Mojo: Eliminate re-entrancy in MultiplexRouter
ProcessTasks() can destroy messages, which can lead to endpoint closure, which can trigger ProcessTasks(). This is causing stack overflows, and the re-entrancy is not necessary. Fixed: 335577804 Change-Id: I83d921554872d031378c725d8eae80e4cfdece4b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5472164 Commit-Queue: Ken Rockot <rockot@google.com> Reviewed-by: Yuzhu Shen <yzshen@chromium.org> Cr-Commit-Position: refs/heads/main@{#1291413}
This commit is contained in:

committed by
Chromium LUCI CQ

parent
417a5df82b
commit
576d944eff
mojo/public/cpp/bindings/lib
@ -8,6 +8,7 @@
|
||||
|
||||
#include <utility>
|
||||
|
||||
#include "base/auto_reset.h"
|
||||
#include "base/containers/contains.h"
|
||||
#include "base/containers/flat_set.h"
|
||||
#include "base/feature_list.h"
|
||||
@ -922,9 +923,10 @@ void MultiplexRouter::ProcessTasks(
|
||||
base::SequencedTaskRunner* current_task_runner) {
|
||||
AssertLockAcquired();
|
||||
|
||||
if (posted_to_process_tasks_)
|
||||
if (posted_to_process_tasks_ || processing_tasks_)
|
||||
return;
|
||||
|
||||
base::AutoReset<bool> processing_tasks(&processing_tasks_, true);
|
||||
while (!tasks_.empty() && !paused_) {
|
||||
std::unique_ptr<Task> task(std::move(tasks_.front()));
|
||||
tasks_.pop_front();
|
||||
|
@ -341,6 +341,10 @@ class COMPONENT_EXPORT(MOJO_CPP_BINDINGS) MultiplexRouter
|
||||
bool posted_to_process_tasks_ = false;
|
||||
scoped_refptr<base::SequencedTaskRunner> posted_to_task_runner_;
|
||||
|
||||
// Indicates whether we're currently within ProcessTasks(). Used to avoid
|
||||
// re-entrancy into that method.
|
||||
bool processing_tasks_ = false;
|
||||
|
||||
bool encountered_error_ = false;
|
||||
|
||||
// Indicates whether this router is paused, meaning it is not currently
|
||||
|
Reference in New Issue
Block a user