Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
1752293002:
The command line flag is now set during the test startup. (Closed)
|
Created:
4 years, 9 months ago by Alexander Dunaev Modified:
4 years, 9 months ago CC:
chromium-reviews, chromium-apps-reviews_chromium.org, extensions-reviews_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionThe command line flag is now set during the test startup.
These two tests replaced the global command line object, which might
cause heap-use-after-free of the temporary object at the end of the
test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL()
tries to read the command line flags, and does so asynchronously, not
in the main thread of the test.
The proposed patch eliminates use of the ScopedExperimentalCommandLine
at the test scope level, thus minimizing the risk of improper access to
memory.
BUG=
R=finnur@chromium.org
Committed: https://crrev.com/6ede907a3a8dfc095039b9fcd56478604bd2ae0a
Cr-Commit-Position: refs/heads/master@{#380096}
Patch Set 1 #Patch Set 2 : #
Messages
Total messages: 31 (12 generated)
Description was changed from ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ========== to ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ==========
finnur@chromium.org changed reviewers: + asargent@chromium.org - finnur@chromium.org
asargent@ is probably more appropriate for this.
Also: Missing BUG= from CL description.
On 2016/03/02 11:52:09, Finnur wrote: > Also: Missing BUG= from CL description. I haven't found anything appropriate, should I file one?
If there's a use-after-free issue, I presume there's an ASAN both report filed or something, no? In general, we probably won't bother with a bug if the issue is minor, but in that case just a BUG=None is warranted.
> If there's a use-after-free issue, I presume there's an ASAN both report filed ASAN report, not ASAN both report.
asargent@chromium.org changed reviewers: + rdevlin.cronin@chromium.org
Hmm, in looking this over and thinking about it a little, I wonder if ScopedExperimentalCommandLine is a dangerous construct that we should just get rid of. I bet the problematic part is how it restores the previous command line in its destructor - usually in tests we just append command lines early on and never bother removing them again. Devlin, what do you think?
On 2016/03/02 18:18:10, Antony Sargent wrote: > Hmm, in looking this over and thinking about it a little, I wonder if > ScopedExperimentalCommandLine is a dangerous construct that we should just get > rid of. I bet the problematic part is how it restores the previous command line > in its destructor - usually in tests we just append command lines early on and > never bother removing them again. > > Devlin, what do you think? +1. AFAIK, we long ago gave up on trying to have tests preserve the commandline, and now we just reset it between tests. I'm all for removing ScopedExperimentalCommandLine in its entirety. :)
Ok, sounds like we're agreed. voodoo@ - do you mind reworking this CL to just remove all instances of ScopedExperimentalCommandLine? Also, a small nit - can you reformat the CL description so that it wraps at 80 chars/line (actually 72 is even better). This makes it easier to read in 'git log' output and emails.
On 2016/03/02 18:41:18, Antony Sargent wrote: > Ok, sounds like we're agreed. > > voodoo@ - do you mind reworking this CL to just remove all instances of > ScopedExperimentalCommandLine? > > Also, a small nit - can you reformat the CL description so that it wraps at 80 > chars/line (actually 72 is even better). This makes it easier to read in 'git > log' output and emails. I don't mind reworking the CL, will provide an update soon. Will reformat the description, too.
Description was changed from ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ========== to ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ==========
The patch is updated, the ScopedExperimentalCommandLine is removed. Is there any way to make the server notifying the reviewers on CL update automatically? Will git cl upload --send-mail do that?
asargent@, could you please take a look?
lgtm Regarding your question "Is there any way to make the server notifying the reviewers on CL update automatically?", the upload flag you mention may work that way, I'm not sure. If it does, I also don't know if that will do the equivalent of "Publish+Mail Comments", which in practice almost always is needed with any but the very first upload (there usually wouldn't be a need to upload a new version and send mail about it if there weren't comments you were responding to).
The CQ bit was checked by voodoo@yandex-team.ru
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1752293002/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1752293002/20001
The CQ bit was unchecked by commit-bot@chromium.org
Try jobs failed on following builders: linux_android_rel_ng on tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_androi...)
The CQ bit was unchecked by voodoo@yandex-team.ru
The CQ bit was checked by voodoo@yandex-team.ru
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1752293002/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1752293002/20001
The CQ bit was unchecked by voodoo@yandex-team.ru
The CQ bit was checked by voodoo@yandex-team.ru
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1752293002/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1752293002/20001
Message was sent while issue was closed.
Description was changed from ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ========== to ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001)
Message was sent while issue was closed.
Description was changed from ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org ========== to ========== The command line flag is now set during the test startup. These two tests replaced the global command line object, which might cause heap-use-after-free of the temporary object at the end of the test. For instance, ChromeExtensionsClient::GetWebstoreUpdateURL() tries to read the command line flags, and does so asynchronously, not in the main thread of the test. The proposed patch eliminates use of the ScopedExperimentalCommandLine at the test scope level, thus minimizing the risk of improper access to memory. BUG= R=finnur@chromium.org Committed: https://crrev.com/6ede907a3a8dfc095039b9fcd56478604bd2ae0a Cr-Commit-Position: refs/heads/master@{#380096} ==========
Message was sent while issue was closed.
Patchset 2 (id:??) landed as https://crrev.com/6ede907a3a8dfc095039b9fcd56478604bd2ae0a Cr-Commit-Position: refs/heads/master@{#380096} |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
