| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ | 5 #ifndef MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ |
| 6 #define MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ | 6 #define MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include "base/macros.h" | 10 #include "base/macros.h" |
| 11 #include "media/base/demuxer_stream.h" |
| 11 #include "media/base/renderer.h" | 12 #include "media/base/renderer.h" |
| 12 #include "media/mojo/interfaces/renderer.mojom.h" | 13 #include "media/mojo/interfaces/renderer.mojom.h" |
| 13 #include "mojo/public/cpp/bindings/binding.h" | 14 #include "mojo/public/cpp/bindings/binding.h" |
| 14 | 15 |
| 15 namespace base { | 16 namespace base { |
| 16 class SingleThreadTaskRunner; | 17 class SingleThreadTaskRunner; |
| 17 } | 18 } |
| 18 | 19 |
| 19 namespace media { | 20 namespace media { |
| 20 | 21 |
| 21 class DemuxerStreamProvider; | 22 class DemuxerStreamProvider; |
| 23 class MojoDemuxerStreamImpl; |
| 22 class VideoOverlayFactory; | 24 class VideoOverlayFactory; |
| 23 class VideoRendererSink; | 25 class VideoRendererSink; |
| 24 | 26 |
| 25 // A media::Renderer that proxies to a mojom::Renderer. That | 27 // A media::Renderer that proxies to a mojom::Renderer. That |
| 26 // mojom::Renderer proxies back to the MojoRendererImpl via the | 28 // mojom::Renderer proxies back to the MojoRendererImpl via the |
| 27 // mojom::RendererClient interface. | 29 // mojom::RendererClient interface. |
| 28 // | 30 // |
| 29 // This class can be created on any thread, where the |remote_renderer| is | 31 // This class can be created on any thread, where the |remote_renderer| is |
| 30 // connected and passed in the constructor. Then Initialize() will be called on | 32 // connected and passed in the constructor. Then Initialize() will be called on |
| 31 // the |task_runner| and starting from that point this class is bound to the | 33 // the |task_runner| and starting from that point this class is bound to the |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 66 void OnVideoOpacityChange(bool opaque) override; | 68 void OnVideoOpacityChange(bool opaque) override; |
| 67 | 69 |
| 68 // Binds |remote_renderer_| to the mojo message pipe. Can be called multiple | 70 // Binds |remote_renderer_| to the mojo message pipe. Can be called multiple |
| 69 // times. If an error occurs during connection, OnConnectionError will be | 71 // times. If an error occurs during connection, OnConnectionError will be |
| 70 // called asynchronously. | 72 // called asynchronously. |
| 71 void BindRemoteRendererIfNeeded(); | 73 void BindRemoteRendererIfNeeded(); |
| 72 | 74 |
| 73 // Callback for connection error on |remote_renderer_|. | 75 // Callback for connection error on |remote_renderer_|. |
| 74 void OnConnectionError(); | 76 void OnConnectionError(); |
| 75 | 77 |
| 78 // Callback for connection error on |audio_stream_| and |video_stream_|. |
| 79 void OnDemuxerStreamConnectionError(DemuxerStream::Type type); |
| 80 |
| 76 // Called when |remote_renderer_| has finished initializing. | 81 // Called when |remote_renderer_| has finished initializing. |
| 77 void OnInitialized(bool success); | 82 void OnInitialized(bool success); |
| 78 | 83 |
| 79 // |task_runner| on which all methods are invoked, except for GetMediaTime(), | 84 // |task_runner| on which all methods are invoked, except for GetMediaTime(), |
| 80 // which can be called on any thread. | 85 // which can be called on any thread. |
| 81 scoped_refptr<base::SingleThreadTaskRunner> task_runner_; | 86 scoped_refptr<base::SingleThreadTaskRunner> task_runner_; |
| 82 | 87 |
| 83 // Overlay factory used to create overlays for video frames rendered | 88 // Overlay factory used to create overlays for video frames rendered |
