef7b513be976cbbe89f73e8bb7138a80442
/system/core/debuggerd/crash_dump.cpp
|
428daafc5b9a2186e2d893c8ebd1c4337ce3c7a9 |
|
10-Mar-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: improve logging for when a process dies prematurely. If a process that's getting dumped dies before crash_dump starts (e.g. because seccomp immediately kills it after it execs crash_dump), improve the error message to not just say "target died before we could attach". Bug: http://b/36077710 Test: inserted an exit in the handler, inspected output Change-Id: I7d394c66d60d328b096b15654b3648e1ed711728
/system/core/debuggerd/crash_dump.cpp
|
e1aa0ca58a2a356039047ffcc8a98d85d1bce8ed |
|
02-Mar-2017 |
Josh Gao <jmgao@google.com> |
debuggerd_handler: implement missing fallback functionality. Allow the fallback implementation to dump traces and create tombstones in seccomped processes. Bug: http://b/35858739 Test: debuggerd -b `pidof media.codec`; killall -ABRT media.codec Change-Id: I381b283de39a66d8900f1c320d32497d6f2b4ec4
/system/core/debuggerd/crash_dump.cpp
|
2a18b822d50f360b83e9ce3fd822d2650ed3a4db |
|
17-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: remove unneeded/faulty checks. We already check our /proc/`getppid()` fd every time we attach a thread, so these were unneeded at best. The one that happened after dropping capabilities was actively wrong, though, because /proc/pid access checks happen on every operation. (only on some kernels?) Also, add a check that getppid() doesn't change after opening /proc/getppid(). Bug: http://b/35241370 Test: debuggerd -b `pidof com.android.bluetooth` Change-Id: I807439d8c2afd027f3c382face50167a8a7946c4
/system/core/debuggerd/crash_dump.cpp
|
c7cd48af582a01e4c1397b9ce0a99ae8fe9e4479 |
|
17-Feb-2017 |
Josh Gao <jmgao@google.com> |
Merge "libdebuggerd_handler: in-process crash dumping for seccomped processes."
|
a70f11331f03ba1aa868efcbcf55e203622c3ffc |
|
16-Feb-2017 |
Josh Gao <jmgao@google.com> |
Merge "crash_dump: make output fd O_APPEND."
|
e73c932373e59e4c0351cc7a8bd8cc5b8910d87e |
|
09-Feb-2017 |
Josh Gao <jmgao@google.com> |
libdebuggerd_handler: in-process crash dumping for seccomped processes. Do an in-process unwind for processes that have PR_SET_NO_NEW_PRIVS enabled. Bug: http://b/34684590 Test: debuggerd_test, killall -ABRT media.codec Change-Id: I62562ec2c419d6643970100ab1cc0288982a1eed
/system/core/debuggerd/crash_dump.cpp
|
f6ad5851e689f54c9dee6bfc6668ca726726e818 |
|
15-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: fix typos in error messages. Bug: http://b/34760032 Bug: http://b/35367169 Test: mm Change-Id: I45fa002d4ca616a41524583228987ab1197a125e
/system/core/debuggerd/crash_dump.cpp
|
8a7e70391207e9f6b65b40f9b2884935ea597436 |
|
16-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: make output fd O_APPEND. Bug: http://b/35209835 Test: mma Change-Id: I447e3cfa3361f9c8b4b3335d0abccd1fe4c98e0f
/system/core/debuggerd/crash_dump.cpp
|
2f11a25a48897efe35d065472f921759d5941eba |
|
13-Feb-2017 |
Josh Gao <jmgao@google.com> |
debuggerd_handler: set PR_SET_DUMPABLE before running crash_dump. Set and restore PR_SET_DUMPABLE when performing a dump, so that processes that have it implicitly cleared (e.g. services that acquire filesystem capabilities) still get crash dumps. Bug: http://b/35174939 Test: debuggerd -b `pidof surfaceflinger` Change-Id: Ife933c10086e546726dec12a7efa3f9cedfeea60
/system/core/debuggerd/crash_dump.cpp
|
c24cc8a9e51d53aa7a2a7c0af3189abe2364dcc7 |
|
07-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: collect open files before dropping caps. /proc/<pid>/fd is also limited by ptrace_may_access. Test: manual inspection of "debuggerd -b `pidof zygote`" Change-Id: I1a28c21c0438fe8729bd8e041c6b418d6a84c586
/system/core/debuggerd/crash_dump.cpp
|
347164cc59fc4cf45e30c5518e6aa3b29cdc0283 |
|
07-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: read /proc/<pid>/maps before dropping capabilities. Reading /proc/<pid>/maps does a ptrace_may_access check, which will fail if we have fewer capabilities than the target, even if we've already ptraced it. Bug: http://b/35070339 Test: debuggerd -b `pidof zygote` Change-Id: I984a061022bd945a7950b88f6d579e1bd735e893
/system/core/debuggerd/crash_dump.cpp
|
85bcaf68d33ac0d92df0a3aa6ce34a09b382a9e6 |
|
02-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: drop capabilities after we ptrace attach. Bug: http://b/34853272 Test: debuggerd -b `pidof system_server` Test: debuggerd -b `pidof zygote` Change-Id: Ic1e1a4b0eb1f561621800cd4cc9a5b848fc5ffd8
