Issue 402106: Fix unitialized memory access in workers.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 402106: Fix unitialized memory access in workers. (Closed)

Created:
11 years, 1 month ago by levin

Modified:
9 years, 7 months ago

Reviewers:
jam

CC:
chromium-reviews_googlegroups.com

Visibility:
Public.

Description

Fix unitialized memory access in workers. The primary issue was that OnDestroy didn't change the entangled port to have its entangled port be none. A secondary issues that came up is that in very rare circumstances (like a crash happening early in a worker process), it seemed like it may be possible that one of the message ports may think it is entangled and the other half may not, so the Erase method guards against this. Also, some code was added to verify the internal structure before running code and after. BUG=27839 TEST=valgrind on linux running ui tests, specifically WorkerTest.WorkerFastLayoutTests. Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=32586

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+71 lines, -59 lines)			Patch
M	chrome/browser/worker_host/message_port_dispatcher.h	View	1 2 3 4 5	1 chunk	+10 lines, -0 lines	0 comments	Download
M	chrome/browser/worker_host/message_port_dispatcher.cc	View	1 2	11 chunks	+61 lines, -6 lines	0 comments	Download
M	tools/valgrind/memcheck/suppressions.txt	View	2 3	2 chunks	+0 lines, -53 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

jam

11 years, 1 month ago (2009-11-20 00:44:01 UTC) #2

lgtm, thanks for tracking this down

http://codereview.chromium.org/402106/diff/1/3
File chrome/browser/worker_host/message_port_dispatcher.h (right):

http://codereview.chromium.org/402106/diff/1/3#newcode75
Line 75: void CheckInvariants(bool check_entanglements) { }
nit: CheckInvariants's name isn't clear to me about what it's checking.  what
about CheckMessagePortMap or something similar?

http://codereview.chromium.org/402106/diff/1/3#newcode77
Line 77: void CheckInvariants(bool check_entanglements);
nit: the common way we do these checks is to have a function only defined in
ifdef NDEBUG, then we call out to it as such:

DCHECK(CheckBlah)

The function can even return true all the time since you have DCHECKs inside of
it.

This makes it obvious to the reader that the check only happens in debug builds,
and that there's no overhead for adding that code.

Expand Messages | Collapse Messages

Issue 402106: Fix unitialized memory access in workers. (Closed)

Description

Patch Set 1 #

Patch Set 2 : Remove valgrind suppression as well. #

Patch Set 3 : Address nits. #

Patch Set 4 : Removed a few more (essentially) duplicate valgrind suppressions. #

Patch Set 5 : Fix valgrind build issue. #

Patch Set 6 : It is "#else" not "#lse" :(. #

Messages