[webkit-changes] [147228] trunk

[japhet]

Title: [147228] trunk

Revision

147228

Author

jap...@chromium.org

Date

2013-03-29 11:10:42 -0700 (Fri, 29 Mar 2013)

Log Message

ASSERT d->m_defersLoading != defers on detik.com and drive.google.com
https://bugs.webkit.org/show_bug.cgi?id=111902

Reviewed by Alexey Proskuryakov.

Source/WebCore:

Test: http/tests/navigation/same-url-iframes-defer-crash.html

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::setDefersLoading): If multiple DocumentLoaders are
   using loading the same main resource, ensure only one of them can call
   ResourceLoader::setDefersLoading.

LayoutTests:

* http/tests/navigation/same-url-iframes-defer-crash-expected.txt: Added.
* http/tests/navigation/same-url-iframes-defer-crash.html: Added.

Modified Paths

• trunk/LayoutTests/ChangeLog
• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/loader/DocumentLoader.cpp

Added Paths

• trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash-expected.txt
• trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash.html

Diff

Modified: trunk/LayoutTests/ChangeLog (147227 => 147228)

--- trunk/LayoutTests/ChangeLog	2013-03-29 17:24:52 UTC (rev 147227)
+++ trunk/LayoutTests/ChangeLog	2013-03-29 18:10:42 UTC (rev 147228)
@@ -1,3 +1,13 @@
+2013-03-29  Nate Chapin  <jap...@chromium.org>
+
+        ASSERT d->m_defersLoading != defers on detik.com and drive.google.com
+        https://bugs.webkit.org/show_bug.cgi?id=111902
+
+        Reviewed by Alexey Proskuryakov.
+
+        * http/tests/navigation/same-url-iframes-defer-crash-expected.txt: Added.
+        * http/tests/navigation/same-url-iframes-defer-crash.html: Added.
+
 2013-03-29  Zoltan Arvai  <zar...@inf.u-szeged.hu>
 
         [Qt] Unreviewed gardneing. Updated png expected results after r146206.

Added: trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash-expected.txt (0 => 147228)

--- trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash-expected.txt	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash-expected.txt	2013-03-29 18:10:42 UTC (rev 147228)
@@ -0,0 +1,3 @@
+ALERT: PASS
+This tests that we can cause the Page to defer loading while loading the same resource in multiple iframes. In this test, the load deferral is because of a modal dialog via window.alert. We pass if we don't assert in debug.
+See https://bugs.webkit.org/show_bug.cgi?id=111902.  

Added: trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash.html (0 => 147228)

--- trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash.html	                        (rev 0)
+++ trunk/LayoutTests/http/tests/navigation/same-url-iframes-defer-crash.html	2013-03-29 18:10:42 UTC (rev 147228)
@@ -0,0 +1,11 @@
+<body>
+This tests that we can cause the Page to defer loading while loading the same resource in multiple iframes. In this test, the load deferral is because of a modal dialog via window.alert. We pass if we don't assert in debug.<br>
+See https://bugs.webkit.org/show_bug.cgi?id=111902.
+<iframe src=""
+<iframe src=""
+<script>
+if (window.testRunner)
+    testRunner.dumpAsText();
+alert("PASS");
+</script>
+</body>

Modified: trunk/Source/WebCore/ChangeLog (147227 => 147228)

--- trunk/Source/WebCore/ChangeLog	2013-03-29 17:24:52 UTC (rev 147227)
+++ trunk/Source/WebCore/ChangeLog	2013-03-29 18:10:42 UTC (rev 147228)
@@ -1,3 +1,17 @@
+2013-03-29  Nate Chapin  <jap...@chromium.org>
+
+        ASSERT d->m_defersLoading != defers on detik.com and drive.google.com
+        https://bugs.webkit.org/show_bug.cgi?id=111902
+
+        Reviewed by Alexey Proskuryakov.
+
+        Test: http/tests/navigation/same-url-iframes-defer-crash.html
+
+        * loader/DocumentLoader.cpp:
+        (WebCore::DocumentLoader::setDefersLoading): If multiple DocumentLoaders are
+           using loading the same main resource, ensure only one of them can call
+           ResourceLoader::setDefersLoading.
+
 2013-03-29  Vsevolod Vlasov  <vse...@chromium.org>
 
         Web Inspector: Content should not be lost when uiSourceCode's file was removed externally on file system.

Modified: trunk/Source/WebCore/loader/DocumentLoader.cpp (147227 => 147228)

--- trunk/Source/WebCore/loader/DocumentLoader.cpp	2013-03-29 17:24:52 UTC (rev 147227)
+++ trunk/Source/WebCore/loader/DocumentLoader.cpp	2013-03-29 18:10:42 UTC (rev 147228)
@@ -1286,8 +1286,12 @@
 
 void DocumentLoader::setDefersLoading(bool defers)
 {
-    if (mainResourceLoader())
+    // Multiple frames may be loading the same main resource simultaneously. If deferral state changes,
+    // each frame's DocumentLoader will try to send a setDefersLoading() to the same underlying ResourceLoader. Ensure only
+    // the "owning" DocumentLoader does so, as setDefersLoading() is not resilient to setting the same value repeatedly.
+    if (mainResourceLoader() && mainResourceLoader()->documentLoader() == this)
         mainResourceLoader()->setDefersLoading(defers);
+
     setAllDefersLoading(m_subresourceLoaders, defers);
     setAllDefersLoading(m_plugInStreamLoaders, defers);
     if (!defers)

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes