Comment #6 on issue 27839 by [email protected]: UninitCondition in
MessagePortDispatcher::Observe
http://code.google.com/p/chromium/issues/detail?id=27839
The following revision refers to this bug:
http://src.chromium.org/viewvc/chrome?view=rev&revision=33271
------------------------------------------------------------------------
r33271 | [email protected] | 2009-11-29 22:52:17 -0800 (Sun, 29 Nov 2009)
| 20 lines
Changed paths:
M
http://src.chromium.org/viewvc/chrome/branches/249/src/chrome/browser/worker_host/message_port_dispatcher.cc?r1=33271&r2=33270
M
http://src.chromium.org/viewvc/chrome/branches/249/src/chrome/browser/worker_host/message_port_dispatcher.h?r1=33271&r2=33270
Merge 32586 - Fix unitialized memory access in workers.
The primary issue was that OnDestroy didn't change the entangled port
to have its entangled port be none.
A secondary issues that came up is that in very rare circumstances (like a
crash
happening early in a worker process), it seemed like it may be possible
that one
of the message ports may think it is entangled and the other half may not,
so
the Erase method guards against this.
Also, some code was added to verify the internal structure before running
code
and after.
BUG=27839
TEST=valgrind on linux running ui tests, specifically
WorkerTest.WorkerFastLayoutTests.
Review URL: http://codereview.chromium.org/402106
[email protected]
Review URL: http://codereview.chromium.org/452007
------------------------------------------------------------------------
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
