Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(870)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 1350493002: Check for CloseHandle failures even when not debugging (Closed)

Created:
5 years, 3 months ago by brucedawson
Modified:
5 years, 2 months ago
CC:
chromium-reviews, grt+watch_chromium.org, gavinp+memory_chromium.org, wfh+watch_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Check for CloseHandle failures even when not debugging Bug 524267 was a handle closing failure that only showed up when running renderer processes under a debugger at startup, so it was not discovered for a while. Similarly, bug 520305 is a long-standing base_unittests bug that only shows up under a debugger. This change fixes 520305 and checks for many handle closing failures always so that subsequent bugs of this type will be detected immediately. Most of the CloseHandle calls in base are now checked. This replaces the uncommitted https://codereview.chromium.org/1343873002/ R=grt@chromium.org,rvargas@chromium.org,dalecurtis@chromium.org BUG=524267, 520305 Committed: https://crrev.com/9ae49a753d07f5a9266a63a89e7336d774f3fe37 Cr-Commit-Position: refs/heads/master@{#349333}

Patch Set 1 #

Patch Set 2 : Code tweaks #

Total comments: 24

Patch Set 3 : Responding to CR comments #

Patch Set 4 : DCHECK to CHECK #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+36 lines, -67 lines) Patch
M base/files/file_util_win.cc View 1 2 1 chunk +3 lines, -7 lines 0 comments Download
M base/memory/shared_memory_win.cc View 1 2 3 1 chunk +2 lines, -1 line 1 comment Download
M base/process/kill_win.cc View 1 2 1 chunk +2 lines, -5 lines 0 comments Download
M base/sync_socket_unittest.cc View 1 2 1 chunk +0 lines, -18 lines 0 comments Download
M base/sync_socket_win.cc View 1 2 1 chunk +2 lines, -1 line 1 comment Download
M base/threading/platform_thread_win.cc View 1 chunk +4 lines, -6 lines 0 comments Download
M base/time/time_win_unittest.cc View 1 3 chunks +9 lines, -9 lines 0 comments Download
M base/win/object_watcher_unittest.cc View 1 2 5 chunks +14 lines, -20 lines 0 comments Download

