Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(658)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2650583006: Fix race in deletion of native message handlers (fixes #28484). (Closed)

Created:
3 years, 11 months ago by rmacnak
Modified:
3 years, 11 months ago
CC:
reviews_dartlang.org, vm-dev_dartlang.org
Target Ref:
refs/heads/master
Visibility:
Public.

Description

Fix race in deletion of native message handlers (fixes #28484). Fix leak of snapshot HeapPages. R=fschneider@google.com Committed: https://github.com/dart-lang/sdk/commit/4dc2677859de3b218864d0e7150684fdc40e0884

Patch Set 1 #

Total comments: 6
Unified diffs Side-by-side diffs Delta from patch set Stats (+16 lines, -4 lines) Patch
M runtime/vm/message_handler.cc View 2 chunks +7 lines, -3 lines 4 comments Download
M runtime/vm/pages.cc View 1 chunk +9 lines, -1 line 2 comments Download

Messages

Total messages: 12 (4 generated)
rmacnak
3 years, 11 months ago (2017-01-24 01:46:40 UTC) #2
Florian Schneider
Lgtm https://codereview.chromium.org/2650583006/diff/1/runtime/vm/pages.cc File runtime/vm/pages.cc (right): https://codereview.chromium.org/2650583006/diff/1/runtime/vm/pages.cc#newcode100 runtime/vm/pages.cc:100: free(this); Maybe change this to new/delete instead of ...
3 years, 11 months ago (2017-01-24 02:06:07 UTC) #3
siva
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc File runtime/vm/message_handler.cc (right): https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc#newcode435 runtime/vm/message_handler.cc:435: end_callback_(callback_data_); If the handler is deleted wouldn't end_callback_ be ...
3 years, 11 months ago (2017-01-24 03:18:42 UTC) #5
rmacnak
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc File runtime/vm/message_handler.cc (right): https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc#newcode435 runtime/vm/message_handler.cc:435: end_callback_(callback_data_); On 2017/01/24 03:18:42, siva wrote: > If the ...
3 years, 11 months ago (2017-01-24 03:28:36 UTC) #6
rmacnak
Committed patchset #1 (id:1) manually as 4dc2677859de3b218864d0e7150684fdc40e0884 (presubmit successful).
3 years, 11 months ago (2017-01-24 03:46:09 UTC) #8
Cutch
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc File runtime/vm/message_handler.cc (right): https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc#newcode435 runtime/vm/message_handler.cc:435: end_callback_(callback_data_); On 2017/01/24 03:28:36, rmacnak wrote: > On 2017/01/24 ...
3 years, 11 months ago (2017-01-24 15:00:48 UTC) #10
siva
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc File runtime/vm/message_handler.cc (right): https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc#newcode435 runtime/vm/message_handler.cc:435: end_callback_(callback_data_); On 2017/01/24 03:28:36, rmacnak wrote: > On 2017/01/24 ...
3 years, 11 months ago (2017-01-24 15:58:26 UTC) #11
Cutch
3 years, 11 months ago (2017-01-24 17:01:27 UTC) #12
Message was sent while issue was closed. 
On 2017/01/24 15:58:26, siva wrote:
>
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler.cc
> File runtime/vm/message_handler.cc (right):
> 
>
https://codereview.chromium.org/2650583006/diff/1/runtime/vm/message_handler....
> runtime/vm/message_handler.cc:435: end_callback_(callback_data_);
> On 2017/01/24 03:28:36, rmacnak wrote:
> > On 2017/01/24 03:18:42, siva wrote:
> > > If the handler is deleted wouldn't end_callback_ be garbage at this point?
> > (i.e
> > > the handler was deleted after we released the monitor above).
> > 
> > Those cases are mutually exclusive. Only a native message handler may be
> deleted
> > here, and they never have an end callback.
> 
> In that case why not store end_callback_ into a local variable (end_callback)
> above when holding the monitor and then do the callback using that local
> ASSERT(!delete_me || end_callback == NULL);
> if (end_callback != NULL) {
>   ...
> }

Done here: https://codereview.chromium.org/2656613003/

Powered by Google App Engine
This is Rietveld 408576698