Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(974)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: content/browser/browser_message_filter.cc

Issue 6713121: Ensure that BrowserMessageFilter isn't used to process a sync message on the UI thread. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: '' Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « content/browser/browser_message_filter.h ('k') | content/browser/renderer_host/render_view_host.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: content/browser/browser_message_filter.cc
===================================================================
--- content/browser/browser_message_filter.cc (revision 79364)
+++ content/browser/browser_message_filter.cc (working copy)
@@ -9,6 +9,7 @@
#include "base/process_util.h"
#include "chrome/browser/metrics/user_metrics.h"
#include "content/common/result_codes.h"
+#include "ipc/ipc_sync_message.h"
BrowserMessageFilter::BrowserMessageFilter()
: channel_(NULL), peer_handle_(base::kNullProcessHandle) {
@@ -67,6 +68,11 @@
if (thread == BrowserThread::IO)
return DispatchMessage(message);
+ if (thread == BrowserThread::UI &&
+ !MessageCanBeDispatchedOnUI(message, this)) {
+ return true;
+ }
+
BrowserThread::PostTask(
thread, FROM_HERE,
NewRunnableMethod(
@@ -90,3 +96,28 @@
void BrowserMessageFilter::BadMessageReceived() {
base::KillProcess(peer_handle(), ResultCodes::KILLED_BAD_MESSAGE, false);
}
+
+bool BrowserMessageFilter::MessageCanBeDispatchedOnUI(
+ const IPC::Message& message, IPC::Message::Sender* sender) {
+#if defined(OS_WIN)
+ // On Windows there's a potential deadlock with sync messsages going in
+ // a circle from browser -> plugin -> renderer -> browser.
+ // On Linux we can avoid this by avoiding sync messages from browser->plugin.
+ // On Mac we avoid this by not supporting windowed plugins.
+ if (message.is_sync() && !message.is_caller_pumping_messages()) {
+ // NOTE: IF YOU HIT THIS ASSERT, THE SOLUTION IS ALMOST NEVER TO RUN A
+ // NESTED MESSAGE LOOP IN THE RENDERER!!!
+ // That introduces reentrancy which causes hard to track bugs. You should
+ // find a way to either turn this into an asynchronous message, or one
+ // that can be answered on the IO thread.
+ NOTREACHED() << "Can't send sync messages to UI thread without pumping "
+ "messages in the renderer or else deadlocks can occur if the page "
+ "has windowed plugins! (message type " << message.type() << ")";
+ IPC::Message* reply = IPC::SyncMessage::GenerateReply(&message);
+ reply->set_reply_error();
+ sender->Send(reply);
+ return false;
+ }
+#endif
+ return true;
+}
« no previous file with comments | « content/browser/browser_message_filter.h ('k') | content/browser/renderer_host/render_view_host.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698