forked from mirrors/gecko-dev
c1aac4f429
The sandbox IPC client/server communication protocol relies on a mutex that clients can use to check if the broker process is still alive; e.g. when a response takes more than one second to come. This mutex is owned by a thread of the broker process and will be marked as abandoned when that thread dies. Clients assume that the broker alive mutex being abandoned means that the whole broker process crashed. Therefore it is necessary that the thread that owns the broker alive mutex lives as long as the whole broker process, since clients cannot distinguish between the death of this thread and the death of the whole broker process. In upstream code, the broker alive mutex gets created during the first call to SpawnTarget, which means that it is implicitly required that this call occurs from a thread that lives as long as the broker process will. Since we call SpawnTarget from the IPC launcher thread, which dies during XPCOM shutdown, we are breaking this implicit requirement. Therefore, this patch makes us create the broker alive mutex from the main thread, during sandbox initialization. This ensures that clients will not get disturbed by the death of the IPC launcher thread anymore. Differential Revision: https://phabricator.services.mozilla.com/D197423 |
||
|---|---|---|
| .. | ||
| chromium | ||
| chromium-shim | ||
| common | ||
| linux | ||
| mac | ||
| test | ||
| win | ||
| moz.build | ||