Experimentally disable termination on heap corruption in order to measure the...

Experimentally disable termination on heap corruption in order to measure the contribution of this feature to missing crash reports.

Because this feature is configured very early in the process lifetime it cannot be directly controlled by a field-trial. Rather, we query the status during a given execution, store that status in the registry, and then query the registry during startup. This means the experiment will only take effect the 2nd time it is executed.

BUG=394842

Review URL: https://codereview.chromium.org/402723002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@284100 0039d316-1c4b-4281-b951-d872f2087c98

chrome/app/chrome_main.cc

@@ -8,6 +8,7 @@
 
 #if defined(OS_WIN)
 #include "base/win/win_util.h"
+#include "chrome/common/terminate_on_heap_corruption_experiment_win.h"
 
 #define DLLEXPORT __declspec(dllexport)
 
@@ -38,6 +39,9 @@ int ChromeMain(int argc, const char** argv) {
   base::win::SetAbortBehaviorForCrashReporting();
   params.instance = instance;
   params.sandbox_info = sandbox_info;
+
+  params.enable_termination_on_heap_corruption =
+      !ShouldExperimentallyDisableTerminateOnHeapCorruption();
 #else
   params.argc = argc;
   params.argv = argv;

chrome/browser/chrome_browser_main_win.cc

@@ -38,6 +38,7 @@
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/chrome_version_info.h"
 #include "chrome/common/env_vars.h"
+#include "chrome/common/terminate_on_heap_corruption_experiment_win.h"
 #include "chrome/installer/launcher_support/chrome_launcher_support.h"
 #include "chrome/installer/util/browser_distribution.h"
 #include "chrome/installer/util/helper.h"
@@ -259,6 +260,10 @@ void ChromeBrowserMainPartsWin::PostBrowserStart() {
           base::TimeDelta::FromSeconds(45));
 
   InitializeChromeElf();
+
+  // TODO(erikwright): Remove this and the implementation of the experiment by
+  // August 2014.
+  InitializeDisableTerminateOnHeapCorruptionExperiment();
 }
 
 // static

chrome/chrome_common.gypi

@@ -211,6 +211,8 @@
       'common/spellcheck_result.h',
       'common/switch_utils.cc',
       'common/switch_utils.h',
+      'common/terminate_on_heap_corruption_experiment_win.cc',
+      'common/terminate_on_heap_corruption_experiment_win.h',
       'common/tts_messages.h',
       'common/tts_utterance_request.cc',
       'common/tts_utterance_request.h',

chrome/common/terminate_on_heap_corruption_experiment_win.cc

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/common/terminate_on_heap_corruption_experiment_win.h"
+
+#include "base/metrics/field_trial.h"
+#include "base/win/registry.h"
+#include "chrome/common/chrome_constants.h"
+#include "chrome/common/chrome_version_info.h"
+
+#if defined(OS_WIN)
+#if defined(GOOGLE_CHROME_BUILD)
+#define PRODUCT_STRING_PATH L"Google\\Chrome"
+#elif defined(CHROMIUM_BUILD)
+#define PRODUCT_STRING_PATH L"Chromium"
+#else
+#error Unknown branding
+#endif
+#endif  // defined(OS_WIN)
+
+namespace {
+
+wchar_t* GetBeaconKeyPath() {
+  chrome::VersionInfo::Channel channel = chrome::VersionInfo::GetChannel();
+  if (channel == chrome::VersionInfo::CHANNEL_CANARY) {
+    return L"SOFTWARE\\" PRODUCT_STRING_PATH
+        L"\\DisableTerminateOnProcessHeapCorruptionSxs";
+  }
+  return L"SOFTWARE\\" PRODUCT_STRING_PATH
+      L"\\DisableTerminateOnProcessHeapCorruption";
+}
+
+}  // namespace
+
+bool ShouldExperimentallyDisableTerminateOnHeapCorruption() {
+  base::win::RegKey regkey(
+      HKEY_CURRENT_USER, GetBeaconKeyPath(), KEY_QUERY_VALUE);
+  return regkey.Valid();
+}
+
+void InitializeDisableTerminateOnHeapCorruptionExperiment() {
+  base::win::RegKey regkey(HKEY_CURRENT_USER);
+
+  if (base::FieldTrialList::FindFullName("TerminateOnProcessHeapCorruption") ==
+      "Disabled") {
+    regkey.CreateKey(GetBeaconKeyPath(), KEY_SET_VALUE);
+  } else {
+    regkey.DeleteKey(GetBeaconKeyPath());
+  }
+}

chrome/common/terminate_on_heap_corruption_experiment_win.h

+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_COMMON_TERMINATE_ON_HEAP_CORRUPTION_EXPERIMENT_WIN_H_
+#define CHROME_COMMON_TERMINATE_ON_HEAP_CORRUPTION_EXPERIMENT_WIN_H_
+
+bool ShouldExperimentallyDisableTerminateOnHeapCorruption();
+void InitializeDisableTerminateOnHeapCorruptionExperiment();
+
+#endif  // CHROME_COMMON_TERMINATE_ON_HEAP_CORRUPTION_EXPERIMENT_WIN_H_

content/app/content_main_runner.cc

@@ -557,7 +557,8 @@ class ContentMainRunnerImpl : public ContentMainRunner {
     is_initialized_ = true;
     delegate_ = params.delegate;
 
-    base::EnableTerminationOnHeapCorruption();
+    if (params.enable_termination_on_heap_corruption)
+      base::EnableTerminationOnHeapCorruption();
     base::EnableTerminationOnOutOfMemory();
 
     // The exit manager is in charge of calling the dtors of singleton objects.

content/public/app/content_main.h

@@ -25,6 +25,7 @@ class ContentMainDelegate;
 struct ContentMainParams {
   explicit ContentMainParams(ContentMainDelegate* delegate)
       : delegate(delegate),
+        enable_termination_on_heap_corruption(true),
 #if defined(OS_WIN)
         instance(NULL),
         sandbox_info(NULL),
@@ -37,6 +38,8 @@ struct ContentMainParams {
 
   ContentMainDelegate* delegate;
 
+  bool enable_termination_on_heap_corruption;
+
 #if defined(OS_WIN)
   HINSTANCE instance;