[webkit-reviews] review granted: [Bug 36426] Chromium: Crash in WebCore::ArchiveFactory::isArchiveMimeType : [Attachment 51426] Sanity Checks
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Mar 23 08:12:13 PDT 2010
Jeremy Orlow <jorlow at chromium.org> has granted Jeremy Moskovich
<playmobil at google.com>'s request for review:
Bug 36426: Chromium: Crash in WebCore::ArchiveFactory::isArchiveMimeType
https://bugs.webkit.org/show_bug.cgi?id=36426
Attachment 51426: Sanity Checks
https://bugs.webkit.org/attachment.cgi?id=51426&action=review
------- Additional Comments from Jeremy Orlow <jorlow at chromium.org>
Please don't let this code linger very long.
> diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
> index 5248861..29091f6 100644
> --- a/WebCore/ChangeLog
> +++ b/WebCore/ChangeLog
> @@ -1,3 +1,16 @@
> +2010-03-21 Jeremy Moskovich <jeremy at chromium.org>
> +
> + Reviewed by NOBODY (OOPS!).
> +
> + Add some diagnostics to try to track down cause of crash in
ArchiveFactory::isArchiveMimeType().
> +
> + https://bugs.webkit.org/show_bug.cgi?id=36426
> +
> + No new tests as there is no new functionality.
> +
> + * loader/FrameLoader.cpp:
> + (WebCore::FrameLoader::finishedLoadingDocument): Make copy of
mimeType string to isolate crash.
> +
> 2010-03-23 Gustavo Noronha Silva <gustavo.noronha at collabora.co.uk>
>
> Reviewed by Holger Freyther.
> diff --git a/WebCore/loader/FrameLoader.cpp b/WebCore/loader/FrameLoader.cpp
> index 0323e97..51277f9 100644
> --- a/WebCore/loader/FrameLoader.cpp
> +++ b/WebCore/loader/FrameLoader.cpp
> @@ -2812,7 +2812,16 @@ void
FrameLoader::finishedLoadingDocument(DocumentLoader* loader)
> #endif
>
> // If loading a webarchive, run through webarchive machinery
> +#if PLATFORM(CHROMIUM)
Sigh...I guess this is OK since it's only temporary.
> + // https://bugs.webkit.org/show_bug.cgi?id=36426
> + // FIXME(jeremy at chromium.org): For debugging purposes, should be removed
nit: FIXME() is not WebKit style....just do a FIXME and mention your name in
the comment if you wish.
> + // before closing the bug.
> + // Make real copy of the string so we fail here if the responseMIMEType
> + // string is bad.
> + const String responseMIMEType = loader->responseMIMEType();
> +#else
> const String& responseMIMEType = loader->responseMIMEType();
> +#endif
>
> // FIXME: Mac's FrameLoaderClient::finishedLoading() method does work
that is required even with Archive loads
> // so we still need to call it. Other platforms should only call
finishLoading for non-archive loads
> diff --git a/WebKit/chromium/ChangeLog b/WebKit/chromium/ChangeLog
> index 0c505f8..8f395f0 100644
> --- a/WebKit/chromium/ChangeLog
> +++ b/WebKit/chromium/ChangeLog
> @@ -1,3 +1,21 @@
> +2010-03-21 Jeremy Moskovich <jeremy at chromium.org>
> +
> + Reviewed by NOBODY (OOPS!).
> +
> + Add some diagnostics to try to track down cause of crash in
ArchiveFactory::isArchiveMimeType().
> +
> + https://bugs.webkit.org/show_bug.cgi?id=36426
> +
> + * src/ResourceHandle.cpp: Track state across ResourceHandle
invocations.
> + (WebCore::ResourceHandleInternal::ResourceHandleInternal):
> + (WebCore::ResourceHandleInternal::):
> + (WebCore::ResourceHandleInternal::start):
> + (WebCore::ResourceHandleInternal::cancel):
> + (WebCore::ResourceHandleInternal::didReceiveResponse):
> + (WebCore::ResourceHandleInternal::didReceiveData):
> + (WebCore::ResourceHandleInternal::didFinishLoading):
> + (WebCore::ResourceHandleInternal::didFail):
> +
> 2010-03-22 Kenneth Russell <kbr at google.com>
>
> Reviewed by Darin Fisher.
> diff --git a/WebKit/chromium/src/ResourceHandle.cpp
b/WebKit/chromium/src/ResourceHandle.cpp
> index 206823c..51a43c6 100644
> --- a/WebKit/chromium/src/ResourceHandle.cpp
> +++ b/WebKit/chromium/src/ResourceHandle.cpp
> @@ -57,6 +57,7 @@ public:
> : m_request(request)
> , m_owner(0)
> , m_client(client)
> + , m_state(CONNECTION_STATE_NEW)
> {
> }
>
> @@ -74,14 +75,32 @@ public:
> virtual void didFinishLoading(WebURLLoader*);
> virtual void didFail(WebURLLoader*, const WebURLError&);
>
> + enum ConnectionState {
> + CONNECTION_STATE_NEW,
> + CONNECTION_STATE_STARTED,
> + CONNECTION_STATE_RECEIVED_RESPONSE,
> + CONNECTION_STATE_RECEIVING_DATA,
> + CONNECTION_STATE_FINISHED_LOADING,
> + CONNECTION_STATE_CANCELED,
> + CONNECTION_STATE_FAILED,
> + };
> +
> +
Only one newline.
More information about the webkit-reviews
mailing list