Updating trunk VERSION from 2139.0 to 2140.0
[chromium-blink-merge.git] / content / browser / frame_host / debug_urls.cc
blob091171a5b912ca85f3e01474de68f3f2f454d9f7
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "content/browser/frame_host/debug_urls.h"
7 #include <vector>
9 #include "base/command_line.h"
10 #include "base/debug/asan_invalid_access.h"
11 #include "base/debug/profiler.h"
12 #include "base/strings/utf_string_conversions.h"
13 #include "cc/base/switches.h"
14 #include "content/browser/gpu/gpu_process_host_ui_shim.h"
15 #include "content/browser/ppapi_plugin_process_host.h"
16 #include "content/public/browser/browser_thread.h"
17 #include "content/public/common/content_constants.h"
18 #include "content/public/common/url_constants.h"
19 #include "ppapi/proxy/ppapi_messages.h"
20 #include "url/gurl.h"
22 namespace content {
24 namespace {
26 // Define the Asan debug URLs.
27 const char kAsanCrashDomain[] = "crash";
28 const char kAsanHeapOverflow[] = "/browser-heap-overflow";
29 const char kAsanHeapUnderflow[] = "/browser-heap-underflow";
30 const char kAsanUseAfterFree[] = "/browser-use-after-free";
31 #if defined(SYZYASAN)
32 const char kAsanCorruptHeapBlock[] = "/browser-corrupt-heap-block";
33 const char kAsanCorruptHeap[] = "/browser-corrupt-heap";
34 #endif
36 void HandlePpapiFlashDebugURL(const GURL& url) {
37 #if defined(ENABLE_PLUGINS)
38 bool crash = url == GURL(kChromeUIPpapiFlashCrashURL);
40 std::vector<PpapiPluginProcessHost*> hosts;
41 PpapiPluginProcessHost::FindByName(
42 base::UTF8ToUTF16(kFlashPluginName), &hosts);
43 for (std::vector<PpapiPluginProcessHost*>::iterator iter = hosts.begin();
44 iter != hosts.end(); ++iter) {
45 if (crash)
46 (*iter)->Send(new PpapiMsg_Crash());
47 else
48 (*iter)->Send(new PpapiMsg_Hang());
50 #endif
53 bool IsAsanDebugURL(const GURL& url) {
54 #if defined(SYZYASAN)
55 if (!base::debug::IsBinaryInstrumented())
56 return false;
57 #endif
59 if (!(url.is_valid() && url.SchemeIs(kChromeUIScheme) &&
60 url.DomainIs(kAsanCrashDomain, sizeof(kAsanCrashDomain) - 1) &&
61 url.has_path())) {
62 return false;
65 if (url.path() == kAsanHeapOverflow || url.path() == kAsanHeapUnderflow ||
66 url.path() == kAsanUseAfterFree) {
67 return true;
70 #if defined(SYZYASAN)
71 if (url.path() == kAsanCorruptHeapBlock || url.path() == kAsanCorruptHeap)
72 return true;
73 #endif
75 return false;
78 bool HandleAsanDebugURL(const GURL& url) {
79 #if defined(SYZYASAN)
80 if (!base::debug::IsBinaryInstrumented())
81 return false;
83 if (url.path() == kAsanCorruptHeapBlock) {
84 base::debug::AsanCorruptHeapBlock();
85 return true;
86 } else if (url.path() == kAsanCorruptHeap) {
87 base::debug::AsanCorruptHeap();
88 return true;
90 #endif
92 #if defined(ADDRESS_SANITIZER) || defined(SYZYASAN)
93 if (url.path() == kAsanHeapOverflow) {
94 base::debug::AsanHeapOverflow();
95 } else if (url.path() == kAsanHeapUnderflow) {
96 base::debug::AsanHeapUnderflow();
97 } else if (url.path() == kAsanUseAfterFree) {
98 base::debug::AsanHeapUseAfterFree();
99 } else {
100 return false;
102 #endif
104 return true;
108 } // namespace
110 bool HandleDebugURL(const GURL& url, PageTransition transition) {
111 // Ensure that the user explicitly navigated to this URL, unless
112 // kEnableGpuBenchmarking is enabled by Telemetry.
113 bool is_telemetry_navigation =
114 base::CommandLine::ForCurrentProcess()->HasSwitch(
115 cc::switches::kEnableGpuBenchmarking) &&
116 (transition & PAGE_TRANSITION_TYPED);
118 if (!(transition & PAGE_TRANSITION_FROM_ADDRESS_BAR) &&
119 !is_telemetry_navigation)
120 return false;
122 if (IsAsanDebugURL(url))
123 return HandleAsanDebugURL(url);
125 if (url.host() == kChromeUIBrowserCrashHost) {
126 // Induce an intentional crash in the browser process.
127 CHECK(false);
128 return true;
131 if (url == GURL(kChromeUIGpuCleanURL)) {
132 GpuProcessHostUIShim* shim = GpuProcessHostUIShim::GetOneInstance();
133 if (shim)
134 shim->SimulateRemoveAllContext();
135 return true;
138 if (url == GURL(kChromeUIGpuCrashURL)) {
139 GpuProcessHostUIShim* shim = GpuProcessHostUIShim::GetOneInstance();
140 if (shim)
141 shim->SimulateCrash();
142 return true;
145 if (url == GURL(kChromeUIGpuHangURL)) {
146 GpuProcessHostUIShim* shim = GpuProcessHostUIShim::GetOneInstance();
147 if (shim)
148 shim->SimulateHang();
149 return true;
152 if (url == GURL(kChromeUIPpapiFlashCrashURL) ||
153 url == GURL(kChromeUIPpapiFlashHangURL)) {
154 BrowserThread::PostTask(BrowserThread::IO, FROM_HERE,
155 base::Bind(&HandlePpapiFlashDebugURL, url));
156 return true;
159 return false;
162 bool IsRendererDebugURL(const GURL& url) {
163 if (!url.is_valid())
164 return false;
166 if (url.SchemeIs(url::kJavaScriptScheme))
167 return true;
169 return url == GURL(kChromeUICrashURL) ||
170 url == GURL(kChromeUIDumpURL) ||
171 url == GURL(kChromeUIKillURL) ||
172 url == GURL(kChromeUIHangURL) ||
173 url == GURL(kChromeUIShorthangURL);
176 } // namespace content