[Webkit-unassigned] [Bug 31626] [Qt] layoutTestController.notifyDone() not working when the frame was reloaded.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Nov 20 09:17:16 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=31626


Gabor Loki <loki at inf.u-szeged.hu> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |loki at inf.u-szeged.hu




--- Comment #12 from Gabor Loki <loki at inf.u-szeged.hu>  2009-11-20 09:17:15 PST ---
The root of the problem is that the QtInstance is destroyed before execution of
main JS is finished.

The following backtrace is produced before cti_op_get_by_id_method_check is
called for notifyDone().

backtrace:
#0  ~QtInstance (this=0x8159910) at
../../../WebCore/bridge/qt/qt_instance.cpp:93
#1  0xb697edbd in WTF::RefCounted<JSC::Bindings::Instance>::deref
(this=0x8159914) at ../../../JavaScriptCore/wtf/RefCounted.h:109
#2  0xb69aa4de in WTF::RefPtr<JSC::Bindings::Instance>::operator=
(this=0xb1e456ec, optr=0x0) at ../../../JavaScriptCore/wtf/RefPtr.h:132
#3  0xb69ab27c in JSC::RuntimeObjectImp::invalidate (this=0xb1e456c0) at
../../../WebCore/bridge/runtime_object.cpp:67
#4  0xb69b2c21 in JSC::Bindings::RootObject::invalidate (this=0x8159128) at
../../../WebCore/bridge/runtime_root.cpp:102
#5  0xb69893a5 in WebCore::ScriptController::clearScriptObjects
(this=0x80f8f1c) at ../../../WebCore/bindings/js/ScriptController.cpp:437
#6  0xb6d76683 in WebCore::FrameLoader::clear (this=0x80f8cac,
clearWindowProperties=true, clearScriptObjects=true, clearFrameView=true) at
../../../WebCore/loader/FrameLoader.cpp:723
#7  0xb6d76f99 in WebCore::FrameLoader::begin (this=0x80f8cac, url=@0x80f8dbc,
dispatch=true, origin=0x810b460) at ../../../WebCore/loader/FrameLoader.cpp:803
#8  0xb6d77b82 in WebCore::FrameLoader::replaceDocument (this=0x80f8cac,
html=@0xbfb717cc) at ../../../WebCore/loader/FrameLoader.cpp:678
#9  0xb699f599 in WebCore::ScriptController::executeIfJavaScriptURL
(this=0x80f8f1c, url=@0xbfb71888, userGesture=false, replaceDocument=true) at
../../../WebCore/bindings/ScriptControllerBase.cpp:83
#10 0xb6d8448d in WebCore::FrameLoader::requestFrame (this=0x80ba994,
ownerElement=0x80f8290, urlString=@0x80f82d0, frameName=@0x80f82d4) at
../../../WebCore/loader/FrameLoader.cpp:371

If the Instance is destroyed, we will not able to do the lookup in
JSC::RuntimeObjectImp::getOwnPropertySlot.

So, we should do something similar in bool FrameLoader::requestFrame what we
did for bool FrameLoader::requestFrame.

-    if (!scriptURL.isEmpty())
-        frame->script()->executeIfJavaScriptURL(scriptURL);
+    if (!scriptURL.isEmpty()) {
+        m_isExecutingJavaScriptFormAction = true;
+        frame->script()->executeIfJavaScriptURL(scriptURL, false, false);
+        m_isExecutingJavaScriptFormAction = false;
+    }

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list