zygote: Don't CHECK if browser gone during zygote startup

content/zygote/zygote_main_linux.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "content/zygote/zygote_main.h"
 
 #include <dlfcn.h>
 #include <fcntl.h>
 #include <pthread.h>
 #include <signal.h>
@@ skipping 599 matching lines @@
       sandbox::NamespaceSandbox::InNewUserNamespace();
   const bool using_layer1_sandbox =
       using_setuid_sandbox || using_namespace_sandbox;
 
   if (using_setuid_sandbox) {
     linux_sandbox->setuid_sandbox_client()->CloseDummyFile();
   }
 
   if (using_layer1_sandbox) {
     // Let the ZygoteHost know we're booting up.
-    CHECK(base::UnixDomainSocket::SendMsg(kZygoteSocketPairFd,
-                                          kZygoteBootMessage,
-                                          sizeof(kZygoteBootMessage),
-                                          std::vector<int>()));
+    if (!base::UnixDomainSocket::SendMsg(
+            kZygoteSocketPairFd, kZygoteBootMessage, sizeof(kZygoteBootMessage),
+            std::vector<int>())) {
+      // This is not a CHECK failure because the browser process could either
+      // crash or quickly exit while the zygote is starting. In either case a
+      // zygote crash is not useful. http://crbug.com/692227
+      PLOG(ERROR) << "Failed sending zygote boot message";
+      linux_sandbox->set_exiting_before_initialize_sandbox(true);

[James Cook, 2017/04/27 22:30:23]

If I don't do something like this I hit the CHECK(initialize_sandbox_ran_) in
~SandboxLinux(). SandboxLinux is a singleton cleaned up by the AtExitManager.

Alternately I could _exit(1), but this seemed a little better.

[mdempsky, 2017/04/27 22:50:45]

Since this is security sensitive code, I'd prefer we err on the side of
simplicity and just _exit(1).

[James Cook, 2017/04/28 02:39:48]

Sounds good. Done.

+      return false;
+    }
   }
 
   VLOG(1) << "ZygoteMain: initializing " << fork_delegates.size()
           << " fork delegates";
   for (const auto& fork_delegate : fork_delegates) {
     fork_delegate->Init(GetSandboxFD(), using_layer1_sandbox);
   }
 
   const std::vector<int> sandbox_fds_to_close_post_fork =
       linux_sandbox->GetFileDescriptorsToClose();
@@ skipping 36 matching lines @@
   const bool namespace_sandbox_engaged = sandbox_flags & kSandboxLinuxUserNS;
   CHECK_EQ(using_namespace_sandbox, namespace_sandbox_engaged);
 
   Zygote zygote(sandbox_flags, std::move(fork_delegates), extra_children,
                 extra_fds);
   // This function call can return multiple times, once per fork().
   return zygote.ProcessRequests();
 }
 
 }  // namespace content