Skip to site navigation (Press enter)

[webkit-changes] [209791] trunk

utatane . tea Tue, 13 Dec 2016 22:22:32 -0800

Title: [209791] trunk

Revision: 209791
Author: [email protected]
Date: 2016-12-13 22:22:13 -0800 (Tue, 13 Dec 2016)

Log Message

ASSERTION FAILED: hasParserBlockingScript() seen with js/dom/modules/module-will-fire-beforeload.html
https://bugs.webkit.org/show_bug.cgi?id=164883


Reviewed by Ryosuke Niwa.

Source/WebCore:

This is *attempt to fix* patch since I cannot reproduce the crash reported in this issue.
One possible scenario of this crash is the following.

1. There is pending deferred scripts, that is not fetched yet.
2. Then, we start watching on the script. And stop document parser.
3. The document parser is stopped/detached by calling finishJSTest in beforeload.
4. At this critical timing, (2)'s script is fetched, and notifyFinished is called since it is watched.

In this patch, we ignore the script execution if the document parser is stopped / detached.
Previously, it goes into the wrong path. And it causes assertion failure.

* html/parser/HTMLDocumentParser.cpp:
(WebCore::HTMLDocumentParser::notifyFinished):

LayoutTests:

* platform/mac-wk2/TestExpectations:

Modified Paths

trunk/LayoutTests/ChangeLog
trunk/LayoutTests/platform/mac-wk2/TestExpectations
trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp

Diff

Modified: trunk/LayoutTests/ChangeLog (209790 => 209791)


--- trunk/LayoutTests/ChangeLog	2016-12-14 06:09:29 UTC (rev 209790)
+++ trunk/LayoutTests/ChangeLog	2016-12-14 06:22:13 UTC (rev 209791)
@@ -1,3 +1,12 @@
+2016-12-13  Yusuke Suzuki  <[email protected]>
+
+        ASSERTION FAILED: hasParserBlockingScript() seen with js/dom/modules/module-will-fire-beforeload.html
+        https://bugs.webkit.org/show_bug.cgi?id=164883
+
+        Reviewed by Ryosuke Niwa.
+
+        * platform/mac-wk2/TestExpectations:
+
 2016-12-13  Daniel Bates  <[email protected]>
 
         CSP: ws: and wss: blocked with connect-src *

Modified: trunk/LayoutTests/platform/mac-wk2/TestExpectations (209790 => 209791)


--- trunk/LayoutTests/platform/mac-wk2/TestExpectations	2016-12-14 06:09:29 UTC (rev 209790)
+++ trunk/LayoutTests/platform/mac-wk2/TestExpectations	2016-12-14 06:22:13 UTC (rev 209791)
@@ -604,8 +604,6 @@
 
 webkit.org/b/164870 [ Debug ] imported/w3c/web-platform-tests/IndexedDB/idbcursor_iterating.htm [ Pass Failure ]
 
-webkit.org/b/164884 [ Debug ] js/dom/modules/module-will-fire-beforeload.html [ Skip ]
-
 webkit.org/b/165352 fast/dom/Window/window-resize-contents.html [ Pass Timeout ]
 
 webkit.org/b/165392 [ ElCapitan Release ] imported/mathml-in-html5/mathml/presentation-markup/fractions/frac-parameters-1.html [ Pass Failure ]

Modified: trunk/Source/WebCore/ChangeLog (209790 => 209791)


--- trunk/Source/WebCore/ChangeLog	2016-12-14 06:09:29 UTC (rev 209790)
+++ trunk/Source/WebCore/ChangeLog	2016-12-14 06:22:13 UTC (rev 209791)
@@ -1,3 +1,24 @@
+2016-12-13  Yusuke Suzuki  <[email protected]>
+
+        ASSERTION FAILED: hasParserBlockingScript() seen with js/dom/modules/module-will-fire-beforeload.html
+        https://bugs.webkit.org/show_bug.cgi?id=164883
+
+        Reviewed by Ryosuke Niwa.
+
+        This is *attempt to fix* patch since I cannot reproduce the crash reported in this issue.
+        One possible scenario of this crash is the following.
+
+        1. There is pending deferred scripts, that is not fetched yet.
+        2. Then, we start watching on the script. And stop document parser.
+        3. The document parser is stopped/detached by calling finishJSTest in beforeload.
+        4. At this critical timing, (2)'s script is fetched, and notifyFinished is called since it is watched.
+
+        In this patch, we ignore the script execution if the document parser is stopped / detached.
+        Previously, it goes into the wrong path. And it causes assertion failure.
+
+        * html/parser/HTMLDocumentParser.cpp:
+        (WebCore::HTMLDocumentParser::notifyFinished):
+
 2016-12-13  Keith Rollin  <[email protected]>
 
         Memory warning logging appears to capture resident footprint, missing compress/swap.

Modified: trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp (209790 => 209791)


--- trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp	2016-12-14 06:09:29 UTC (rev 209790)
+++ trunk/Source/WebCore/html/parser/HTMLDocumentParser.cpp	2016-12-14 06:22:13 UTC (rev 209791)
@@ -521,6 +521,10 @@
     // but we need to ensure it isn't deleted yet.
     Ref<HTMLDocumentParser> protectedThis(*this);
 
+    // After Document parser is stopped or detached, the parser-inserted deferred script execution should be ignored.
+    if (isStopped())
+        return;
+
     ASSERT(m_scriptRunner);
     ASSERT(!isExecutingScript());
     if (isStopping()) {

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes