Bug 63835

Summary:

WorkerScriptLoader::notifyFinished() ASSERTs on re-entry

Product:

WebKit

Reporter:

Nate Chapin <japhet>

Component:

WebCore Misc.

Assignee:

Nate Chapin <japhet>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

dimich, levin, webkit.review.bot

Priority:

Version:

528+ (Nightly build)

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

Bug Blocks:

62066

Attachments:

Description	Flags
patch	none

Description Nate Chapin 2011-07-01 12:54:15 PDT

Specifically, WorkerScriptLoader::notifyFinished() will lead to unsetPendingAcitivity() being called for its ActiveDOMObject client.   If it re-enters, activity is unset twice and we assert.

Comment 1 Nate Chapin 2011-07-01 12:57:03 PDT

Created attachment 99509 [details]
patch

Comment 2 Dmitry Titov 2011-07-01 14:07:58 PDT

Comment on attachment 99509 [details]
patch

r=me. Could you please add a description of a scenario when re-entrance happens in this bug? To document the case.

Comment 3 Nate Chapin 2011-07-01 14:08:26 PDT

(In reply to comment #2)
> (From update of attachment 99509 [details])
> r=me. Could you please add a description of a scenario when re-entrance happens in this bug? To document the case.

The sequence that causes this re-entrancy is:
* WorkerScriptLoader fails, Worker::notifyFinished() is called.
* notifyFinished() calls unsetPendingActivity() and fires the Worker's error event.
* The error event cancels the load (e.g., window.stop).  This causes DocumentLoader to cancel all SubresourceLoaders.
* The WorkerScriptLoader's SubresourceLoader hasn't been removed from the DocumentLoader's list yet, so it is cancelled again, causing unsetPendingActivity() to be called a second time.

Comment 4 WebKit Review Bot 2011-07-01 15:06:20 PDT

Comment on attachment 99509 [details]
patch

Clearing flags on attachment: 99509

Committed r90284: <http://trac.webkit.org/changeset/90284>

Comment 5 WebKit Review Bot 2011-07-01 15:06:24 PDT

All reviewed patches have been landed.  Closing bug.