Messages

Total messages: 24 (1 generated)
brucedawson
Take two at detecting handle errors. Adding checks in base functions actually detected a bug ...
5 years, 3 months ago (2015-09-16 00:30:52 UTC) #1
DaleCurtis
https://codereview.chromium.org/1350493002/diff/20001/base/sync_socket_unittest.cc File base/sync_socket_unittest.cc (right): https://codereview.chromium.org/1350493002/diff/20001/base/sync_socket_unittest.cc#newcode97 base/sync_socket_unittest.cc:97: SendReceivePeek(&socket_a, &socket_b); On 2015/09/16 00:30:52, brucedawson wrote: > This ...
5 years, 3 months ago (2015-09-16 00:43:19 UTC) #2
brucedawson
Got it. The copying of handles requires either DuplicateHandle or cloning a separate process (which ...
5 years, 3 months ago (2015-09-16 00:52:14 UTC) #3
rvargas (doing something else)
https://codereview.chromium.org/1350493002/diff/20001/base/files/file_util_win.cc File base/files/file_util_win.cc (right): https://codereview.chromium.org/1350493002/diff/20001/base/files/file_util_win.cc#newcode238 base/files/file_util_win.cc:238: if (!dir.IsValid()) nit: return dir.IsValid(); https://codereview.chromium.org/1350493002/diff/20001/base/memory/shared_memory_win.cc File base/memory/shared_memory_win.cc (right): ...
5 years, 3 months ago (2015-09-16 02:09:12 UTC) #4
grt (UTC plus 2)
https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc File base/process/kill_win.cc (right): https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc#newcode162 base/process/kill_win.cc:162: base::win::ScopedHandle process(OpenProcess(SYNCHRONIZE, Process process(Process::OpenWithAccess(entry->th32ProcessID, SYNCHRONIZE)); https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc#newcode165 base/process/kill_win.cc:165: DWORD wait_result ...
5 years, 3 months ago (2015-09-16 15:30:33 UTC) #5
brucedawson
Okay, most code review comments addressed. I'm just unsure about: base/memory/shared_memory_win.cc:89 (rvargas@) base/process/kill_win.cc:165 (grt@) https://codereview.chromium.org/1350493002/diff/20001/base/files/file_util_win.cc ...
5 years, 3 months ago (2015-09-16 18:29:00 UTC) #6
rvargas (doing something else)
https://codereview.chromium.org/1350493002/diff/20001/base/memory/shared_memory_win.cc File base/memory/shared_memory_win.cc (right): https://codereview.chromium.org/1350493002/diff/20001/base/memory/shared_memory_win.cc#newcode89 base/memory/shared_memory_win.cc:89: DCHECK(result); On 2015/09/16 18:29:00, brucedawson wrote: > On 2015/09/16 ...
5 years, 3 months ago (2015-09-16 18:54:38 UTC) #7
grt (UTC plus 2)
https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc File base/process/kill_win.cc (right): https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc#newcode165 base/process/kill_win.cc:165: DWORD wait_result = WaitForSingleObject(process.Get(), remaining_wait); On 2015/09/16 18:29:00, brucedawson ...
5 years, 3 months ago (2015-09-16 19:27:02 UTC) #8
brucedawson
On 2015/09/16 19:27:02, grt wrote: > https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc > File base/process/kill_win.cc (right): > > https://codereview.chromium.org/1350493002/diff/20001/base/process/kill_win.cc#newcode165 > ...
5 years, 3 months ago (2015-09-16 23:06:02 UTC) #9
brucedawson
Okay, DCHECK changed to CHECK. PTAL. Slow responses today - I'm home sick.
5 years, 3 months ago (2015-09-16 23:10:26 UTC) #10
rvargas (doing something else)
Re. kill: To being, that sort of API is destined to fail to say the ...
5 years, 3 months ago (2015-09-16 23:43:47 UTC) #11
DaleCurtis
lgtm
5 years, 3 months ago (2015-09-16 23:56:35 UTC) #12
grt (UTC plus 2)
lgtm
5 years, 3 months ago (2015-09-17 00:03:48 UTC) #13
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1350493002/60001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1350493002/60001
5 years, 3 months ago (2015-09-17 01:27:53 UTC) #15
commit-bot: I haz the power
Committed patchset #4 (id:60001)
5 years, 3 months ago (2015-09-17 02:49:09 UTC) #16
commit-bot: I haz the power
Patchset 4 (id:??) landed as https://crrev.com/9ae49a753d07f5a9266a63a89e7336d774f3fe37 Cr-Commit-Position: refs/heads/master@{#349333}
5 years, 3 months ago (2015-09-17 02:50:23 UTC) #17
brucedawson
A revert of this CL (patchset #4 id:60001) has been created in https://codereview.chromium.org/1356743003/ by brucedawson@chromium.org. ...
5 years, 3 months ago (2015-09-18 18:23:42 UTC) #18
Lei Zhang
https://codereview.chromium.org/1350493002/diff/60001/base/memory/shared_memory_win.cc File base/memory/shared_memory_win.cc (right): https://codereview.chromium.org/1350493002/diff/60001/base/memory/shared_memory_win.cc#newcode89 base/memory/shared_memory_win.cc:89: CHECK(result); I know this will probably reland as soon ...
5 years, 2 months ago (2015-09-22 08:03:30 UTC) #19
Lei Zhang
And do we need to handle INVALID_HANDLE_VALUE better in base/memory/shared_memory_win.cc? The print bug is a ...
5 years, 2 months ago (2015-09-22 08:39:19 UTC) #20
brucedawson
On 2015/09/22 08:39:19, Lei Zhang wrote: > And do we need to handle INVALID_HANDLE_VALUE better ...
5 years, 2 months ago (2015-09-22 23:06:17 UTC) #21
Lei Zhang
On 2015/09/22 23:06:17, brucedawson wrote: > On 2015/09/22 08:39:19, Lei Zhang wrote: > > And ...
5 years, 2 months ago (2015-09-22 23:13:26 UTC) #22
brucedawson
On 2015/09/22 23:13:26, Lei Zhang wrote: > On 2015/09/22 23:06:17, brucedawson wrote: > > On ...
5 years, 2 months ago (2015-09-23 00:20:49 UTC) #23
rvargas (doing something else)
5 years, 2 months ago (2015-09-23 00:37:50 UTC) #24
Message was sent while issue was closed. 
On 2015/09/23 00:20:49, brucedawson wrote:
> On 2015/09/22 23:13:26, Lei Zhang wrote:
> > On 2015/09/22 23:06:17, brucedawson wrote:
> > > On 2015/09/22 08:39:19, Lei Zhang wrote:
> > > > And do we need to handle INVALID_HANDLE_VALUE better in
> > > > base/memory/shared_memory_win.cc? The print bug is a case of
> |mapped_file_|
> > > > being set to INVALID_HANDLE_VALUE.
> > > 
> > > What counts as handling it better?
> https://codereview.chromium.org/1351373002/
> > > adds first-class support for INVALID_HANDLE_VALUE as an invalid handle in
> > > SharedMemory. The alternative would be to bar all of the entry points to
not
> > let
> > > INVALID_HANDLE_VALUE in. Either method works.
> > 
> > Those are the two options I had in mind too. I have no preferences.
> 
> Prohibiting INVALID_HANDLE_VALUE is cleaner. It comes with the risk of causing
> canary crashes if it finds another instance of invalid usage of
> INVALID_HANDLE_VALUE.
> 
> The one exception would be that if we decide to use a ScopedHandle to
implement
> SharedMemory then that means that it accepts INVALID_HANDLE_VALUE.
> 
> rvargas@ - any thoughts?

I vote for both:
- If SharedMemory receives random handles, the value for invalid is null, vs -1.
(as a matter of API, documented)
- SharedMemory should not receive random handles :)
- As an intermediate step, SharedMemory should rely on ScopedHandle (which
basically means that -1 will be accepted again, but that is an implementation
detail, which happens to be consistent with the long term plan of not having raw
handles and instead receiving ScopedHandles). Nobody should be creating
ScopedHandle(INVALID_HANDLE_VALUE).

Powered by Google App Engine
This is Rietveld 408576698