Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(22)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2102883002: Update FileSelectHelper to use RenderFrameHost notifications. (Closed)

Created:
4 years, 5 months ago by nasko
Modified:
4 years, 5 months ago
Reviewers:
Lei Zhang
CC:
chromium-reviews, site-isolation-reviews_chromium.org
Base URL:
https://chromium.googlesource.com/chromium/src.git@master
Target Ref:
refs/pending/heads/master
Project:
chromium
Visibility:
Public.

Description

Update FileSelectHelper to use RenderFrameHost notifications. The FileSelectHelper class is using RenderViewHost notifications to ensure it cleans up itself. However, as I moved it to use RenderFrameHost for file selection (but not directory enumeration yet), it opened it up to use-after-free conditions as it was not monitoring for those objects going away. This CL fixes that and adds a test to ensure it gets properly cleaned up when an iframe that requested the file chooser is removed. BUG=621076 Committed: https://crrev.com/f6a80acd01b832cbaa4ec5d77d213dcb73ba70e1 Cr-Commit-Position: refs/heads/master@{#402683}

Patch Set 1 #

Patch Set 2 : Fix class comment and a small fix. #

Total comments: 2

Patch Set 3 : Ensure main frame and subframe are same SiteInstance. #

Patch Set 4 : Remove unneeded cleanup calls and disable test while investigating. #

Total comments: 1

Patch Set 5 : Comment on why test is disabled. #

Unified diffs Side-by-side diffs Delta from patch set Stats (+75 lines, -27 lines) Patch
M chrome/browser/file_select_helper.h View 1 3 chunks +11 lines, -10 lines 0 comments Download
M chrome/browser/file_select_helper.cc View 1 2 3 8 chunks +23 lines, -17 lines 0 comments Download
M chrome/browser/file_select_helper_mac.mm View 1 chunk +1 line, -1 line 0 comments Download
M chrome/browser/iframe_browsertest.cc View 1 2 3 4 2 chunks +41 lines, -0 lines 0 comments Download
A + chrome/test/data/file_input.html View 0 chunks +-1 lines, --1 lines 0 comments Download

Messages

Total messages: 22 (8 generated)
nasko
Hey Lei, Can you review this CL for me? It fixes an use-after-free bug I ...
4 years, 5 months ago (2016-06-27 23:24:47 UTC) #2
Lei Zhang
lgtm https://codereview.chromium.org/2102883002/diff/20001/chrome/browser/iframe_browsertest.cc File chrome/browser/iframe_browsertest.cc (right): https://codereview.chromium.org/2102883002/diff/20001/chrome/browser/iframe_browsertest.cc#newcode50 chrome/browser/iframe_browsertest.cc:50: // Note: For the bug to occur, the ...
4 years, 5 months ago (2016-06-27 23:32:26 UTC) #3
nasko
https://codereview.chromium.org/2102883002/diff/20001/chrome/browser/iframe_browsertest.cc File chrome/browser/iframe_browsertest.cc (right): https://codereview.chromium.org/2102883002/diff/20001/chrome/browser/iframe_browsertest.cc#newcode50 chrome/browser/iframe_browsertest.cc:50: // Note: For the bug to occur, the parent ...
4 years, 5 months ago (2016-06-27 23:49:00 UTC) #4
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2102883002/40001
4 years, 5 months ago (2016-06-27 23:50:22 UTC) #6
commit-bot: I haz the power
Try jobs failed on following builders: linux_chromium_asan_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/184159)
4 years, 5 months ago (2016-06-28 02:19:59 UTC) #8
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2102883002/40001
4 years, 5 months ago (2016-06-28 05:01:01 UTC) #10
Lei Zhang
On 2016/06/28 02:19:59, commit-bot: I haz the power wrote: > Try jobs failed on following ...
4 years, 5 months ago (2016-06-28 05:02:06 UTC) #11
commit-bot: I haz the power
Try jobs failed on following builders: linux_chromium_asan_rel_ng on master.tryserver.chromium.linux (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_asan_rel_ng/builds/184230)
4 years, 5 months ago (2016-06-28 06:34:53 UTC) #13
nasko
Hey Lei, I've disabled the test until I can investigate why the memory leak is ...
4 years, 5 months ago (2016-06-28 21:38:57 UTC) #14
Lei Zhang
That's unfortunate, but sure. Let's land it and keep an eye out for crash reports. ...
4 years, 5 months ago (2016-06-28 22:00:56 UTC) #15
nasko
Comment added.
4 years, 5 months ago (2016-06-28 22:15:38 UTC) #16
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2102883002/80001
4 years, 5 months ago (2016-06-28 23:37:29 UTC) #19
commit-bot: I haz the power
Committed patchset #5 (id:80001)
4 years, 5 months ago (2016-06-29 02:37:18 UTC) #20
commit-bot: I haz the power
4 years, 5 months ago (2016-06-29 02:40:36 UTC) #22
Message was sent while issue was closed. 
Patchset 5 (id:??) landed as
https://crrev.com/f6a80acd01b832cbaa4ec5d77d213dcb73ba70e1
Cr-Commit-Position: refs/heads/master@{#402683}

Powered by Google App Engine
This is Rietveld 408576698