| 84 // by the remote renderer. | 89 // by the remote renderer. |
| 85 std::unique_ptr<VideoOverlayFactory> video_overlay_factory_; | 90 std::unique_ptr<VideoOverlayFactory> video_overlay_factory_; |
| 86 | 91 |
| 87 // Video frame overlays are rendered onto this sink. | 92 // Video frame overlays are rendered onto this sink. |
| 88 // Rendering of a new overlay is only needed when video natural size changes. | 93 // Rendering of a new overlay is only needed when video natural size changes. |
| 89 VideoRendererSink* video_renderer_sink_; | 94 VideoRendererSink* video_renderer_sink_; |
| 90 | 95 |
| 91 // Provider of audio/video DemuxerStreams. Must be valid throughout the | 96 // Provider of audio/video DemuxerStreams. Must be valid throughout the |
| 92 // lifetime of |this|. | 97 // lifetime of |this|. |
| 93 DemuxerStreamProvider* demuxer_stream_provider_; | 98 DemuxerStreamProvider* demuxer_stream_provider_; |
| 94 | 99 |
| 95 // Client of |this| renderer passed in Initialize. | 100 // Client of |this| renderer passed in Initialize. |
| 96 media::RendererClient* client_; | 101 media::RendererClient* client_; |
| 97 | 102 |
| 103 // Mojo demuxer streams. |
| 104 // Owned by MojoRendererImpl instead of remote mojom::Renderer |
| 105 // becuase these demuxer streams need to be destroyed as soon as |this| is |
| 106 // destroyed. The local demuxer streams returned by DemuxerStreamProvider |
| 107 // cannot be used after |this| is destroyed. |
| 108 std::unique_ptr<MojoDemuxerStreamImpl> audio_stream_; |
| 109 std::unique_ptr<MojoDemuxerStreamImpl> video_stream_; |
| 110 |
| 98 // This class is constructed on one thread and used exclusively on another | 111 // This class is constructed on one thread and used exclusively on another |
| 99 // thread. This member is used to safely pass the RendererPtr from one thread | 112 // thread. This member is used to safely pass the RendererPtr from one thread |
| 100 // to another. It is set in the constructor and is consumed in Initialize(). | 113 // to another. It is set in the constructor and is consumed in Initialize(). |
| 101 mojom::RendererPtrInfo remote_renderer_info_; | 114 mojom::RendererPtrInfo remote_renderer_info_; |
| 102 | 115 |
| 103 // Remote Renderer, bound to |task_runner_| during Initialize(). | 116 // Remote Renderer, bound to |task_runner_| during Initialize(). |
| 104 mojom::RendererPtr remote_renderer_; | 117 mojom::RendererPtr remote_renderer_; |
| 105 | 118 |
| 106 // Binding for RendererClient, bound to the |task_runner_|. | 119 // Binding for RendererClient, bound to the |task_runner_|. |
| 107 mojo::Binding<RendererClient> binding_; | 120 mojo::Binding<RendererClient> binding_; |
| 108 | 121 |
| 109 // Callbacks passed to Initialize() that we forward messages from | 122 // Callbacks passed to Initialize() that we forward messages from |
| 110 // |remote_renderer_| through. | 123 // |remote_renderer_| through. |
| 111 PipelineStatusCB init_cb_; | 124 PipelineStatusCB init_cb_; |
| 112 | 125 |
| 113 // Lock used to serialize access for |time_|. | 126 // Lock used to serialize access for |time_|. |
| 114 mutable base::Lock lock_; | 127 mutable base::Lock lock_; |
| 115 base::TimeDelta time_; | 128 base::TimeDelta time_; |
| 116 | 129 |
| 117 DISALLOW_COPY_AND_ASSIGN(MojoRendererImpl); | 130 DISALLOW_COPY_AND_ASSIGN(MojoRendererImpl); |
| 118 }; | 131 }; |
| 119 | 132 |
| 120 } // namespace media | 133 } // namespace media |
| 121 | 134 |
| 122 #endif // MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ | 135 #endif // MEDIA_MOJO_CLIENTS_MOJO_RENDERER_IMPL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2075193002:
Fixes use-after-free in MojoDemuxerStreamImpl. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master