| Age | Commit message (Collapse) | Author |
|---|
|
Change-Id: I63897770711a81d331de3f325affa88c3a56784f
|
|
We already dump the tags in the regigster dump section by appending the
tag to the memory address. You only get 2 granules before each register
and 13 after.
The HWASan-style tag dump is extremely useful for debugging, as it gives
a pretty comprehensive overview of the memory subsystem. It also
provides enough context bytes (256) to give you a reasonable intuition
about a particular bug.
The tag dump shows up only if PTRACE_PEEKTAGS returns at least one value
in the 256 requested. If the start of end of the region is untagged,
it's omitted. The tag dump looks like this:
Change-Id: Icc33fb97542d9b1fa3ae9e58aba34d524c6ba7b5
---
Memory tags around the fault address (0x60000704414d340), one tag per 16 bytes:
0x704414d000: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d100: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d200: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
=>0x704414d300: 0 0 0 0 [2] 2 0 0 0 0 0 0 0 0 0 0
0x704414d400: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d500: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d600: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d700: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d800: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414d900: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0x704414da00: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
---
Bug: 183992164
Test: atest debuggerd_test on MTE+QEMU and sunfish.
Change-Id: I8d5842e4803ca30b407e866c99eef56f2cb36600
Merged-In: I8d5842e4803ca30b407e866c99eef56f2cb36600
|
|
Using thread cache will cause SIGSEGV for 32bit+kernel4.9 device.
Bug: 190579082
Bug: 189803009
Test: run cts -m CtsSeccompHostTestCases
Change-Id: I47b13d02674aadbacd8dac36d8382eed0885413c
Merged-In: I47b13d02674aadbacd8dac36d8382eed0885413c
Signed-off-by: yidong zhang <yidong.zhang@amlogic.com>
(cherry picked from commit cbf7c466e65eba2b285b28292a5e4934b6655c8a)
|
|
Change-Id: Ifacd718e7a3cbde1afa75d11a1b14e64286c2847
|
|
The code in the fallback path calls pthread_key_create when using the
normal thread cache. However, this code is executed out of the linker,
which means that the call doesn't see keys created by the libc version
of pthread_key_create. As of now, simply avoid using the thread cache
to avoid this problem.
Bug: 189803009
Test: debuggerd -b on a media process on a 32 bit Android Go device
Test: and observe no crash.
Test: debuggerd unit tests pass.
Change-Id: I9ca1a55e44d3bb69d49450826d7d64d7a64145c3
|
|
Change-Id: I5c88fe967b18abffb9e7d9147f3576ea4558ad67
|
|
This information clearly meets the bar for being dumped to logcat. If we
omit the info, we may confuse the user into thinking that it's not
available at all, especially if it's their first time seeing an MTE
report.
This also adds some functionality to the integration testing library to
pull logcat messages and scan them to make sure the contents are in both
places.
Fixes: 187881237
Test: atest debuggerd_test # on QEMU w/ MTE.
Change-Id: Icc17ea45bda7628331cc4812eaad3bc5c949b7a7
Merged-In: Icc17ea45bda7628331cc4812eaad3bc5c949b7a7
|
|
Bug: http://b/188315622
Test: manual
Change-Id: I2948b929beb3093b59c8d37b706c857e7422a3cc
Merged-In: I2948b929beb3093b59c8d37b706c857e7422a3cc
(cherry picked from commit 931274862fc55bc723ee72c0c989984c4ffb7776)
|
|
|
|
|
|
Bug: 187879470
Change-Id: I9547f3032af9d1a921f8597a53389d25af33b369
|
|
|
|
|
|
Use accessors to for all the fields.
Test: build
Change-Id: I68d149d914d4a4b088aaf822fe222a5d9e56ae80
|
|
This type of error is unlikely and attempting to detect it with MTE
is likely to produce false positive reports. Make sure that this type
of error is not detected by the allocator.
Change-Id: I90676d1a031411d6b725890311317802bc24b459
|
|
This does not currently cause any problems but it does block progress
on the referenced bugs.
Bug: 187910671
Bug: 187914588
Test: m droid
Change-Id: I977cd842101187441ddbc873eac25598295aab06
|
|
Change-Id: If1e45c0407ebeee685e65e47b54a353ef88b401f
|
|
When moving to the proto-ized tombstones, the note about unreadable
elf files in a backtrace got lost. This re-adds it and adds a test
to verify that the note properly shows up.
Bug: 185428454
Test: Ran unit tests.