/system/core/debuggerd/crash_dump.cpp
|
fe90276aee3f778e143236c882092331a9df7c32 |
|
02-Feb-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: use /proc/<pid> fd to check tid process membership. Bug: http://b/34759490 Test: /data/nativetest/debuggerd_test/debuggerd_test32 Test: debuggerd -b `pidof system_server` Test: debuggerd -b `pidof zygote` Change-Id: I627692b44977335a9568cd765ad28205f0a61327
/system/core/debuggerd/crash_dump.cpp
|
b53f903cf1172b62cbaff17c34405b27172acb76 |
|
31-Jan-2017 |
Josh Gao <jmgao@google.com> |
debuggerd: fix `debuggerd -b <pid>` Dump all of the threads when using `debuggerd -b`. Bug: http://b/34719257 Test: `debuggerd -b mediaserver` Change-Id: I2f57100985e5b0c2bf019482ba9feff31921692f
/system/core/debuggerd/crash_dump.cpp
|
0a37901b9f83f75579634afcc3dc8eb1b4a116ce |
|
25-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: properly dump when we can't talk to tombstoned. Bug: http://b/32466479 Test: stop tombstoned; logcat -c; crasher; logcat Change-Id: I16c010cc1865b4e1db8d2b85c904a2e074f28f1f
/system/core/debuggerd/crash_dump.cpp
|
5fe1cebe7cccbcb815c0520530cb7e5f95db19e1 |
|
24-Jan-2017 |
Vijay Venkatraman <vijaykv@google.com> |
Merge "Replaced include log/logger.h with log/log.h in debuggerd"
|
a95acea5bff36eaacc11b7301689363438953f80 |
|
24-Jan-2017 |
Vijay Venkatraman <vijaykv@google.com> |
Replaced include log/logger.h with log/log.h in debuggerd Test: Compile debuggerd Change-Id: I33d12708993bd6818907b8cbb0a7a40672ad320d
/system/core/debuggerd/crash_dump.cpp
|
7c6e3133f57b6c908e211c0013fcb68d5a44d919 |
|
23-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: set a watchdog timer. PTRACE_DETACH is only necessary if the process is in group-stop state, the tracer exiting is sufficient to detach and resume tracees. Using this, set a 5 second timer with alarm(2) that just kills us, to avoid leaving processes stopped. Bug: http://b/34472671 Test: debuggerd_test Test: crasher + manually inserting a 10 second sleep into crash_dump Change-Id: Iacaa796f79037aa1585f3f2159abe45ef0069311
/system/core/debuggerd/crash_dump.cpp
|
122479f4a0774a2a5599e6052ad427cbbeb8094a |
|
23-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: switch to PTRACE_SEIZE. ptrace(PTRACE_ATTACH) does not immediately put the traced process in a stopped state. If we manage to call PTRACE_CONT on it before it finishes, we'll fail. Switch to using PTRACE_SEIZE and PTRACE_INTERRUPT to guarantee that the target stops immediately. This also has the advantage of never putting the process in group-stop state, which means if we exit prematurely (e.g. if we crash during stack unwinding), the target process will be resumed without any intervention needed. Bug: http://b/34472671 Test: while true; do debuggerd -b `pidof audioserver`; done Change-Id: I7549f67489646cf300b8c9aa8c735e5e897806ef
/system/core/debuggerd/crash_dump.cpp
|
575941115e46a60d4e41dfa5336572c603917a29 |
|
23-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: clear the default crash handlers. crash_dump is a dynamic executable that gets the default crash dumping handlers set by the linker. Turn them off to prevent crash_dump from dumping itself. Bug: http://b/34472671 Test: inserted an abort into crash_dump Change-Id: Ic9d708805ad47afbb2a9ff37e2ca059f23f421de
/system/core/debuggerd/crash_dump.cpp
|
d20d687de57b989495f4826450ac79910a4686dc |
|
23-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: remove extra log. We're already aborting via LOG(FATAL), there's no reason to log again. Bug: none Test: mma Change-Id: I96cb09b716b19381d6a6931048827ef45f87170b
/system/core/debuggerd/crash_dump.cpp
|
42fd74bd1f95356732ccd9f3e7ec2befd194fb32 |
|
20-Jan-2017 |
Josh Gao <jmgao@google.com> |
crash_dump: don't abort if we fail to attach a sibling. A TOCTOU race can occur between listing threads and attaching them. Don't abort and leave the process in a stopped state when this happens. Bug: http://b/34472671 Test: while true; do debuggerd -b `pidof audioserver`; done Change-Id: Ib1632c3423fddf506b5c7874223c82fada78a85e
/system/core/debuggerd/crash_dump.cpp
|
cbe70cb0a8cb0171f3802273050e851a47b090ed |
|
19-Oct-2016 |
Josh Gao <jmgao@google.com> |
debuggerd: advance our amazing bet. Remove debuggerd in favor of a helper process that gets execed by crashing processes. Bug: http://b/30705528 Test: debuggerd_test Change-Id: I9906c69473989cbf7fe5ea6cccf9a9c563d75906
/system/core/debuggerd/crash_dump.cpp
|