Skip to site navigation (Press enter)

[webkit-changes] [114724] trunk

commit-queue Fri, 20 Apr 2012 00:40:23 -0700

Title: [114724] trunk

Revision: 114724
Author: commit-qu...@webkit.org
Date: 2012-04-20 00:40:12 -0700 (Fri, 20 Apr 2012)

Log Message

DOMFileSystem::scheduleCallback() crashes on file() call after reload.
https://bugs.webkit.org/show_bug.cgi?id=76461


DOMFileSystem::scheduleCallback() is unavailable when the page in unloading, so we should
avoid using it in callback.

Patch by Taiju Tsuiki <t...@chromium.org> on 2012-04-20
Reviewed by David Levin.

Source/WebCore:

Test: fast/filesystem/file-after-reload-crash.html

* Modules/filesystem/DOMFileSystem.cpp:
(WebCore):

LayoutTests:

* fast/filesystem/file-after-reload-crash-expected.txt: Added.
* fast/filesystem/file-after-reload-crash.html: Added.

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/Modules/filesystem/DOMFileSystem.cpp

Added Paths

trunk/LayoutTests/fast/filesystem/file-after-reload-crash-expected.txt
trunk/LayoutTests/fast/filesystem/file-after-reload-crash.html

Diff

Modified: trunk/LayoutTests/ChangeLog (114723 => 114724)


--- trunk/LayoutTests/ChangeLog	2012-04-20 07:33:05 UTC (rev 114723)
+++ trunk/LayoutTests/ChangeLog	2012-04-20 07:40:12 UTC (rev 114724)
@@ -1,3 +1,16 @@
+2012-04-20  Taiju Tsuiki  <t...@chromium.org>
+
+        DOMFileSystem::scheduleCallback() crashes on file() call after reload.
+        https://bugs.webkit.org/show_bug.cgi?id=76461
+
+        DOMFileSystem::scheduleCallback() is unavailable when the page in unloading, so we should
+        avoid using it in callback.
+
+        Reviewed by David Levin.
+
+        * fast/filesystem/file-after-reload-crash-expected.txt: Added.
+        * fast/filesystem/file-after-reload-crash.html: Added.
+
 2012-04-20  Mikhail Naganov  <mnaga...@chromium.org>
 
         [Chromium] Unreviewed test expectations update.

Added: trunk/LayoutTests/fast/filesystem/file-after-reload-crash-expected.txt (0 => 114724)


--- trunk/LayoutTests/fast/filesystem/file-after-reload-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/fast/filesystem/file-after-reload-crash-expected.txt	2012-04-20 07:40:12 UTC (rev 114724)
@@ -0,0 +1 @@
+PASS

Added: trunk/LayoutTests/fast/filesystem/file-after-reload-crash.html (0 => 114724)


--- trunk/LayoutTests/fast/filesystem/file-after-reload-crash.html	                        (rev 0)
+++ trunk/LayoutTests/fast/filesystem/file-after-reload-crash.html	2012-04-20 07:40:12 UTC (rev 114724)
@@ -0,0 +1,42 @@
+<!DOCTYPE html>
+<meta charset="UTF-8">
+<!-- based on crbug.com/94895#c20
+     http://crbug.com/94895
+     http://webkit.org/b/76461 -->
+<script>
+if (location.search != '?reenter') {
+  if (window.layoutTestController) {
+    layoutTestController.dumpAsText();
+    layoutTestController.waitUntilDone();
+  }
+
+  webkitRequestFileSystem(TEMPORARY, 1024*1024,
+                          gotFS, onError.bind(null, 'requestFileSystem'));
+} else {
+  document.write('PASS');
+
+  if (window.layoutTestController)
+    layoutTestController.notifyDone();
+}
+
+function onError(msg, e) {
+  document.body.innerText = 'FAIL: ' + e.code + ' msg = ' + msg;
+  if (window.layoutTestController)
+    layoutTestController.notifyDone();
+}
+
+function gotFS(fs) {
+  fs.root.getFile('hoge', {create: true},
+                  gotEntry, onError.bind(null, 'getFile'));
+}
+
+function gotEntry(entry) {
+  // It should not cause a crash that calling FileEntry.file() while the page is unloading.
+  location.search = '?reenter';
+  entry.file(gotFile, onError.bind(null, 'file'));
+}
+
+function gotFile(file) {
+  // Ignore the result of FileEntry.file().
+}
+</script>

Modified: trunk/Source/WebCore/ChangeLog (114723 => 114724)


--- trunk/Source/WebCore/ChangeLog	2012-04-20 07:33:05 UTC (rev 114723)
+++ trunk/Source/WebCore/ChangeLog	2012-04-20 07:40:12 UTC (rev 114724)
@@ -1,3 +1,18 @@
+2012-04-20  Taiju Tsuiki  <t...@chromium.org>
+
+        DOMFileSystem::scheduleCallback() crashes on file() call after reload.
+        https://bugs.webkit.org/show_bug.cgi?id=76461
+
+        DOMFileSystem::scheduleCallback() is unavailable when the page in unloading, so we should
+        avoid using it in callback.
+
+        Reviewed by David Levin.
+
+        Test: fast/filesystem/file-after-reload-crash.html
+
+        * Modules/filesystem/DOMFileSystem.cpp:
+        (WebCore):
+
 2012-04-19  Sudarsana Nagineni  <sudarsana.nagin...@linux.intel.com>
 
         [EFL] Missing keycode translation for space key

Modified: trunk/Source/WebCore/Modules/filesystem/DOMFileSystem.cpp (114723 => 114724)


--- trunk/Source/WebCore/Modules/filesystem/DOMFileSystem.cpp	2012-04-20 07:33:05 UTC (rev 114723)
+++ trunk/Source/WebCore/Modules/filesystem/DOMFileSystem.cpp	2012-04-20 07:40:12 UTC (rev 114724)
@@ -133,7 +133,11 @@
     virtual void didReadMetadata(const FileMetadata& metadata)
     {
         ASSERT(!metadata.platformPath.isEmpty());
-        m_filesystem->scheduleCallback(m_successCallback.release(), File::createWithName(metadata.platformPath, m_name));
+        if (!m_successCallback)
+            return;
+
+        m_successCallback->handleEvent(File::createWithName(metadata.platformPath, m_name).get());
+        m_successCallback.release();
     }
 
 private:

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes