Issue 1080453002: Always destroy CrxInstaller on the UI Thread

Issue 1080453002: Always destroy CrxInstaller on the UI Thread (Closed)

Created:
5 years, 8 months ago by tapted

Modified:
5 years, 8 months ago

Reviewers:
xiyuan, benwells

CC:
chromium-reviews, chromium-apps-reviews_chromium.org, extensions-reviews_chromium.org, chrome-apps-syd-reviews_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@master

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Always destroy CrxInstaller on the UI Thread CrxInstaller currently just guarantees that its ExtensionInstallPrompt |client_| data member is destroyed on the UI Thread. But this is not enough -- CrxInstaller is the InstallPrompt's delegate via a weak reference, so it can't be destroyed first. This changes CrxInstaller from a RefCountedThreadSafe to a RefCountedDeleteOnMessageLoop to ensure the whole thing is destroyed on the UI thread when all references are gone. Note that CrxInstaller also owns a ChromeRequirementsChecker which is a WeakReferenceOwner. WeakReferenceOwners must be destroyed on the thread that created them, so CrxInstaller being destroyed on the FILE thread also hits a DCHECK at weak_ptr.cc:20. Since SandboxedUnpackerClient is the base class that "is" the RefCountedThreadSafe other classes derived from SandboxedUnpackerClient are affected. To keep things simple and consistent, they all become RefCountedDeleteOnMessageLoop. BUG=410415 TEST=At the webstore: {show an install dialog, then cancel it}. Repeat many times. Chrome should not crash. Previously a race condition could be triggered causing Chrome to crash (maybe a 1-in-20 chance). Committed: https://crrev.com/1e394abd91dbfa362d139fbc7b10fa5d5d2e0631 Cr-Commit-Position: refs/heads/master@{#325339}

Patch Set 1 #

Patch Set 2 : Update ownership #

Patch Set 3 : Fix test #

Patch Set 4 : Fix CrOZ #

Total comments: 4

Patch Set 5 : Less plumbing. More comments #

Created: 5 years, 8 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+22 lines, -11 lines)			Patch
M	chrome/browser/extensions/crx_installer.h	View	1	1 chunk	+1 line, -3 lines	0 comments	Download
M	chrome/browser/extensions/crx_installer.cc	View	1 2 3 4	1 chunk	+5 lines, -5 lines	0 comments	Download
M	extensions/browser/sandboxed_unpacker.h	View	1 2 3 4	3 chunks	+9 lines, -3 lines	0 comments	Download
M	extensions/browser/sandboxed_unpacker.cc	View	1 2 3 4	1 chunk	+7 lines, -0 lines	0 comments	Download

Messages

Total messages: 14 (6 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

tapted

PTAL: benwells for c/b/extensions, xiyuan for c/b/chromeos

5 years, 8 months ago (2015-04-13 06:28:52 UTC) #4

benwells

https://codereview.chromium.org/1080453002/diff/80001/chrome/browser/extensions/crx_installer.cc File chrome/browser/extensions/crx_installer.cc (right): https://codereview.chromium.org/1080453002/diff/80001/chrome/browser/extensions/crx_installer.cc#newcode169 chrome/browser/extensions/crx_installer.cc:169: // The scoped_ptr |client_| data member must be destroyed ...

5 years, 8 months ago (2015-04-14 22:14:19 UTC) #6

tapted

5 years, 8 months ago (2015-04-15 03:07:44 UTC) #8

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1080453002/120001

5 years, 8 months ago (2015-04-15 23:14:54 UTC) #12

commit-bot: I haz the power

5 years, 8 months ago (2015-04-15 23:23:36 UTC) #14

Message was sent while issue was closed.

Patchset 5 (id:??) landed as
https://crrev.com/1e394abd91dbfa362d139fbc7b10fa5d5d2e0631
Cr-Commit-Position: refs/heads/master@{#325339}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages