Bug 87746

Summary: [Chromium] Remove assertions on state in Prerender.cpp
Product: WebKit Reporter: Gavin Peters <gavinp>
Component: New BugsAssignee: Gavin Peters <gavinp>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, cbentzel, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Gavin Peters
Reported 2012-05-29 07:53:47 PDT
Remove aassertions on state in Prerender.cpp
Attachments
Patch (4.22 KB, patch)
2012-05-29 07:58 PDT, Gavin Peters 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Gavin Peters
Comment 1 2012-05-29 07:58:00 PDT
Created attachment 144559 [details] Patch
Gavin Peters
Comment 2 2012-05-29 08:01:37 PDT
Comment on attachment 144559 [details] Patch abarth, WDYT? I'm most interested in knowing if I was really overzealous with my assertions like I thought: the alternative is that something freaky is happen by calling HTMLElement::removedFromDocument() after the DOM is stopped.
Adam Barth
Comment 3 2012-05-29 15:59:02 PDT
Comment on attachment 144559 [details] Patch I talked with Gavin directly abou this patch. Here's what I said: [[[ Yes, that's entirely possible. The way this can happen is you take a reference to a DOM node in an iframe and then either navigate to iframe to a new URL or remove the iframe from the DOM entirely. Now, stop() will be called on the DOM node, but it will still be in the DOM tree. You can then remove it from the DOM tree using removeChild. ]]] He's going to write a test for this in the Chromium repo where it can be an end-to-end test. Ideally, we'd have a LayoutTest too, but Gavin tells me that there's not enough of the prerendering machinery in DumpRenderTree for that to be a meaningful test. Gavin, once you add the test to Chromium, can you include a link in this bug?
WebKit Review Bot
Comment 4 2012-05-29 16:08:06 PDT
Comment on attachment 144559 [details] Patch Clearing flags on attachment: 144559 Committed r118848: <http://trac.webkit.org/changeset/118848>
WebKit Review Bot
Comment 5 2012-05-29 16:08:11 PDT
All reviewed patches have been landed. Closing bug.
Gavin Peters
Comment 6 2012-05-31 10:34:41 PDT
I opted to add enough machinery to DumpRenderTree to let this be tested; see https://bugs.webkit.org/show_bug.cgi?id=87860 for the new Mocks and the layout test for this issue.
Note You need to log in before you can comment on or make changes to this bug.