Change-Id: I1150cc737772e1b79fd73ec5c782caadc4629421
|
|
Change-Id: I9729cc3087e7f15940babbf3afdf118941eb8b8a
|
|
A change was made so that pthread_create is calling
prctl(PR_PAC_RESET_KEYS, ...) on aarch64. It's possible that other
seccomp policies might need to change to allow this.
Test: CrasherTest.seccomp_backtrace passes on aarch64.
Change-Id: I9c4d1b3dca5f19a6285bf904bb942f1f52e42bd0
|
|
Change-Id: I5fc9b14634cd9f2991dc43b2dedb514603d138a1
|
|
|
|
Bug: http://b/180605583
Test: debuggerd_test
Change-Id: I018d399a5460f357766dc1b429f645f78fe88565
|
|
Change-Id: I5658dcb0f7ed2ca7deb5eeb333981daaf76592ca
|
|
Test: m debuggerd_test
Change-Id: I63a2379bad3ace4755ae48bf0a83eaa0070f9077
|
|
|
|
|
|
|
|
|
|
|
|
Talk of "gdb" when we currently mean "gdb or lldb" and will soon mean
"lldb" is starting to confuse people. Let's use the more neutral
"debugger" in places where it really doesn't matter.
The switch from gdbclient.py to lldbclient.py is a change for another
day...
Test: treehugger
Change-Id: If39ca7e1cdf4c8bb9475f1791cdaf201fbea50e0
|
|
|
|
Bug: http://b/181927912
Clang already has -Wfree-nonheap-object but it became a default warning
with clang-r416183
Test: compile crasher.cpp
Change-Id: Ice532e9f373a628e07acd08a4fc7bfa7cf5d4e08
|
|
Test: treehugger
Change-Id: I17f5f88e91be3dccbf01b93ca93b0879a997bb4d
|
|
Proto tombstones were missing tagged fault addresses, tagged_addr_ctrl,
tags in memory dumps and Scudo and GWP-ASan error reports. Since text
tombstones now go via protos, all of these features broke when we
switched to text tombstones generated from protos by default. Fix
the features by adding support for them to the proto format,
tombstone_proto and tombstone_proto_to_text.
Bug: 135772972
Bug: 182489365
Change-Id: I3ca854546c38755b1f6410a1f6198a44d25ed1c5
|
|
Looks like we unintentionally had a breakage after aosp/1595302, where
both GWP-ASan and MTE tests started failing because the extra
information wasn't plumbed through the tombstones. MTE has end-to-end
tests but aren't run continuously, and GWP-ASan was missing the e2e
tests.
Also remove some unique wording for GWP-ASan, a UaF on the free'd
pointer is now "0 bytes into a 16-byte allocation" instead of "on a
16-byte allocation". The former is more descriptive and is more
ubiquitously used in our tooling.
This patch adds the E2E tests, but the underlying problem needs to be
fixed as well, before this patch can land.
Bug: 182489365
Test: atest debuggerd_test
Change-Id: I0fe8aba7ea443b3071724987f46b19a6525cda3c
|
|
In order to test the platform in emulators that are orders of magnitude
slower than real hardware we need to be able to avoid hitting timeouts
that prevent it from coming up properly. For this purpose introduce
a system property, ro.hw_timeout_multiplier, which may be set to
an integer value that acts as a multiplier for various timeouts on
the system.
Bug: 178231152
Change-Id: I6d7710beed0c4c5b1720e74e7abe3a586778c678
Merged-In: I6d7710beed0c4c5b1720e74e7abe3a586778c678
|
|
Change-Id: I01c4c598ed6764fc1936b2baaab660e585a3984c
|
|
__scudo_get_error_info()."
|
|
|
|
|
|
Application developers would like to know how long their process has
been alive for to distinguish between crashes that happen immediately
upon startup and crashes in regular operation.
Test: manual
Change-Id: Ia31eeadfcced358b478c7a7c7bb2e8a0252e30f4
|
|
Test: none
Change-Id: I87b62f306d287e9356c639f6d0c49566c71f7f29
|
|
Change-Id: Ibfdfdca4292e9a1076e6a9c9a3325761d281ae80
|
|
In order to test the platform in emulators that are orders of magnitude
slower than real hardware we need to be able to avoid hitting timeouts
that prevent it from coming up properly. For this purpose introduce
a system property, ro.hw_timeout_multiplier, which may be set to
an integer value that acts as a multiplier for various timeouts on
the system.
