summaryrefslogtreecommitdiffstats
path: root/breakpad/linux/exception_handler.cc
Commit message (Collapse)AuthorAgeFilesLines
* Linux: Use upstream google-breakpad instead of our fork.thestig@chromium.org2009-12-021-322/+0
| | | | | | | | BUG=28276 TEST=dump_syms works with ToT Chrome. Review URL: http://codereview.chromium.org/414049 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@33534 0039d316-1c4b-4281-b951-d872f2087c98
* Linux: SUID sandbox supportagl@chromium.org2009-07-081-0/+3
| | | | | | | | | | | | | | | | | | | | | * Make processes dumpable when they crash. * Find crashing processes by searching for a socket inode, rather than relying on SCM_CREDENTIALS. The kernel doesn't translate PIDs between PID namespaces with SCM_CREDENTIALS, so we can't use the PID there. * Use a command line flag to the renderer to enable crash dumping. Previously it tried to access the user's home directory for this information. * Search for a sandbox helper binary and, if found, use it. * Include the source for a sandbox helper binary. It's currently not built by default. http://codereview.chromium.org/149230 R=evan,markus BUG=8081 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@20110 0039d316-1c4b-4281-b951-d872f2087c98
* Linux: Dumping a renderer can traverse an invalid pointer.agl@chromium.org2009-06-051-0/+2
| | | | | | | | | | | | | | | | A ucontext isn't a POD datatype, so we can end up sending it to the browser and then walking an embedded pointer which is only valid in the renderer context. This fix sends the floating point registers (which were at the other end of said pointer) in the context and stops using the pointer in the ucontext. BUG=13465 http://codereview.chromium.org/119249 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17771 0039d316-1c4b-4281-b951-d872f2087c98
* In Linux Breakpad, point the child stack at the top-most address rather than ↵thestig@google.com2009-06-011-1/+8
| | | | | | | | | | the bottom-most address before calling clone(). BUG=none TEST=Official builds on Linux should be able to dump/upload reliably when running with --crash-test. Review URL: http://codereview.chromium.org/115955 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17354 0039d316-1c4b-4281-b951-d872f2087c98
* Add another missing include to exception_handler.cc to fix building on ↵thestig@chromium.org2009-05-221-0/+1
| | | | | | | | Fedora 11. Review URL: http://codereview.chromium.org/113780 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16782 0039d316-1c4b-4281-b951-d872f2087c98
* Fix a missing include in exception_handler.cc, fix compilation on Jaunty.thestig@chromium.org2009-05-221-5/+6
| | | | | | Review URL: http://codereview.chromium.org/113774 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16773 0039d316-1c4b-4281-b951-d872f2087c98
* Linux: add Breakpad supportagl@chromium.org2009-05-221-0/+308
This commits a rewrite of the Breakpad Linux client. The old code: * Had a number of plain bugs in it, but those could just have been fixed. * Allocated memory from the heap, which is a no go. * Made libc calls which can enter the dynamic linker - another source of crashes. * Didn't understand some of the tricks needed, like clone() via libc will write to random areas of memory because it assumes that it's only called from libpthread Additionally, we had one more requirement which meant changing the interface: * We need to be able to crash dump the renderers from the browser process. And that last one really needed a rewrite. We intend to try and upstream this new code into Breakpad. The new Breakpad design works like this: When a renderer crashes, a signal handler runs on an alternative stack and collects information about the registers of the thread before the crash. Then we enter Chromium specific code an send a datagram message to a magic file descriptor (4) containing: * the registers and tid of the crashing thread * the active URL * a file descriptor to a socket * a CREDENTIALS structure giving the PID of the renderer. On the other end of the socket is an object on the IO thread (render_crash_handler_host_linux.cc) which reads and parses the datagram. The CREDENTIALS structure is validated by the kernel, so the renderer can't lie about it's PID and try and get the browser to crash dump the wrong process. The browser then ptraces the renderer and extracts all the needed information to write a minidump to a temp file. Then we write a byte to the file descriptor which the renderer gave the browser in the datagram and that's the signal to the renderer to finish dying. It dies by sending itself the same signal which trigger the crash dump in the first place, so it will appear to crash as normal as far as kernel core dumps and waitpid are concerned. The browser then constucts a MIME message in a temp file for upload to the crash service. We then fork out to /usr/bin/wget to actually do the upload (since Debian numbers suggest that 99.8% of users have wget installed.) A second forked child unlinks the temp files once wget has completed. For a browser crash, everything works pretty much the same except that the datagram step is omitted and we clone() off a process to ptrace ourselves and write the minidump. This code is only enabled in Chrome branded builds. Stub source files are substituted in the case of a Chromium build. http://codereview.chromium.org/115526 BUG=9646,10772 TEST=Build a Chrome branded binary. Send SEGV to a renderer and verify that wget output appears on stderr. Send a SEGV to the main binary and verify the same. git-svn-id: svn://svn.chromium.org/chrome/trunk/src@16719 0039d316-1c4b-4281-b951-d872f2087c98
generated by cgit v1.1 at 2025-03-27 17:57:24 +0000