Merge branch 'main' into oscarld/obfuscation-sql-parity-cleaned

Eldolfin · web-flow · commit 86052603d819 · 2026-03-24T20:09:51.000+01:00
diff --git a/bin_tests/tests/crashtracker_bin_test.rs b/bin_tests/tests/crashtracker_bin_test.rs
@@ -299,7 +299,7 @@ fn test_collector_no_allocations_stacktrace_modes() {
         let _ = fs::remove_file(&detector_log_path);
 
         let config = CrashTestConfig::new(
-            BuildProfile::Debug,
+            BuildProfile::Release,
             TestMode::RuntimePreloadLogger,
             CrashType::NullDeref,
         )
diff --git a/libdd-crashtracker/src/collector/crash_handler.rs b/libdd-crashtracker/src/collector/crash_handler.rs
@@ -5,6 +5,7 @@
 
 use super::collector_manager::Collector;
 use super::receiver_manager::Receiver;
+use super::saguard::SaGuard;
 use super::signal_handler_manager::chain_signal_handler;
 use crate::crash_info::Metadata;
 use crate::shared::configuration::CrashtrackerConfiguration;
@@ -263,6 +264,15 @@ fn handle_posix_signal_impl(
         return Ok(());
     }
 
+    // Block SIGCHLD and SIGPIPE during crash handling. Our collector spawns child processes
+    // and writes to pipes, both of which can generate these signals. Rather than risk
+    // re-entering a signal handler or aborting due to SIGPIPE, suppress them for the
+    // duration and restore when the guard drops
+    let _sa_guard = SaGuard::new(&[
+        nix::sys::signal::Signal::SIGCHLD,
+        nix::sys::signal::Signal::SIGPIPE,
+    ]);
+
     // Take config and metadata out of global storage.
     // We borrow via raw pointer and intentionally leak (do not reconstruct the Box) to avoid
     // calling `drop`, and therefore `free`, inside a signal handler, which is not
diff --git a/libdd-crashtracker/src/collector/mod.rs b/libdd-crashtracker/src/collector/mod.rs
@@ -10,6 +10,7 @@ mod crash_handler;
 mod emitters;
 mod process_handle;
 mod receiver_manager;
+mod saguard;
 mod signal_handler_manager;
 mod spans;
 
diff --git a/libdd-crashtracker/src/collector/saguard.rs b/libdd-crashtracker/src/collector/saguard.rs
@@ -84,3 +84,76 @@ impl<const N: usize> Drop for SaGuard<N> {
         );
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use nix::sys::signal::{self, Signal};
+    use nix::unistd::Pid;
+    use std::sync::atomic::{AtomicBool, Ordering};
+
+    #[test]
+    #[cfg_attr(miri, ignore)]
+    fn signal_is_ignored_while_guard_is_active() {
+        let _guard = SaGuard::<1>::new(&[Signal::SIGUSR1]).unwrap();
+
+        // Send SIGUSR1 to the process. The default action is to terminate, so if
+        // the guard didn't set SIG_IGN this test process would die
+        signal::kill(Pid::this(), Signal::SIGUSR1).unwrap();
+    }
+
+    /// After the guard is dropped, the original handler should be restored.
+    /// Install a custom handler, create a guard,drop the guard, then send the
+    /// signal and verify the custom handler fires
+    #[test]
+    #[cfg_attr(miri, ignore)]
+    fn original_handler_restored_after_drop() {
+        static HANDLER_CALLED: AtomicBool = AtomicBool::new(false);
+
+        extern "C" fn custom_handler(_: libc::c_int) {
+            HANDLER_CALLED.store(true, Ordering::SeqCst);
+        }
+
+        // Install a custom handler
+        let custom_action = SigAction::new(
+            SigHandler::Handler(custom_handler),
+            SaFlags::empty(),
+            signal::SigSet::empty(),
+        );
+        let prev = unsafe { signal::sigaction(Signal::SIGUSR2, &custom_action).unwrap() };
+
+        // Create then drop the guard (dropped when out of scope)
+        {
+            let _guard = SaGuard::<1>::new(&[Signal::SIGUSR2]).unwrap();
+            signal::kill(Pid::this(), Signal::SIGUSR2).unwrap();
+            assert!(
+                !HANDLER_CALLED.load(Ordering::SeqCst),
+                "custom handler should not fire while guard is active"
+            );
+        }
+        // Guard is dropped; custom handler should be restored
+        HANDLER_CALLED.store(false, Ordering::SeqCst);
+        unsafe {
+            libc::raise(Signal::SIGUSR2 as libc::c_int);
+        }
+        assert!(
+            HANDLER_CALLED.load(Ordering::SeqCst),
+            "custom handler should fire after guard is dropped"
+        );
+
+        // Restore original handler
+        unsafe {
+            signal::sigaction(Signal::SIGUSR2, &prev).unwrap();
+        }
+    }
+
+    #[test]
+    #[cfg_attr(miri, ignore)]
+    fn multiple_signals_ignored() {
+        let _guard = SaGuard::<2>::new(&[Signal::SIGUSR1, Signal::SIGUSR2]).unwrap();
+
+        // Both signals should be safely ignored
+        signal::kill(Pid::this(), Signal::SIGUSR1).unwrap();
+        signal::kill(Pid::this(), Signal::SIGUSR2).unwrap();
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -299,7 +299,7 @@ fn test_collector_no_allocations_stacktrace_modes() {`
`299`	`299`	`let _ = fs::remove_file(&detector_log_path);`
`300`	`300`
`301`	`301`	`let config = CrashTestConfig::new(`
`302`		`- BuildProfile::Debug,`
	`302`	`+ BuildProfile::Release,`
`303`	`303`	`TestMode::RuntimePreloadLogger,`
`304`	`304`	`CrashType::NullDeref,`
`305`	`305`	`)`