summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorsebmarchand@chromium.org <sebmarchand@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-04-25 02:55:08 +0000
committersebmarchand@chromium.org <sebmarchand@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2014-04-25 02:55:08 +0000
commit0b500e330a78c7c06889dbc66143f2ed8f3eb668 (patch)
treebbd48be4d4bf7284adcac1795e32b94dd95edf57
parent7ba5c06377a24329ae22678c9dec6ee4f05d1bd9 (diff)
downloadchromium_src-0b500e330a78c7c06889dbc66143f2ed8f3eb668.zip
chromium_src-0b500e330a78c7c06889dbc66143f2ed8f3eb668.tar.gz
chromium_src-0b500e330a78c7c06889dbc66143f2ed8f3eb668.tar.bz2
Revert of Add support for more ASAN errors generation to chrome://crash/... (https://codereview.chromium.org/247543002/)
Reason for revert: This break the debug build. Original issue's description: > Add support for more ASAN errors generation to chrome://crash/... > > Adds the following crash url to chrome/chromium builds when SYZYASAN is defined (built with syzyasan=1 in GYP_DEFINES): > heap-corrupted-block > > This allows easy validation of the instrumentation/reporting for a given build without having to track down a known/unfixed memory error. > > > R=chrisha@chromium.org > > BUG= > > Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=265942 TBR=chrisha@chromium.org,jochen@chromium.org NOTREECHECKS=true NOTRY=true BUG= Review URL: https://codereview.chromium.org/250793002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@266101 0039d316-1c4b-4281-b951-d872f2087c98
-rw-r--r--content/renderer/render_frame_impl.cc32
1 files changed, 0 insertions, 32 deletions
diff --git a/content/renderer/render_frame_impl.cc b/content/renderer/render_frame_impl.cc
index 3c5f497..c6526dd 100644
--- a/content/renderer/render_frame_impl.cc
+++ b/content/renderer/render_frame_impl.cc
@@ -202,31 +202,6 @@ NOINLINE static void CrashIntentionally() {
*zero = 0;
}
-#if defined(SYZYASAN)
-// This code triggers a C4509 warning as we're using an object with a destructor
-// in a function with SEH. We can safely disable this as no exception will
-// actually be thrown.
-#pragma warning(push)
-#pragma warning(disable: 4509)
-NOINLINE static void CorruptMemoryBlock() {
- // NOTE(sebmarchand): We intentionally corrupt a memory block here in order to
- // trigger an Address Sanitizer (ASAN) error report.
- static const int kArraySize = 5;
- scoped_ptr<int[]> array(new int[kArraySize]);
- // Encapsulate the invalid memory access into a try-catch statement to prevent
- // this function from being instrumented. This way the underflow won't be
- // detected but the corruption will (as the allocator will still be hooked).
- __try {
- int dummy = array[-1]--;
- // Make sure the assignments to the dummy value aren't optimized away.
- base::debug::Alias(&array);
- } __except (EXCEPTION_EXECUTE_HANDLER) {
- return;
- }
-}
-#pragma warning(pop)
-#endif
-
#if defined(ADDRESS_SANITIZER) || defined(SYZYASAN)
NOINLINE static void MaybeTriggerAsanError(const GURL& url) {
// NOTE(rogerm): We intentionally perform an invalid heap access here in
@@ -235,9 +210,6 @@ NOINLINE static void MaybeTriggerAsanError(const GURL& url) {
static const char kHeapOverflow[] = "/heap-overflow";
static const char kHeapUnderflow[] = "/heap-underflow";
static const char kUseAfterFree[] = "/use-after-free";
-#if defined(SYZYASAN)
- static const char kCorruptHeapBlock[] = "/corrupt-heap-block";
-#endif
static const int kArraySize = 5;
if (!url.DomainIs(kCrashDomain, sizeof(kCrashDomain) - 1))
@@ -257,10 +229,6 @@ NOINLINE static void MaybeTriggerAsanError(const GURL& url) {
int* dangling = array.get();
array.reset();
dummy = dangling[kArraySize / 2];
-#if defined(SYZYASAN)
- } else if (crash_type == kCorruptHeapBlock) {
- CorruptMemoryBlock();
-#endif
}
// Make sure the assignments to the dummy value aren't optimized away.