Skip to site navigation (Press enter)

[webkit-changes] [93871] trunk/Source/WebCore

gavinp Fri, 26 Aug 2011 06:15:10 -0700

Title: [93871] trunk/Source/WebCore

Revision: 93871
Author: gav...@chromium.org
Date: 2011-08-26 06:15:00 -0700 (Fri, 26 Aug 2011)

Log Message

add a state enumeration to track down cause of null CachedScript execution
https://bugs.webkit.org/show_bug.cgi?id=66939


Reviewed by Alexey Proskuryakov.

Over in http://code.google.com/p/chromium/issues/detail?id=75604 I
have a bug I cannot reproduce.  I added an earlier crash in
https://bugs.webkit.org/show_bug.cgi?id=65563 , and we've since
gotten many good stacks, all coming in through a failed request that
eventually calls notifyFinished() on a ScriptElement with a NULL
m_cachedScript.

I'd like to know how this got NULL.  This enumeration should let
me find that in stack dumps from reproductions.

No new tests, as my goal here is to get telemetry on a bug that I cannot reproduce.

* dom/ScriptElement.cpp:
(WebCore::ScriptElement::ScriptElement):
(WebCore::ScriptElement::requestScript):
(WebCore::ScriptElement::stopLoadRequest):
(WebCore::ScriptElement::notifyFinished):
* dom/ScriptElement.h:

Modified Paths

trunk/Source/WebCore/ChangeLog
trunk/Source/WebCore/dom/ScriptElement.cpp
trunk/Source/WebCore/dom/ScriptElement.h

Diff

Modified: trunk/Source/WebCore/ChangeLog (93870 => 93871)


--- trunk/Source/WebCore/ChangeLog	2011-08-26 13:12:48 UTC (rev 93870)
+++ trunk/Source/WebCore/ChangeLog	2011-08-26 13:15:00 UTC (rev 93871)
@@ -1,3 +1,29 @@
+2011-08-26  Gavin Peters  <gav...@chromium.org>
+
+        add a state enumeration to track down cause of null CachedScript execution
+        https://bugs.webkit.org/show_bug.cgi?id=66939
+
+        Reviewed by Alexey Proskuryakov.
+
+        Over in http://code.google.com/p/chromium/issues/detail?id=75604 I
+        have a bug I cannot reproduce.  I added an earlier crash in
+        https://bugs.webkit.org/show_bug.cgi?id=65563 , and we've since
+        gotten many good stacks, all coming in through a failed request that
+        eventually calls notifyFinished() on a ScriptElement with a NULL
+        m_cachedScript.
+
+        I'd like to know how this got NULL.  This enumeration should let
+        me find that in stack dumps from reproductions.
+
+        No new tests, as my goal here is to get telemetry on a bug that I cannot reproduce.
+
+        * dom/ScriptElement.cpp:
+        (WebCore::ScriptElement::ScriptElement):
+        (WebCore::ScriptElement::requestScript):
+        (WebCore::ScriptElement::stopLoadRequest):
+        (WebCore::ScriptElement::notifyFinished):
+        * dom/ScriptElement.h:
+
 2011-08-26  Mike Reed  <r...@google.com>
 
         [skia] never draw with GDI, so that all text can be gpu-accelerated

Modified: trunk/Source/WebCore/dom/ScriptElement.cpp (93870 => 93871)


--- trunk/Source/WebCore/dom/ScriptElement.cpp	2011-08-26 13:12:48 UTC (rev 93870)
+++ trunk/Source/WebCore/dom/ScriptElement.cpp	2011-08-26 13:15:00 UTC (rev 93871)
@@ -64,6 +64,7 @@
     , m_willExecuteWhenDocumentFinishedParsing(false)
     , m_forceAsync(!parserInserted)
     , m_willExecuteInOrder(false)
+    , m_cachedScriptState(NeverSet)
 {
     ASSERT(m_element);
 }
@@ -258,8 +259,11 @@
     m_cachedScript = m_element->document()->cachedResourceLoader()->requestScript(request, scriptCharset());
     m_isExternalScript = true;
 
-    if (m_cachedScript)
+    if (m_cachedScript) {
+        ASSERT(m_cachedScriptState == NeverSet);
+        m_cachedScriptState = Set;
         return true;
+    }
 
     dispatchErrorEvent();
     return false;
@@ -295,6 +299,8 @@
     if (m_cachedScript) {
         if (!m_willBeParserExecuted)
             m_cachedScript->removeClient(this);
+        ASSERT(m_cachedScriptState == Set);
+        m_cachedScriptState = ZeroedInStopLoadRequest;
         m_cachedScript = 0;
     }
 }
@@ -320,6 +326,9 @@
         m_element->document()->scriptRunner()->notifyInOrderScriptReady();
     else
         m_element->document()->scriptRunner()->queueScriptForExecution(this, m_cachedScript, ScriptRunner::ASYNC_EXECUTION);
+
+    ASSERT(m_cachedScriptState == Set);
+    m_cachedScriptState = ZeroedInNotifyFinished;
     m_cachedScript = 0;
 }

Modified: trunk/Source/WebCore/dom/ScriptElement.h (93870 => 93871)


--- trunk/Source/WebCore/dom/ScriptElement.h	2011-08-26 13:12:48 UTC (rev 93870)
+++ trunk/Source/WebCore/dom/ScriptElement.h	2011-08-26 13:15:00 UTC (rev 93871)
@@ -104,6 +104,15 @@
     bool m_willExecuteInOrder : 1;
     String m_characterEncoding;
     String m_fallbackCharacterEncoding;
+    
+    // Temporary: intended to help debug how we get notifyFinished() called when m_cachedScript is null,
+    // which seems to sometimes happen (see http://code.google.com/p/chromium/issues/detail?id=75604 )
+    enum {
+      NeverSet,
+      Set,
+      ZeroedInStopLoadRequest,
+      ZeroedInNotifyFinished,
+    } m_cachedScriptState;
 };
 
 ScriptElement* toScriptElement(Element*);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes