diff options
| author | xhwang@chromium.org <xhwang@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-02 07:27:04 +0000 |
|---|---|---|
| committer | xhwang@chromium.org <xhwang@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-12-02 07:27:04 +0000 |
| commit | 1749d14a945c70cf830b7dfc316d65331483f9ab (patch) | |
| tree | 80a1f7273ce1eebd9867f168233e9087d3517997 /content/common | |
| parent | 2bb95c0f08a111e5e43fbef5a0e531f70e2f6bbb (diff) | |
| download | chromium_src-1749d14a945c70cf830b7dfc316d65331483f9ab.zip chromium_src-1749d14a945c70cf830b7dfc316d65331483f9ab.tar.gz chromium_src-1749d14a945c70cf830b7dfc316d65331483f9ab.tar.bz2 | |
Add CHECK on file descriptor in various IPC::ChannelHandle passed in.
Regarding Chromium issues 73355, 95129, 95732, 97285, 103957 and Chromium-os issue 18437, 22372, we suspect the channel handles passed to the renderer have invalid file descriptors (fd). This is supported by the fact that using a channel handle with a valid name but an invalid fd will produce crashes with exactly the same stack trace as reported in these issues. Running out of fd in either the renderer, browser or the other process (GPU, broker, etc) could cause this to happen, but we are not sure if that's the real cause.
Adding check for the fd in various places to help investigate these issues further. We will be able to tell if invalid fd is passed in and if yes, which process generates it. Browser side check is only added for the broker case to limit the scale of bad user experience, while providing enough cases for investigation.
BUG=none
TEST=passed unit tests
Review URL: http://codereview.chromium.org/8735015
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@112647 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'content/common')
| -rw-r--r-- | content/common/gpu/gpu_channel_manager.cc | 4 | ||||
| -rw-r--r-- | content/common/np_channel_base.cc | 7 |
2 files changed, 10 insertions, 1 deletions
diff --git a/content/common/gpu/gpu_channel_manager.cc b/content/common/gpu/gpu_channel_manager.cc index 94838fb..cacb7eb 100644 --- a/content/common/gpu/gpu_channel_manager.cc +++ b/content/common/gpu/gpu_channel_manager.cc @@ -95,7 +95,9 @@ void GpuChannelManager::OnEstablishChannel(int renderer_id) { // On POSIX, pass the renderer-side FD. Also mark it as auto-close so // that it gets closed after it has been sent. int renderer_fd = channel->TakeRendererFileDescriptor(); - DCHECK_NE(-1, renderer_fd); + // Check the validity of |renderer_fd| for bug investigation. Replace with + // normal error handling after bug fixed. See for details: crbug.com/95732. + CHECK_NE(-1, renderer_fd); channel_handle.socket = base::FileDescriptor(renderer_fd, true); #endif } diff --git a/content/common/np_channel_base.cc b/content/common/np_channel_base.cc index 7b72119..94d7834 100644 --- a/content/common/np_channel_base.cc +++ b/content/common/np_channel_base.cc @@ -121,6 +121,13 @@ base::WaitableEvent* NPChannelBase::GetModalDialogEvent( bool NPChannelBase::Init(base::MessageLoopProxy* ipc_message_loop, bool create_pipe_now, base::WaitableEvent* shutdown_event) { +#if defined(OS_POSIX) + // Check the validity of fd for bug investigation. Remove after fixed. + // See for details: crbug.com/95129, crbug.com/97285. + if (mode_ == IPC::Channel::MODE_CLIENT) + CHECK_NE(-1, channel_handle_.socket.fd); +#endif + channel_.reset(new IPC::SyncChannel( channel_handle_, mode_, this, ipc_message_loop, create_pipe_now, shutdown_event)); |