From 60515bf9f1b9eb222ed5fff274a8917ed9548add Mon Sep 17 00:00:00 2001 From: Josh Gao Date: Tue, 14 Feb 2017 21:03:23 -0800 Subject: [PATCH 1/2] debuggerd_handler: don't use snprintf in handler. snprintf isn't safe to call in the linker after initialization, because it uses MB_CUR_MAX which is implemented via pthread_getspecific, which uses TLS slots shared with libc. If the TLS slots are assigned in a different order between libc.so and the linker, MB_CUR_MAX will evaluate to an incorrect value, and lead to snprintf doing bad things. Switch to __libc_format_buffer. Bug: http://b/35367169 Test: debuggerd -b `pidof zygote` Change-Id: I9d315cf63e5f3fd2f4545d6e3f707cdbe94ec606 --- debuggerd/handler/debuggerd_handler.cpp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/debuggerd/handler/debuggerd_handler.cpp b/debuggerd/handler/debuggerd_handler.cpp index a5de83a29..b1dc01aca 100644 --- a/debuggerd/handler/debuggerd_handler.cpp +++ b/debuggerd/handler/debuggerd_handler.cpp @@ -81,7 +81,7 @@ static void __noreturn __printflike(1, 2) fatal_errno(const char* fmt, ...) { va_start(args, fmt); char buf[4096]; - vsnprintf(buf, sizeof(buf), fmt, args); + __libc_format_buffer_va_list(buf, sizeof(buf), fmt, args); fatal("%s: %s", buf, strerror(err)); } @@ -256,8 +256,9 @@ static int debuggerd_dispatch_pseudothread(void* arg) { char main_tid[10]; char pseudothread_tid[10]; - snprintf(main_tid, sizeof(main_tid), "%d", thread_info->crashing_tid); - snprintf(pseudothread_tid, sizeof(pseudothread_tid), "%d", thread_info->pseudothread_tid); + __libc_format_buffer(main_tid, sizeof(main_tid), "%d", thread_info->crashing_tid); + __libc_format_buffer(pseudothread_tid, sizeof(pseudothread_tid), "%d", thread_info->pseudothread_tid); + execl(CRASH_DUMP_PATH, CRASH_DUMP_NAME, main_tid, pseudothread_tid, nullptr); fatal_errno("exec failed"); From f6ad5851e689f54c9dee6bfc6668ca726726e818 Mon Sep 17 00:00:00 2001 From: Josh Gao Date: Wed, 15 Feb 2017 12:21:11 -0800 Subject: [PATCH 2/2] crash_dump: fix typos in error messages. Bug: http://b/34760032 Bug: http://b/35367169 Test: mm Change-Id: I45fa002d4ca616a41524583228987ab1197a125e --- debuggerd/crash_dump.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/debuggerd/crash_dump.cpp b/debuggerd/crash_dump.cpp index 0ca90c3df..d4be25bd2 100644 --- a/debuggerd/crash_dump.cpp +++ b/debuggerd/crash_dump.cpp @@ -218,7 +218,7 @@ static void check_process(int proc_fd, pid_t expected_pid) { } if (proc_info.pid != expected_pid) { - LOG(FATAL) << "pid mismatch: expected " << expected_pid << ", actual " << proc_info.ppid; + LOG(FATAL) << "pid mismatch: expected " << expected_pid << ", actual " << proc_info.pid; } } @@ -254,7 +254,7 @@ int main(int argc, char** argv) { } if (!android::base::ParseInt(argv[2], &pseudothread_tid, 1, std::numeric_limits::max())) { - LOG(FATAL) << "invalid pseudothread tid: " << argv[1]; + LOG(FATAL) << "invalid pseudothread tid: " << argv[2]; } android::procinfo::ProcessInfo target_info;