and updating minidump_stackwalk to show process uptime.
I tested this with a minidump from Chrome and I got a result that
is inline with what the Windows debugger is showing for that dump:
minidump_stackwalk output:
--------------------------
Process uptime: 601 seconds
WinDBG output:
--------------
Process Uptime: 0 days 0:10:01.000
I didn't update the machine readable output of minidump_stackwalk
on purpose in order to avoid breaking someone that uses it.
It can be added later to the machine output if needed.
R=mark@chromium.org
Review URL: https://breakpad.appspot.com/7754002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1406 4c0a9323-5329-0410-9bdc-e9ce6186880e
More specifically:
- Detect corrupt symbols during minidump processing and provide the list of modules with corrupt symbols in the ProcessState. This will allow listing the corrupt symbol files in the final crash report.
- Skip and recover from symbol data parse errors - don't give up until 100 parse errors are seen.
- In order to recover from '\0' (null terminator) in the middle of a symbol file, a couple of methods have to be updated to require both buffer pointer and length. Previously they required only a buffer pointer (char *) and the size of the buffer was evaluated using strlen which is not reliable when the data is corrupt. Most of the changes are due to these signature updates.
- Added and updated unittests.
Also, updated minidump_stackwalk to show a WARNING for corrupt symbols. Output looks like this:
...
Loaded modules:
0x000da000 - 0x000dafff Google Chrome Canary ??? (main)
0x000e0000 - 0x0417dfff Google Chrome Framework 0.1500.0.3 (WARNING: Corrupt symbols, Google Chrome Framework, 4682A6B4136436C4BFECEB62D498020E0)
0x044a8000 - 0x04571fff IOBluetooth 0.1.0.0
...
Review URL: https://breakpad.appspot.com/613002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1200 4c0a9323-5329-0410-9bdc-e9ce6186880e
doesn't see the correct thread stack memory. Instead, it loads garbage
(from offset 0 of the minidump file - well that's not garbage, but it is
not the stack memory region either) and attempts to walk it. A typical
symptom of this issue is when you get a single stack frame after
processing - the context frame - for which you don't need stack memory.
This issue is caused by an invalid RVA in the memory descriptor stored
inside the MINIDUMP_THREAD structure for the thread. Luckily, the
invalid RVA is 0, and the start_of_memory_region appears to be correct,
so this issue can be easily detected and the correct memory region can be
loaded using an RVA specified in the MinidumpMemoryList.
I couldn't find a reasonable description on MSDN regarding
MINIDUMP_MEMORY_DESCRIPTOR.MINIDUMP_LOCATION_DESCRIPTOR having RVA of 0
except maybe for full dumps where the 64-bit version of the structure
(MINIDUMP_MEMORY_DESCRIPTOR64) is used and it has no RVA at all. It has
a 64-bit DataSize which if interpreted as the 32-bit structure will very
likely result in 0 for the RVA:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms680384(v=vs.85).aspx
Anyways, the dump that I looked at was not a full dump so 0 for RVA is a
bit puzzling (at least easily detectable):
...
Microsoft (R) Windows Debugger Version 6.2.9200.20512 X86
Copyright (c) Microsoft Corporation. All rights reserved.
...
User Mini Dump File: Only registers, stack and portions of memory are available
...
MINIDUMP_HEADER:
Version A793 (62F0)
NumberOfStreams 11
Flags 160
0020 MiniDumpWithUnloadedModules
0040 MiniDumpWithIndirectlyReferencedMemory
0100 MiniDumpWithProcessThreadData
Review URL: https://breakpad.appspot.com/606002
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@1194 4c0a9323-5329-0410-9bdc-e9ce6186880e
is no reason not to keep it locally. Implemented a basic disassembler which can be used
to scan bytecode for interesting conditions. This should be pretty easy to add to for
things other than exploitability if there is a desire. This also adds several tests to
the windows exploitability ranking code to take advantage of the disassembler for x86
code.
BUG=None
TEST=DisassemblerX86Test.*
Review URL: http://breakpad.appspot.com/203001
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@705 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch avoids unnecessary use of the <cfoo> headers in files that don't
actually use the identifiers they declare in the std:: namespace.
It also changes some files to better conform with the "Names and Order of
Includes" rules in the Google C++ Style Guide.
A=jimb R=mark
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@619 4c0a9323-5329-0410-9bdc-e9ce6186880e
This patch avoids comparisons between signed and unsigned values, as
warned about by G++ 4.4.1.
a=jimblandy, r=nealsid
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@469 4c0a9323-5329-0410-9bdc-e9ce6186880e
- Provide an optional filter callback that gets triggered before attempting
to write a dump, to give client code a chance to refuse handling early
in the process.
- Allow exceptions that are unhandled by Airbag (due to filter callback or
dump callback return value, or failure to write a dump) to be passed to the
previous handler or to the system.
- In order to pass exceptions unhandled by the topmost Airbag handler to
lower handlers, fix up the stacking of ExceptionHandler objects, and give
each ExceptionHandler object its own thread (like the Mac implementation)
to avoid deadlock.
- Provide a dump_path argument to callbacks, as requested by developers and
already implemented in the Mac handler.
- Avoid calling c_str in exception handler code (#90).
http://groups.google.com/group/airbag-dev/browse_thread/thread/4771825ced38a84c
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@79 4c0a9323-5329-0410-9bdc-e9ce6186880e
- Introduces a standard API for dealing with modules. MinidumpModule
is now a concrete implementation of this API. Code may interact with
single modules using the CodeModule interface, and collections of
modules using its container, the CodeModules interface.
- CodeModule is used directly by SymbolSupplier implementations and
SourceLineResolver. Reliance on the specific implementation in
MinidumpModule has been eliminated.
- Module lists are now added to ProcessState objects. Module references
in each stack frame are now pointers to objects in these module lists.
- The sample minidump_stackwalk tool prints the module list after printing
all threads' stacks.
http://groups.google.com/group/airbag-dev/browse_frm/thread/a9c0550edde54cf8
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@74 4c0a9323-5329-0410-9bdc-e9ce6186880e
- minidump_stackwalk is now much more useful as a debugging tool and
even as a standalone tool.
- Reimplementation of minidump_stackwalk around MinidumpProcessor.
- minidump_stackwalk displays all pertinent information returned by
MinidumpProcessor in the ProcessState.
- New PathnameStripper::File static utility method to display only the
leaf file name in a pathname, cleaning up minidump_stackwalk's output.
- New SimpleSymbolSupplier class, which implements a simple
filesystem-based symbol supplier compatible with the layout used by
Microsoft Symbol Server and its client cache.
- minidump_stackwalk now accepts an optional second argument, a pathname
to use as a symbol directory for a SimpleSymbolSupplier.
- Updated test data to be compatible with SimpleSymbolSupplier, and added
test data for kernel32.pdb. Test data converted from CRLF line endings
to LF.
http://groups.google.com/group/airbag-dev/browse_thread/thread/cce30a84f6b2d728
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@53 4c0a9323-5329-0410-9bdc-e9ce6186880e
- MinidumpProcessor now processes all threads and returns a new ProcessState
object. (Interface change.)
- ProcessState contains a CallStack for each thread in the process, and
additional information about whether the process crashed, which thread
crashed, the reason for the crash, and identifying attributes for the
OS and CPU.
- MinidumpSystemInfo now contains a GetCPUVendor() method that returns the
vendor information from CPUID 0 on x86 processors ("GenuineIntel").
http://groups.google.com/group/airbag-dev/browse_thread/thread/16dd2c981e3361ba
git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@47 4c0a9323-5329-0410-9bdc-e9ce6186880e
