Another attempt to reduce the number of false positive crashes reported in ChromeFrame. There appear to be a number of crashes

caused when we wrap the bind status callback and call the underlying IMoniker::BindToStorage function. The crashes occur because of urlmon calling into dlls which have been unloaded. Fix is to use the exception barrier version which only reports crashes which occur directly in chrome frame in our BindtoStorage call and to use the generic ExceptionBarrier in our bind status callback wrapper before calling out to the underlying callback. Fixes bug http://code.google.com/p/chromium/issues/detail?id=43373 Bug=43373 Review URL: http://codereview.chromium.org/2002009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@46742 0039d316-1c4b-4281-b951-d872f2087c98
author: ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-05-07 21:59:44 +0000
committer: ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2010-05-07 21:59:44 +0000
commit: e7dd215464a368a2a0f4f4880dccf15597341064 (patch)
tree: 4d945a742ad4ccc1c0aa65727b03b3e93b160ea0
parent: fd6892786a0d63a0b16606f1e8b9582f0f2adc87 (diff)
download: chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.zip
chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.tar.gz
chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.tar.bz2
2 files changed, 17 insertions, 8 deletions
diff --git a/chrome_frame/urlmon_bind_status_callback.cc b/chrome_frame/urlmon_bind_status_callback.cc
index 8fb6ebd..b6d7c15 100644
--- a/chrome_frame/urlmon_bind_status_callback.cc
+++ b/chrome_frame/urlmon_bind_status_callback.cc
@@ -12,6 +12,7 @@
 #include "base/utf_string_conversions.h"
 
 #include "chrome_frame/bind_context_info.h"
+#include "chrome_frame/exception_barrier.h"
 #include "chrome_frame/urlmon_moniker.h"
 #include "chrome_tab.h"  // NOLINT
 
@@ -216,6 +217,10 @@ STDMETHODIMP BSCBStorageBind::OnProgress(ULONG progress, ULONG progress_max,
                                     ULONG status_code, LPCWSTR status_text) {
   DLOG(INFO) << __FUNCTION__ << me() << StringPrintf(" status=%i tid=%i %ls",
       status_code, PlatformThread::CurrentId(), status_text);
+  // Report all crashes in the exception handler if we wrap the callback.
+  // Note that this avoids having the VEH report a crash if an SEH earlier in
+  // the chain handles the exception.
+  ExceptionBarrier barrier;
 
   HRESULT hr = S_OK;
 
@@ -247,7 +252,10 @@ STDMETHODIMP BSCBStorageBind::OnDataAvailable(DWORD flags, DWORD size,
                                               STGMEDIUM* stgmed) {
   DLOG(INFO) << __FUNCTION__ << StringPrintf(" tid=%i",
       PlatformThread::CurrentId());
-
+  // Report all crashes in the exception handler if we wrap the callback.
+  // Note that this avoids having the VEH report a crash if an SEH earlier in
+  // the chain handles the exception.
+  ExceptionBarrier barrier;
   // Do not touch anything other than text/html.
   bool is_interesting = (format_etc && stgmed && stgmed->pstm &&
       stgmed->tymed == TYMED_ISTREAM &&
@@ -287,6 +295,11 @@ STDMETHODIMP BSCBStorageBind::OnDataAvailable(DWORD flags, DWORD size,
 STDMETHODIMP BSCBStorageBind::OnStopBinding(HRESULT hresult, LPCWSTR error) {
   DLOG(INFO) << __FUNCTION__ << StringPrintf(" tid=%i",
       PlatformThread::CurrentId());
+  // Report all crashes in the exception handler if we wrap the callback.
+  // Note that this avoids having the VEH report a crash if an SEH earlier in
+  // the chain handles the exception.
+  ExceptionBarrier barrier;
+
   HRESULT hr = MayPlayBack(BSCF_LASTDATANOTIFICATION);
   hr = CallbackImpl::OnStopBinding(hresult, error);
   ReleaseBind();
diff --git a/chrome_frame/urlmon_moniker.cc b/chrome_frame/urlmon_moniker.cc
index cc9d6a8..6a3910b 100644
--- a/chrome_frame/urlmon_moniker.cc
+++ b/chrome_frame/urlmon_moniker.cc
@@ -209,6 +209,9 @@ HRESULT MonikerPatch::BindToStorage(IMoniker_BindToStorage_Fn original,
                                     IMoniker* to_left, REFIID iid, void** obj) {
   DCHECK(to_left == NULL);
 
+  // Report a crash if the crash is in our own module.
+  ExceptionBarrierReportOnlyModule barrier;
+
   HRESULT hr = S_OK;
   CComObject<BSCBStorageBind>* callback = NULL;
   if (ShouldWrapCallback(me, iid, bind_ctx)) {
@@ -216,15 +219,8 @@ HRESULT MonikerPatch::BindToStorage(IMoniker_BindToStorage_Fn original,
     callback->AddRef();
     hr = callback->Initialize(me, bind_ctx);
     DCHECK(SUCCEEDED(hr));
-
-    // Report all crashes in the exception handler if we wrap the callback.
-    // Note that this avoids having the VEH report a crash if an SEH earlier in
-    // the chain handles the exception.
-    ExceptionBarrier barrier;
     hr = original(me, bind_ctx, to_left, iid, obj);
   } else {
-    // If we don't wrap, only report a crash if the crash is in our own module.
-    ExceptionBarrierReportOnlyModule barrier;
     hr = original(me, bind_ctx, to_left, iid, obj);
   }
author	ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-05-07 21:59:44 +0000
committer	ananta@chromium.org <ananta@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2010-05-07 21:59:44 +0000
commit	e7dd215464a368a2a0f4f4880dccf15597341064 (patch)
tree	4d945a742ad4ccc1c0aa65727b03b3e93b160ea0
parent	fd6892786a0d63a0b16606f1e8b9582f0f2adc87 (diff)
download	chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.zip chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.tar.gz chromium_src-e7dd215464a368a2a0f4f4880dccf15597341064.tar.bz2