Changeset 63442 in webkit
- Timestamp:
- Jul 15, 2010 11:39:37 AM (14 years ago)
- Location:
- trunk/WebKit2
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/WebKit2/ChangeLog
r63439 r63442 1 2010-07-15 Anders Carlsson <andersca@apple.com> 2 3 Reviewed by Darin Adler. 4 5 WebKitTestRunner goes off the deep end, spinning in a dispatch queue thread 6 https://bugs.webkit.org/show_bug.cgi?id=42355 7 8 Sometimes, when receiving a message whose size is very close to the inlineMessageMaxSize, 9 mach_msg would return with MACH_RCV_TOO_LARGE. In debug builds we would assert, but in release 10 builds we would just bail and the receiveSourceEventHandler would be run again shortly since we didn't 11 actually pull the message off the mach message queue. 12 13 Fix this by setting the receive source buffer size to include the maximum message trailer size, which 14 mach_msg requires. Also, handle mach_msg returning MACH_RCV_TOO_LARGE (even though in theory it would never happen 15 now that the receivedBufferSize always includes the maximum message trailer size. 16 17 * Platform/CoreIPC/mac/ConnectionMac.cpp: 18 (CoreIPC::Connection::receiveSourceEventHandler): 19 Use a Vector with inline data instead of a char array. This way we can resize the Vector if the message received 20 is too big. 21 1 22 2010-07-15 Anders Carlsson <andersca@apple.com> 2 23 -
trunk/WebKit2/Platform/CoreIPC/mac/ConnectionMac.cpp
r63148 r63442 127 127 128 128 size_t messageSize = machMessageSize(arguments->bufferSize(), numberOfPortDescriptors, numberOfOOLMemoryDescriptors); 129 130 129 char buffer[inlineMessageMaxSize]; 131 130 … … 278 277 void Connection::receiveSourceEventHandler() 279 278 { 280 char buffer[inlineMessageMaxSize]; 281 282 mach_msg_header_t* header = reinterpret_cast<mach_msg_header_t*>(&buffer); 283 284 kern_return_t kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, sizeof(buffer), m_receivePort, 0, MACH_PORT_NULL); 279 // The receive buffer size should always include the maximum trailer size. 280 static const size_t receiveBufferSize = inlineMessageMaxSize + MAX_TRAILER_SIZE; 281 282 Vector<char, receiveBufferSize> buffer(receiveBufferSize); 283 284 mach_msg_header_t* header = reinterpret_cast<mach_msg_header_t*>(buffer.data()); 285 286 kern_return_t kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, buffer.size(), m_receivePort, 0, MACH_PORT_NULL); 285 287 if (kr == MACH_RCV_TIMED_OUT) 286 288 return; 287 289 290 if (kr == MACH_RCV_TOO_LARGE) { 291 // The message was too large, resize the buffer and try again. 292 buffer.resize(header->msgh_size + MAX_TRAILER_SIZE); 293 294 header = reinterpret_cast<mach_msg_header_t*>(buffer.data()); 295 296 kr = mach_msg(header, MACH_RCV_MSG | MACH_RCV_LARGE | MACH_RCV_TIMEOUT, 0, buffer.size(), m_receivePort, 0, MACH_PORT_NULL); 297 ASSERT(kr != MACH_RCV_TOO_LARGE); 298 } 299 288 300 if (kr != MACH_MSG_SUCCESS) { 289 290 301 ASSERT_NOT_REACHED(); 291 // FIXME: Handle MACH_RCV_MSG_TOO_LARGE. 292 return; 293 } 294 302 return; 303 } 304 295 305 MessageID messageID = MessageID::fromInt(header->msgh_id); 296 306 OwnPtr<ArgumentDecoder> arguments = createArgumentDecoder(header);
Note: See TracChangeset
for help on using the changeset viewer.