search

palantir / witchcraft-rust-server

A highly opinionated Rust embedded application server for RESTy APIs
Apache License 2.0
5 stars 7 forks source link

Update minidump requirement from 0.16 to 0.17 #130

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Updates the requirements on minidump to permit the latest version.

Release notes

Sourced from minidump's releases.

v0.17.0

  • Stack-walking using native debug information was somewhat buggy, after more thorough testing it should be now on-par with breakpad symbol file-based stack-walking.

New minidump-unwind crate

The stack walking machinery has been extracted from the minidump-processor crate and put in a separate one. This crate has significantly less dependencies than the minidump-processor crate which makes it easier to vendor it in projects that only care about stack walking.

Guard-page detection

While analyzing a crash minidump-stackwalk will check if the crashing address hit a potential guard page. Guard pages are usually introduced by the memory allocator around larger allocation and have no permissions set. If the crash address hit one of these pages the memory_accesses filed in the JSON output will contain the is_likely_guard_page: true field.

Changelog

Sourced from minidump's changelog.

Version 0.17.0 (2023-05-17)

  • Stack-walking using native debug information was somewhat buggy, after more thorough testing it should be now on-par with breakpad symbol file-based stack-walking.

New minidump-unwind crate

The stack walking machinery has been extracted from the minidump-processor crate and put in a separate one. This crate has significantly less dependencies than the minidump-processor crate which makes it easier to vendor it in projects that only care about stack walking.

Guard-page detection

While analyzing a crash minidump-stackwalk will check if the crashing address hit a potential guard page. Guard pages are usually introduced by the memory allocator around larger allocation and have no permissions set. If the crash address hit one of these pages the memory_accesses filed in the JSON output will contain the is_likely_guard_page: true field.

Version 0.16.0 (2023-04-05)

  • Make all minidump-common::format structs writable with scroll.
  • Don't fail reading the entire module list if one module has an invalid size.
  • All crates now explicitly include the MIT license
  • The stack walker will now fetch the CPU microcode value from the evil JSON payload when it's not present in the minidump
  • CPU microcode value in the JSON output changed types from u32 to hexstring
  • Crashes with jmp/call/ret instruction to non-canonical addresses now show the real address we jumped to instead of 0x0000000000000000 or 0xffffffffffffffff
  • Updated several dependencies further decreasing the total number of crates it depends upon.

NULL-pointer crash detection

The minidump-processor crate will use the disassembly of the current instruction to check whether the crash involved a NULL-pointer access. Crashes caused by accessing NULL pointers often exhibit near-NULL address making it less clear what the underlying problem was. When using minidump-stackwalk the JSON output will contain an adjusted_address field holding the reason for the adjustment (null-pointer) as well as the offest from NULL.

Potential bit-flip detection

The minidump-processor crate contains new logic that detects crashes that have been potentially caused by a bit-flip in the user's machine memory. This detection is driven by a heuristic as it is impossible to completely tell apart software crashes from ones induced by flaky hardware. The tests we conducted on real crash data showed this heuristic to be very effective in telling apart such

... (truncated)

Commits
  • 68b59a5 chore: Release
  • 01784f9 Updated the licenses and added one to minidump-unwind
  • a2371c0 Merge pull request #839 from gabrielesvelto/main
  • 8c1acf0 Updated the release notes
  • f402671 Update several dependencies without creating duplications
  • 24173bd Merge pull request #841 from willkg/836-cpu-microcode-version
  • d83f89e Merge pull request #840 from afranchuk/unwind-docs
  • 3347521 Update docs for cpu_microcode_version (#836)
  • c6040ef Add documentation to minidump-unwind.
  • 9a39ddd Merge pull request #835 from afranchuk/fix-local-debuginfo
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
changelog-app[bot] commented 1 year ago

Generate changelog in changelog-dir>`changelog/@unreleased`</changelog-dir

Type

- [ ] Feature - [ ] Improvement - [ ] Fix - [ ] Break - [ ] Deprecation - [ ] Manual task - [ ] Migration

Description

Update minidump requirement from 0.16 to 0.17 **Check the box to generate changelog(s)** - [ ] Generate changelog entry
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.