find proper request struct

Author: themiswang

Crashlytics/CHANGELOG.md

@@ -1,5 +1,5 @@
-# Unrelased
-- [fixed] Conformed to Mach IPC security restrictions. Note: This change would potentially change mach exception types we receive from kernel which might affect issue clustering result. (#15393)
+# Unreleased
+- [fixed] Conformed to Mach IPC security restrictions. (#15393)
 
 # 12.4.0
 - [fixed] Make set development platform APIs to chain on Crashlytics context init promise.

Crashlytics/Crashlytics/Handlers/FIRCLSMachException.c

@@ -215,7 +215,7 @@ static kern_return_t FIRCLSMachExceptionDispatchMessage(FIRCLSMachExceptionReadC
   // inherited.
   mach_port_t actual_port;
   kern_return_t kr;
-  task_id_token_t token = message->task_id.name;
+  task_id_token_t token = message->task_id_token_t.name;
   kr = task_identity_token_get_task_port(token, TASK_FLAVOR_CONTROL, &actual_port);
 
   if (kr || actual_port != mach_task_self()) {
@@ -525,7 +525,7 @@ static bool FIRCLSMachExceptionRecord(FIRCLSMachExceptionReadContext* context,
 
   FIRCLSFileWriteSectionEnd(&file);
 
-  thread_t crashedThread;
+  thread_t crashedThread = THREAD_NULL;
   FIRCLSCrashedThreadLookup(message, &crashedThread);
   FIRCLSSDKLog("Crashed threads: %d\n", crashedThread);
   FIRCLSHandler(&file, crashedThread, NULL, true);
@@ -539,35 +539,32 @@ static void FIRCLSCrashedThreadLookup(MachExceptionProtectedMessage* message, th
   thread_act_array_t threadList;
   mach_msg_type_number_t threadCount;
 
-  // last 64 bits include thread id info
-  MachExceptionProtectedThreadInfo protected_thread_info = *(MachExceptionProtectedThreadInfo *) &message->thread_id;
   kern_return_t kr = task_threads(mach_task_self(), &threadList, &threadCount);
-
   if (kr != KERN_SUCCESS) {
     FIRCLSSDKLogError("Failed to get threads: %d\n", kr);
     return;
   }
-  for (int i = 0; i < threadCount; i++) {
-      thread_t thread = threadList[i];
-
-      thread_basic_info_data_t basicInfo;
-      thread_identifier_info_data_t identifierInfo;
-      mach_msg_type_number_t infoCount = THREAD_BASIC_INFO_COUNT;
 
-      kr = thread_info(thread, THREAD_IDENTIFIER_INFO, (thread_info_t)&identifierInfo, &infoCount);
+  // Find the crashed thread.
+  for (int i = 0; i < threadCount; i++) {
+    thread_identifier_info_data_t identifierInfo;
+    mach_msg_type_number_t infoCount = THREAD_IDENTIFIER_INFO_COUNT;
 
-      if (kr == KERN_SUCCESS) {
-        FIRCLSSDKLog("Thread %d: Thread port: %d, thread id: %llx\n", i, thread, identifierInfo.thread_id);
+    kr = thread_info(threadList[i], THREAD_IDENTIFIER_INFO, (thread_info_t)&identifierInfo, &infoCount);
 
-        if (protected_thread_info.thread_id == identifierInfo.thread_id) {
-          FIRCLSSDKLog("Find crashed thread: %d\n", thread);
-          *crashedThread = thread;
-        }
+    if (kr == KERN_SUCCESS) {
+      FIRCLSSDKLog("Thread %d: Thread port: %d, thread id: %llx\n", i, threadList[i], identifierInfo.thread_id);
+      if (message->thread_id == identifierInfo.thread_id) {
+        FIRCLSSDKLog("Find crashed thread: %d\n", threadList[i]);
+        *crashedThread = threadList[i];
+        break;
       }
-
-    // Note: You must deallocate the send right for each thread port
-    // to prevent port leaks, as task_threads increments the ref count.
-    mach_port_deallocate(mach_task_self(), thread);
+    }
+  }
+  for (int i = 0; i < threadCount; i++) {
+    if (threadList[i] != *crashedThread) {
+      mach_port_deallocate(mach_task_self(), threadList[i]);
+    }
   }
   vm_deallocate(mach_task_self(), (vm_address_t)threadList, threadCount * sizeof(thread_t));
 }

Crashlytics/Crashlytics/Handlers/FIRCLSMachException.h

@@ -27,25 +27,22 @@
 
 #pragma mark Structures
 #pragma pack(push, 4)
+// run `mig -DMACH_EXC_SERVER_TASKIDTOKEN_STATE=1 mach/mach_exc.defs`
+// check mach_exc.h
 typedef struct {
   mach_msg_header_t head;
   /* start of the kernel processed data */
   mach_msg_body_t msgh_body;
-  mach_msg_port_descriptor_t task_id;
-  mach_msg_port_descriptor_t thread_id;
+  mach_msg_port_descriptor_t task_id_token_t;
   /* end of the kernel processed data */
   NDR_record_t NDR;
+  uint64_t thread_id;
   exception_type_t exception;
   mach_msg_type_number_t codeCnt;
   mach_exception_data_type_t code[EXCEPTION_CODE_MAX];
   mach_msg_trailer_t trailer;
 } MachExceptionProtectedMessage;
 
-typedef struct {
-  uint64_t pad1;
-  uint64_t thread_id;
-} MachExceptionProtectedThreadInfo;
-
 typedef struct {
   mach_msg_header_t head;
   NDR_record_t NDR;