Google/BreakPad – The beginning of parsing

preface

Some time ago, I found this breakpad library by accident while reading Chromium when I was bored. I found it can be applied to our team (Windows already has it). This chapter will introduce the source code compilation of Brekapad and the use of BreakPad on Linux. The next document will take a look at breakpad’s source code to uncover its mysteries.

Introduction to the

Breakpad is a cross-platform C/C++ dump capture library developed by Google. Dump files are stored in Microsoft minidump format. Breakpad also supports sending dump files to your server. You can also write dump files without triggering dump. Breakpad supports Windows, Linux, MacOS, Android, ios, and more. At present, Google Chrome, Firefox, Google Picasa, Camino, Google Earth and other projects use.

The overall summary

In the upper left corner of the image is a complete application, which contains three parts: the program code, Breakkpad Client (a static library provided by Brekapad), and modal information

In Build System, breakpad’s Symbol generation tool generates a Symbol file of Google’s own with the help of Debugging Information in the application sequence. This symbol file is similar to the PDB file on Windows. Finally strip is used to remove modal information when publishing application sequences

Applications running in the User’s System are stripped of mode information by strip. If the application crashes, Breakpad client writes the minidump file to the specified directory. The minidump file can also be sent to the remote server Crash Colletcor.

In Crash Collector, symol files generated in Build System and Minidump files reported in User’s System can be used to generate user-readable stack trace

Breakpad has three main components:

• breakpad-client : clientIs a static library, mainly for the use of applications, it can help the application layer capture application layer and generateminidumpFiles and uploadsminidumpfile
• symbol dumperThe representation of the: symbol Dumper is an executable file that generates one from modal informationsymbol filethesymbol fileThe format is Google’s own format, please check

Minidump

Minidump is a small memory dump file developed by Microsoft for recording crashes. It is similar to core file under Linux. Minidump contains the following information:

• A list of drivers and shared libraries loaded by the process, including the specified name and version number
• A list of threads that exist in the process. For each thread, the mini-dump includes the state of the processor registers and the contents of the thread stack memory. This data is an uninterpreted stream of bytes, because the Breakpad client typically does not have debugging information that can be used to generate function names or line numbers, or even to identify stack frame boundaries.
• Context of the stopped processor (PRCB)
• Information about stopped processes and the kernel context (EPROCESS)
• Additional information about the system on which the dump was collected: processor and operating system version, reason for the dump, and so on.

Breakpad uses Windows small dump files instead of traditional core files on all platforms for the following reasons:

• The core file may be too large to be sent over the network to the collector for processing. Mini-dumps are smaller because they are designed to be used that way.
• The core file format is poorly documented. For example,LinuxThe standard foundation does not describe how registers are stored in segments.
• To persuadeWindowsIt is harder for a computer to generate a core dump than to convince other computers to write a small dump.
• It simplifies theBreakpadProcessor that supports only one file format.

Source code download and compilation

mkdir breakpad && cd breakpad
fetch breakpad
cd src
./configure && make
make check
make install
Copy the code

Using the tutorial

Breakpad is divided into in-process and out-process

In-Process

#include "client/linux/handler/exception_handler.h"
static bool dumpCallback(const google_breakpad::MinidumpDescriptor& descriptor,
void* context, bool succeeded) {
  printf("Dump path: %s\n", descriptor.path());
  return succeeded;
}

void crash(a) { volatile int* a = (int(*)NULL); *a = 1; }

int main(int argc, char* argv[]) {
  google_breakpad::MinidumpDescriptor descriptor("/tmp");
  google_breakpad::ExceptionHandler eh(descriptor, NULL, dumpCallback, NULL.true.- 1);
  crash(a);return 0;
}
Copy the code

The MinnidumpDescriptor set the dump generation directory to/TMP, initialized ExceptionHandler, and then crash simulated the program crash. After the program crash, a dump file was generated in the TMP directory. Path is a descriptor. The path ()

compile

g++ -g -o test.cc test -I/usr/local/include/breakpad -lbreakpad_client -lpthread
Copy the code

Generate a Symbol file for your application

All you have to do is dump. You need to use the Dump_syms binary provided by Google to generate a Symbol file for your application (if you run make install, This binary is available in the /usr/local/bin directory), and the readable stack information can then be generated using symbol files and dump files

Create the symbol file for test using dump_syms

dump_syms ./test > test.sym
Copy the code

Sym to be read correctly, the symbol file needs to be protected from directory structure location by the first line of test.sym

The head - n1 test. The sym / / output MODULE Linux x86_64 edc6acdb282125843fd59da9c81bd830 6test
Copy the code

According to the above information, your test. The sym information needs to be placed to. / symbols/test / 6 edc6acdb282125843fd59da9c81bd830 / test. The sym, so you are only loading to you, of course, the application layer sequence symbol, You also need to generate symbol files for the dynamic library you depend on.

Generates a stack trace based on minnidump and Symbol

/usr/local/bin minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk minidump_stackwalk

minidump_stackwalk minidump.dump ./symbols
Copy the code

Out-Process

Out-process indicates that dump files are generated and written outside the crashed process. In Linux, socketpair communication is used between processes

int server_fd;
int client_fd;

void OnClientDumpRequestCallabck(void* context, const ClientInfo* client_info, const string* file_path) {}int main(void) {
  CrashGenerationServer::CreateReportChannel(&server_fd, &client_fd);
  CrashGenerationServer crash_server(
    server_fd,
    &OnClientDumpReuqestCallabck,
    NULL.NULL.NULL.true."/tmp");
  crash_server.Start(a);// Pull the crash check process and pass client_fd. Initialize the ExceptionHandler class in the crash check process and pass client_fd as the last argument
}
Copy the code

The breakpad source code will be examined in detail in a later section

Refer to the link

Google Brekapad official documentation