summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--third_party/WebKit/Source/core/dom/Document.cpp3
-rw-r--r--third_party/WebKit/Source/core/dom/Document.h9
-rw-r--r--third_party/WebKit/Source/core/frame/LocalFrame.cpp17
-rw-r--r--third_party/WebKit/Source/core/loader/FrameLoader.cpp8
4 files changed, 34 insertions, 3 deletions
diff --git a/third_party/WebKit/Source/core/dom/Document.cpp b/third_party/WebKit/Source/core/dom/Document.cpp
index f3d84ee..7d94d4e 100644
--- a/third_party/WebKit/Source/core/dom/Document.cpp
+++ b/third_party/WebKit/Source/core/dom/Document.cpp
@@ -375,6 +375,8 @@ private:
Document::Document(const DocumentInit& initializer, DocumentClassFlags documentClasses)
: ContainerNode(0, CreateDocument)
, TreeScope(*this)
+ , m_detachingDocumentLoader(false)
+ , m_loadEventProgress(LoadEventNotRun)
, m_hasNodesWithPlaceholderStyle(false)
, m_evaluateMediaQueriesOnStyleRecalc(false)
, m_pendingSheetLayout(NoLayoutWithPendingSheets)
@@ -408,7 +410,6 @@ Document::Document(const DocumentInit& initializer, DocumentClassFlags documentC
, m_markers(adoptPtrWillBeNoop(new DocumentMarkerController))
, m_updateFocusAppearanceTimer(this, &Document::updateFocusAppearanceTimerFired)
, m_cssTarget(nullptr)
- , m_loadEventProgress(LoadEventNotRun)
, m_startTime(currentTime())
, m_scriptRunner(ScriptRunner::create(this))
, m_xmlVersion("1.0")
diff --git a/third_party/WebKit/Source/core/dom/Document.h b/third_party/WebKit/Source/core/dom/Document.h
index 3d4aed0..18669f2 100644
--- a/third_party/WebKit/Source/core/dom/Document.h
+++ b/third_party/WebKit/Source/core/dom/Document.h
@@ -1043,6 +1043,9 @@ public:
WebTaskRunner* loadingTaskRunner() const;
WebTaskRunner* timerTaskRunner() const;
+ // TODO(bokan): Temporary to help track down crash in crbug.com/519752.
+ bool m_detachingDocumentLoader;
+
protected:
Document(const DocumentInit&, DocumentClassFlags = DefaultDocumentClass);
@@ -1147,6 +1150,10 @@ private:
void setNthIndexCache(NthIndexCache* nthIndexCache) { ASSERT(!m_nthIndexCache || !nthIndexCache); m_nthIndexCache = nthIndexCache; }
+ // TODO(bokan): Temporarily moved this to the top of memebers so it's likely
+ // to be included in a minidump memory region. crbug.com/519752
+ LoadEventProgress m_loadEventProgress;
+
DocumentLifecycle m_lifecycle;
bool m_hasNodesWithPlaceholderStyle;
@@ -1252,8 +1259,6 @@ private:
RawPtrWillBeMember<Element> m_cssTarget;
- LoadEventProgress m_loadEventProgress;
-
double m_startTime;
OwnPtrWillBeMember<ScriptRunner> m_scriptRunner;
diff --git a/third_party/WebKit/Source/core/frame/LocalFrame.cpp b/third_party/WebKit/Source/core/frame/LocalFrame.cpp
index 59127cc..d697f96 100644
--- a/third_party/WebKit/Source/core/frame/LocalFrame.cpp
+++ b/third_party/WebKit/Source/core/frame/LocalFrame.cpp
@@ -127,8 +127,25 @@ inline float parentTextZoomFactor(LocalFrame* frame)
} // namespace
+// TODO(bokan): Temporary to help track down crash in crbug.com/519752
+static void checkCanLoad(Document* doc)
+{
+ if (!doc)
+ return;
+
+ // I added this flag that gets set to true just before detaching the document loader. This
+ // should trip and will hopefully illuminate why the loadEventProgress state isn't stopping
+ // navigation.
+ RELEASE_ASSERT(!doc->m_detachingDocumentLoader);
+
+ checkCanLoad(doc->parentDocument());
+}
+
PassRefPtrWillBeRawPtr<LocalFrame> LocalFrame::create(FrameLoaderClient* client, FrameHost* host, FrameOwner* owner)
{
+ if (owner && owner->isLocal())
+ checkCanLoad(&toHTMLFrameOwnerElement(owner)->document());
+
RefPtrWillBeRawPtr<LocalFrame> frame = adoptRefWillBeNoop(new LocalFrame(client, host, owner));
InspectorInstrumentation::frameAttachedToParent(frame.get());
return frame.release();
diff --git a/third_party/WebKit/Source/core/loader/FrameLoader.cpp b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
index 2179214..fa81cce 100644
--- a/third_party/WebKit/Source/core/loader/FrameLoader.cpp
+++ b/third_party/WebKit/Source/core/loader/FrameLoader.cpp
@@ -1054,8 +1054,16 @@ bool FrameLoader::prepareForCommit()
if (pdl != m_provisionalDocumentLoader)
return false;
if (m_documentLoader) {
+ // TODO(bokan): Temporarily added this flag to help track down how we're attaching
+ // new frames during the DocumentLoader detachment. crbug.com/519752.
+ if (m_frame->document())
+ m_frame->document()->m_detachingDocumentLoader = true;
+
FrameNavigationDisabler navigationDisabler(m_frame);
detachDocumentLoader(m_documentLoader);
+
+ if (m_frame->document())
+ m_frame->document()->m_detachingDocumentLoader = false;
}
// detachFromFrame() will abort XHRs that haven't completed, which can
// trigger event listeners for 'abort'. These event listeners might detach
generated by cgit v1.1 at 2025-11-30 11:07:43 +0000