Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(81)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h

Issue 2913303002: Avoid unsafe heap access from audio thread. (Closed)
Patch Set: improve method documentation Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | third_party/WebKit/Source/modules/webaudio/BaseAudioContext.cpp » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h
diff --git a/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h b/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h
index 13db3f7c07f6e5eb2acee3eac9a31154841c9a8f..20852989b2d5ab94568580b7cd01a7278a0a424a 100644
--- a/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h
+++ b/third_party/WebKit/Source/modules/webaudio/BaseAudioContext.h
@@ -273,16 +273,6 @@ class MODULES_EXPORT BaseAudioContext
// Called at the end of each render quantum.
void HandlePostRenderTasks();
- // Called periodically at the end of each render quantum to release
- // finished source nodes. Updates m_finishedSourceNodes with nodes
- // to be deleted. Returns true if any node needs deletion. Must be
- // run from the audio thread.
- bool ReleaseFinishedSourceNodes();
-
- // The finished source nodes found by |releaseFinishedSourceNodes|
- // will be removed on the main thread, which is done here.
- void RemoveFinishedSourceNodes(bool needs_removal);
-
// Keeps track of the number of connections made.
void IncrementConnectionCount() {
DCHECK(IsMainThread());
@@ -413,11 +403,6 @@ class MODULES_EXPORT BaseAudioContext
// haven't finished playing. Make sure to release them here.
void ReleaseActiveSourceNodes();
- // Actually remove the nodes noted for deletion by
- // releaseFinishedSourceNodes. Must be run from the main thread,
- // and must not be run with the context lock.
- void RemoveFinishedSourceNodesOnMainThread();
-
// Returns the Document wich wich the instance is associated.
Document* GetDocument() const;
@@ -430,9 +415,12 @@ class MODULES_EXPORT BaseAudioContext
// Listener for the PannerNodes
Member<AudioListener> listener_;
- // Only accessed in the audio thread.
+ // Accessed by audio thread and main thread, coordinated using
+ // the associated mutex.
+ //
// These raw pointers are safe because AudioSourceNodes in
- // m_activeSourceNodes own them.
+ // active_source_nodes_ own them.
+ Mutex finished_source_handlers_mutex_;
Vector<AudioHandler*> finished_source_handlers_;
// List of source nodes. This is either accessed when the graph lock is
@@ -443,17 +431,24 @@ class MODULES_EXPORT BaseAudioContext
// this.
HeapVector<Member<AudioNode>> active_source_nodes_;
- // The main thread controls m_activeSourceNodes, all updates and additions
- // are performed by it. When the audio thread marks a source node as finished,
- // the nodes are added to |m_finishedSourceNodes| and scheduled for removal
- // from |m_activeSourceNodes| by the main thread.
- HashSet<UntracedMember<AudioNode>> finished_source_nodes_;
-
- // FIXME(dominicc): Move these to AudioContext because only
- // it creates these Promises.
- // Handle Promises for resume() and suspend()
+ // Called by the audio thread to handle Promises for resume() and suspend(),
+ // posting a main thread task to perform the actual resolving, if needed.
+ //
+ // TODO(dominicc): Move to AudioContext because only it creates
+ // these Promises.
void ResolvePromisesForResume();
- void ResolvePromisesForResumeOnMainThread();
+
+ // The audio thread relies on the main thread to perform some operations
+ // over the objects that it owns and controls; |ScheduleMainThreadCleanup()|
+ // posts the task to initiate those.
+ //
+ // That is, we combine all those sub-tasks into one task action for
+ // convenience and performance, |PerformCleanupOnMainThread()|. It handles
+ // promise resolving, stopping and finishing up of audio source nodes etc.
+ // Actions that should happen, but can happen asynchronously to the
+ // audio thread making rendering progress.
+ void ScheduleMainThreadCleanup();
+ void PerformCleanupOnMainThread();
// When the context is going away, reject any pending script promise
// resolvers.
@@ -467,6 +462,11 @@ class MODULES_EXPORT BaseAudioContext
// don't want to call resolve an excessive number of times.
bool is_resolving_resume_promises_;
+ // Set to |true| by the audio thread when it posts a main-thread task to
+ // perform delayed state sync'ing updates that needs to be done on the main
+ // thread. Cleared by the main thread task once it has run.
+ bool has_posted_cleanup_task_;
+
// Whether a user gesture is required to start this AudioContext.
bool user_gesture_required_;
« no previous file with comments | « no previous file | third_party/WebKit/Source/modules/webaudio/BaseAudioContext.cpp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698