Bug: 178231152
Change-Id: I6d7710beed0c4c5b1720e74e7abe3a586778c678
Ignore-AOSP-First: The frameworks/base part of this change conflicts with AOSP so we need to land it internally first
|
|
Added SPDX-license-identifier-Apache-2.0 to:
bootstat/Android.bp
cli-test/Android.bp
code_coverage/Android.bp
cpio/Android.bp
debuggerd/crasher/Android.bp
debuggerd/proto/Android.bp
diagnose_usb/Android.bp
fs_mgr/libdm/Android.bp
fs_mgr/libfiemap/Android.bp
fs_mgr/liblp/Android.bp
fs_mgr/libsnapshot/Android.bp
fs_mgr/libstorage_literals/Android.bp
fs_mgr/libvbmeta/Android.bp
fs_mgr/tests/Android.bp
fs_mgr/tools/Android.bp
gatekeeperd/Android.bp
healthd/Android.bp
healthd/testdata/Android.bp
init/Android.bp
init/Android.mk
init/sysprop/Android.bp
init/test_kill_services/Android.bp
init/test_service/Android.bp
libappfuse/Android.bp
libasyncio/Android.bp
libbinderwrapper/Android.bp
libcrypto_utils/Android.bp
libcrypto_utils/tests/Android.bp
libdiskconfig/Android.bp
libgrallocusage/Android.bp
libkeyutils/mini_keyctl/Android.bp
libmodprobe/Android.bp
libnetutils/Android.bp
libpackagelistparser/Android.bp
libprocessgroup/Android.bp
libprocessgroup/cgrouprc/Android.bp
libprocessgroup/cgrouprc_format/Android.bp
libprocessgroup/profiles/Android.bp
libprocessgroup/setup/Android.bp
libqtaguid/Android.bp
libsparse/Android.bp
libstats/push_compat/Android.bp
libsuspend/Android.bp
libsync/Android.bp
libsystem/Android.bp
libsysutils/Android.bp
libusbhost/Android.bp
libutils/Android.bp
libvndksupport/Android.bp
libvndksupport/tests/Android.bp
llkd/Android.bp
llkd/tests/Android.bp
property_service/libpropertyinfoparser/Android.bp
property_service/libpropertyinfoserializer/Android.bp
property_service/property_info_checker/Android.bp
qemu_pipe/Android.bp
reboot/Android.bp
rootdir/Android.bp
rootdir/Android.mk
rootdir/avb/Android.bp
rootdir/avb/Android.mk
run-as/Android.bp
sdcard/Android.bp
set-verity-state/Android.bp
shell_and_utilities/Android.bp
storaged/Android.bp
toolbox/Android.bp
trusty/apploader/Android.bp
trusty/confirmationui/Android.bp
trusty/confirmationui/fuzz/Android.bp
trusty/coverage/Android.bp
trusty/fuzz/Android.bp
trusty/fuzz/test/Android.bp
trusty/gatekeeper/Android.bp
trusty/gatekeeper/fuzz/Android.bp
trusty/keymaster/Android.bp
trusty/keymaster/fuzz/Android.bp
trusty/libtrusty/Android.bp
trusty/libtrusty/tipc-test/Android.bp
trusty/secure_dpu/Android.bp
trusty/storage/interface/Android.bp
trusty/storage/lib/Android.bp
trusty/storage/proxy/Android.bp
trusty/storage/tests/Android.bp
trusty/utils/spiproxyd/Android.bp
trusty/utils/trusty-ut-ctrl/Android.bp
usbd/Android.bp
watchdogd/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
debuggerd/Android.bp
fastboot/Android.bp
libkeyutils/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD
SPDX-license-identifier-MIT
to:
libcutils/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-MIT
to:
fs_mgr/Android.bp
fs_mgr/libfs_avb/Android.bp
trusty/Android.bp
trusty/utils/rpmb_dev/Android.bp
Added SPDX-license-identifier-BSD
to:
fastboot/fuzzy_fastboot/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: Id740a7d2884556081fdb68876584b25eb95e1bef
|
|
|
|
|
|
We're running into timeouts from death tests because we're ~doubling the
cost of crash dumping by doing it twice.
Bug: http://b/180605583
Test: treehugger
Change-Id: If5b40434171323a09960b70af0124ec08bd3fbe8
|
|
On cuttlefish, the number of tombstones allowed is much larger
than 50, so change the algorithm to search for any tombstone
file.
Test: Ran unit tests on cuttlefish with > 50 tombstones.
Test: Ran unit tests on device.
Change-Id: Ia1d885fe19a7f7751fe3386d40b48750d1e21bd5
|
