Changeset 63442 in webkit

Timestamp:

Jul 15, 2010 11:39:37 AM (14 years ago)

Author:

andersca@apple.com

Message:

WebKitTestRunner goes off the deep end, spinning in a dispatch queue thread
​https://bugs.webkit.org/show_bug.cgi?id=42355

Reviewed by Darin Adler.

Sometimes, when receiving a message whose size is very close to the inlineMessageMaxSize,
mach_msg would return with MACH_RCV_TOO_LARGE. In debug builds we would assert, but in release
builds we would just bail and the receiveSourceEventHandler would be run again shortly since we didn't
actually pull the message off the mach message queue.

Fix this by setting the receive source buffer size to include the maximum message trailer size, which
mach_msg requires. Also, handle mach_msg returning MACH_RCV_TOO_LARGE (even though in theory it would never happen
now that the receivedBufferSize always includes the maximum message trailer size.

• Platform/CoreIPC/mac/ConnectionMac.cpp:

(CoreIPC::Connection::receiveSourceEventHandler):
Use a Vector with inline data instead of a char array. This way we can resize the Vector if the message received
is too big.

Location:

trunk/WebKit2

Files:

• ChangeLog (modified) (1 diff)
• Platform/CoreIPC/mac/ConnectionMac.cpp (modified) (2 diffs)

trunk/WebKit2/ChangeLog

@@ +1 @@
+2010-07-15  Anders Carlsson  <andersca@apple.com>
+
+        Reviewed by Darin Adler.
+
+        WebKitTestRunner goes off the deep end, spinning in a dispatch queue thread
+        https://bugs.webkit.org/show_bug.cgi?id=42355
+
+        Sometimes, when receiving a message whose size is very close to the inlineMessageMaxSize,
+        mach_msg would return with MACH_RCV_TOO_LARGE. In debug builds we would assert, but in release
+        builds we would just bail and the receiveSourceEventHandler would be run again shortly since we didn't
+        actually pull the message off the mach message queue.
+
+        Fix this by setting the receive source buffer size to include the maximum message trailer size, which
+        mach_msg requires. Also, handle mach_msg returning MACH_RCV_TOO_LARGE (even though in theory it would never happen
+        now that the receivedBufferSize always includes the maximum message trailer size.
+
+        * Platform/CoreIPC/mac/ConnectionMac.cpp:
+        (CoreIPC::Connection::receiveSourceEventHandler):
+        Use a Vector with inline data instead of a char array. This way we can resize the Vector if the message received
+        is too big.
+
 2010-07-15  Anders Carlsson  <andersca@apple.com>
 

trunk/WebKit2/Platform/CoreIPC/mac/ConnectionMac.cpp

@@ -127 +127 @@
     
     size_t messageSize = machMessageSize(arguments->bufferSize(), numberOfPortDescriptors, numberOfOOLMemoryDescriptors);
-    
     char buffer[inlineMessageMaxSize];
 
@@ -278 +277 @@
 void Connection::receiveSourceEventHandler()
 {
-    char buffer[inlineMessageMaxSize];
-    
-    mach_msg_header_t* header = reinterpret_cast<mach_msg_header_t*>(&buffer);
-    
-    kern_return_t kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, sizeof(buffer), m_receivePort, 0, MACH_PORT_NULL);
+    // The receive buffer size should always include the maximum trailer size.
+    static const size_t receiveBufferSize = inlineMessageMaxSize + MAX_TRAILER_SIZE;
+
+    Vector<char, receiveBufferSize> buffer(receiveBufferSize);
+    
+    mach_msg_header_t* header = reinterpret_cast<mach_msg_header_t*>(buffer.data());
+    
+    kern_return_t kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, buffer.size(), m_receivePort, 0, MACH_PORT_NULL);
     if (kr == MACH_RCV_TIMED_OUT)
         return;
 
+    if (kr == MACH_RCV_TOO_LARGE) {
+        // The message was too large, resize the buffer and try again.
+        buffer.resize(header->msgh_size + MAX_TRAILER_SIZE);
+        
+        header = reinterpret_cast<mach_msg_header_t*>(buffer.data());
+        
+        kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, buffer.size(), m_receivePort, 0, MACH_PORT_NULL);
+        ASSERT(kr != MACH_RCV_TOO_LARGE);
+    }
+
     if (kr != MACH_MSG_SUCCESS) {
-
         ASSERT_NOT_REACHED();
-        // FIXME: Handle MACH_RCV_MSG_TOO_LARGE.
-        return;
-    }
-    
+        return;
+    }
+
     MessageID messageID = MessageID::fromInt(header->msgh_id);
     OwnPtr<ArgumentDecoder> arguments = createArgumentDecoder(header);