forked from chromium/chromium
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chrome://heapcorruptioncrash/ to crash a child renderer process. chrome://inducebrowserheapcorruption/ to crash a browser process. BUG=865632 Change-Id: I69caa1c80cd1775f416d656312222b9b4856f682 Reviewed-on: https://chromium-review.googlesource.com/1129628 Commit-Queue: Will Harris <wfh@chromium.org> Reviewed-by: Mark Mentovai <mark@chromium.org> Reviewed-by: John Abd-El-Malek <jam@chromium.org> Cr-Commit-Position: refs/heads/master@{#577989}
- Loading branch information
1 parent
4b7e257
commit eb4a6ff
Showing
11 changed files
with
167 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
// Copyright 2018 The Chromium Authors. All rights reserved. | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
#include "base/debug/invalid_access_win.h" | ||
|
||
#include <stdlib.h> | ||
#include <windows.h> | ||
|
||
#include "base/logging.h" | ||
#include "base/win/windows_version.h" | ||
|
||
namespace base { | ||
namespace debug { | ||
namespace win { | ||
|
||
namespace { | ||
|
||
void CreateSyntheticHeapCorruption() { | ||
EXCEPTION_RECORD record = {}; | ||
record.ExceptionCode = STATUS_HEAP_CORRUPTION; | ||
RaiseFailFastException(&record, nullptr, | ||
FAIL_FAST_GENERATE_EXCEPTION_ADDRESS); | ||
} | ||
|
||
} // namespace | ||
|
||
void TerminateWithHeapCorruption() { | ||
__try { | ||
// Pre-Windows 10, it's hard to trigger a heap corruption fast fail, so | ||
// artificially create one instead. | ||
if (base::win::GetVersion() < base::win::VERSION_WIN10) | ||
CreateSyntheticHeapCorruption(); | ||
HANDLE heap = ::HeapCreate(0, 0, 0); | ||
CHECK(heap); | ||
CHECK(HeapSetInformation(heap, HeapEnableTerminationOnCorruption, nullptr, | ||
0)); | ||
void* addr = ::HeapAlloc(heap, 0, 0x1000); | ||
CHECK(addr); | ||
// Corrupt heap header. | ||
char* addr_mutable = reinterpret_cast<char*>(addr); | ||
memset(addr_mutable - sizeof(addr), 0xCC, sizeof(addr)); | ||
|
||
HeapFree(heap, 0, addr); | ||
HeapDestroy(heap); | ||
} __except (EXCEPTION_EXECUTE_HANDLER) { | ||
// Heap corruption exception should never be caught. | ||
CHECK(false); | ||
} | ||
// Should never reach here. | ||
abort(); | ||
} | ||
|
||
} // namespace win | ||
} // namespace debug | ||
} // namespace base |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
// Copyright 2018 The Chromium Authors. All rights reserved. | ||
// Use of this source code is governed by a BSD-style license that can be | ||
// found in the LICENSE file. | ||
|
||
#ifndef BASE_DEBUG_INVALID_ACCESS_WIN_H_ | ||
#define BASE_DEBUG_INVALID_ACCESS_WIN_H_ | ||
|
||
#include "base/base_export.h" | ||
|
||
namespace base { | ||
namespace debug { | ||
namespace win { | ||
|
||
// Creates a synthetic heap corruption that causes the current process to | ||
// terminate immediately with a fast fail exception. | ||
[[noreturn]] BASE_EXPORT void TerminateWithHeapCorruption(); | ||
|
||
} // namespace win | ||
} // namespace debug | ||
} // namespace base | ||
|
||
#endif // BASE_DEBUG_INVALID_ACCESS_WIN_H_ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters