Comment #2 on issue 17027 by bugdro...@chromium.org: Crash - tcmalloc::ThreadCache::FreeList::PopRange(int,void * *,void * *) http://code.google.com/p/chromium/issues/detail?id=17027
The following revision refers to this bug: http://src.chromium.org/viewvc/chrome?view=rev&revision=22261 ------------------------------------------------------------------------ r22261 | j...@chromium.org | 2009-08-03 00:01:47 -0700 (Mon, 03 Aug 2009) | 13 lines Changed paths: M http://src.chromium.org/viewvc/chrome/trunk/src/base/pickle.cc?r1=22261&r2=22260 Add defensive code in pickle to preclude realloc of shared header_ memory. Since I was able to (some how) generate a problem with header_ being double freed (perhaps, because it was shared in some way??), this change adds several lines of defensive coding. The current assignment operator appears very dangerous, as it allowed Resize to be called when the header_ was not owned by the instance (it was read-only). I haven't found a path to cause a problem, but we may as well be defensive. BUG=17027 BUG=17088 r=CPU Review URL: http://codereview.chromium.org/160490 ------------------------------------------------------------------------ -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---