[Webkit-unassigned] [Bug 31626] [Qt] layoutTestController.notifyDone() not working when the frame was reloaded.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Nov 20 19:35:00 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=31626





--- Comment #15 from Antonio Gomes (tonikitoo) <tonikitoo at webkit.org>  2009-11-20 19:35:00 PST ---
@keneth, nice investigation.
@gabor, good catch.
@andras, this is the exactly root of the CONSOLE MESSAGE error we were seeing
...

(In reply to comment #12)
> The root of the problem is that the QtInstance is destroyed before execution of
> main JS is finished.
> 
> The following backtrace is produced before cti_op_get_by_id_method_check is
> called for notifyDone().
> 
> backtrace:
> #0  ~QtInstance (this=0x8159910) at
> ../../../WebCore/bridge/qt/qt_instance.cpp:93
> #1  0xb697edbd in WTF::RefCounted<JSC::Bindings::Instance>::deref
> (this=0x8159914) at ../../../JavaScriptCore/wtf/RefCounted.h:109
> #2  0xb69aa4de in WTF::RefPtr<JSC::Bindings::Instance>::operator=
> (this=0xb1e456ec, optr=0x0) at ../../../JavaScriptCore/wtf/RefPtr.h:132
> #3  0xb69ab27c in JSC::RuntimeObjectImp::invalidate (this=0xb1e456c0) at
> ../../../WebCore/bridge/runtime_object.cpp:67
> #4  0xb69b2c21 in JSC::Bindings::RootObject::invalidate (this=0x8159128) at
> ../../../WebCore/bridge/runtime_root.cpp:102
> #5  0xb69893a5 in WebCore::ScriptController::clearScriptObjects
> (this=0x80f8f1c) at ../../../WebCore/bindings/js/ScriptController.cpp:437
> #6  0xb6d76683 in WebCore::FrameLoader::clear (this=0x80f8cac,
> clearWindowProperties=true, clearScriptObjects=true, clearFrameView=true) at
> ../../../WebCore/loader/FrameLoader.cpp:723
> #7  0xb6d76f99 in WebCore::FrameLoader::begin (this=0x80f8cac, url=@0x80f8dbc,
> dispatch=true, origin=0x810b460) at ../../../WebCore/loader/FrameLoader.cpp:803
> #8  0xb6d77b82 in WebCore::FrameLoader::replaceDocument (this=0x80f8cac,
> html=@0xbfb717cc) at ../../../WebCore/loader/FrameLoader.cpp:678
> #9  0xb699f599 in WebCore::ScriptController::executeIfJavaScriptURL
> (this=0x80f8f1c, url=@0xbfb71888, userGesture=false, replaceDocument=true) at
> ../../../WebCore/bindings/ScriptControllerBase.cpp:83
> #10 0xb6d8448d in WebCore::FrameLoader::requestFrame (this=0x80ba994,
> ownerElement=0x80f8290, urlString=@0x80f82d0, frameName=@0x80f82d4) at
> ../../../WebCore/loader/FrameLoader.cpp:371
> 
> If the Instance is destroyed, we will not able to do the lookup in
> JSC::RuntimeObjectImp::getOwnPropertySlot.
> 
> So, we should do something similar in bool FrameLoader::requestFrame what we
> did for bool FrameLoader::requestFrame.
> 
> -    if (!scriptURL.isEmpty())
> -        frame->script()->executeIfJavaScriptURL(scriptURL);
> +    if (!scriptURL.isEmpty()) {
> +        m_isExecutingJavaScriptFormAction = true;
> +        frame->script()->executeIfJavaScriptURL(scriptURL, false, false);
> +        m_isExecutingJavaScriptFormAction = false;
> +    }

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list