Fix possible deadlock in PluginChannel.

This occurs when the renderer sends an async message with the unblock flag, and then a sync message right after. If the plugin process just made a sync (with no unblock) call to the renderer, it'll dispatch the first message, and if that leads to a sync call to the renderer, then the unblock flag won't get sent and a deadlock occurs. BUG=43617 Review URL: http://codereview.chromium.org/2045012 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@47063 0039d316-1c4b-4281-b951-d872f2087c98
author: jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-05-12 20:32:52 +0000
committer: jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-05-12 20:32:52 +0000
commit: 390c7814321cb6708a6979daecd0c727c38b7695 (patch)
tree: 62fc029b7aeea74a8b8bd93e998bed9b841c79cd /chrome/plugin/plugin_channel_base.cc
parent: a669333ec5caf533bc52c8aa68d6110630835b54 (diff)
download: chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.zip
chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.tar.gz
chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.tar.bz2
1 files changed, 8 insertions, 11 deletions
diff --git a/chrome/plugin/plugin_channel_base.cc b/chrome/plugin/plugin_channel_base.cc
index f104fea..712c697 100644
--- a/chrome/plugin/plugin_channel_base.cc
+++ b/chrome/plugin/plugin_channel_base.cc
@@ -66,8 +66,8 @@ PluginChannelBase::PluginChannelBase()
       peer_pid_(0),
       in_remove_route_(false),
       channel_valid_(false),
-      in_sync_dispatch_(0),
-      send_unblocking_only_during_sync_dispatch_(false) {
+      in_unblock_dispatch_(0),
+      send_unblocking_only_during_unblock_dispatch_(false) {
 }
 
 PluginChannelBase::~PluginChannelBase() {
@@ -119,7 +119,8 @@ bool PluginChannelBase::Send(IPC::Message* message) {
     return false;
   }
 
-  if (send_unblocking_only_during_sync_dispatch_ && in_sync_dispatch_ == 0 &&
+  if (send_unblocking_only_during_unblock_dispatch_ &&
+      in_unblock_dispatch_ == 0 &&
       message->is_sync()) {
     message->set_unblock(false);
   }
@@ -137,8 +138,8 @@ void PluginChannelBase::OnMessageReceived(const IPC::Message& message) {
   lazy_plugin_channel_stack_.Pointer()->push(
       scoped_refptr<PluginChannelBase>(this));
 
-  if (message.is_sync())
-    in_sync_dispatch_++;
+  if (message.should_unblock())
+    in_unblock_dispatch_++;
   if (message.routing_id() == MSG_ROUTING_CONTROL) {
     OnControlMessageReceived(message);
   } else {
@@ -151,8 +152,8 @@ void PluginChannelBase::OnMessageReceived(const IPC::Message& message) {
       Send(reply);
     }
   }
-  if (message.is_sync())
-    in_sync_dispatch_--;
+  if (message.should_unblock())
+    in_unblock_dispatch_--;
 
   lazy_plugin_channel_stack_.Pointer()->pop();
 }
@@ -237,7 +238,3 @@ void PluginChannelBase::OnChannelError() {
 #endif
   channel_valid_ = false;
 }
-
-void PluginChannelBase::SendUnblockingOnlyDuringSyncDispatch() {
-  send_unblocking_only_during_sync_dispatch_ = true;
-}
author	jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-05-12 20:32:52 +0000
committer	jam@chromium.org <jam@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-05-12 20:32:52 +0000
commit	390c7814321cb6708a6979daecd0c727c38b7695 (patch)
tree	62fc029b7aeea74a8b8bd93e998bed9b841c79cd /chrome/plugin/plugin_channel_base.cc
parent	a669333ec5caf533bc52c8aa68d6110630835b54 (diff)
download	chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.zip chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.tar.gz chromium_src-390c7814321cb6708a6979daecd0c727c38b7695.tar.bz2