RESOLVED FIXED 23949
HTMLSelectElement is in inconsistent state when handling mutation events 
https://bugs.webkit.org/show_bug.cgi?id=23949
Summary HTMLSelectElement is in inconsistent state when handling mutation events
Alexey Proskuryakov
Reported 2009-02-13 08:22:28 PST
HTMLSelectElement modification methods call setRecalcListItems() after the fact - but mutation event handlers need to see a consistent select state, too. This causes assertion failures. Patch is forthcoming.
Attachments
proposed fix (13.66 KB, patch)
2009-02-13 08:25 PST, Alexey Proskuryakov 		adele: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2009-02-13 08:25:28 PST
Created attachment 27662 [details] proposed fix
Darin Adler
Comment 2 2009-02-13 11:37:39 PST
Comment on attachment 27662 [details] proposed fix > bool HTMLOptGroupElement::insertBefore(PassRefPtr<Node> newChild, Node* refChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElement::insertBefore(newChild, refChild, ec, shouldLazyAttach); > - if (result) > - recalcSelectOptions(); > return result; > } > > bool HTMLOptGroupElement::replaceChild(PassRefPtr<Node> newChild, Node* oldChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElement::replaceChild(newChild, oldChild, ec, shouldLazyAttach); > - if (result) > - recalcSelectOptions(); > return result; > } > > bool HTMLOptGroupElement::removeChild(Node* oldChild, ExceptionCode& ec) > { > bool result = HTMLFormControlElement::removeChild(oldChild, ec); > - if (result) > - recalcSelectOptions(); > return result; > } > > bool HTMLOptGroupElement::appendChild(PassRefPtr<Node> newChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElement::appendChild(newChild, ec, shouldLazyAttach); > - if (result) > - recalcSelectOptions(); > return result; > } > > bool HTMLOptGroupElement::removeChildren() > { > bool result = HTMLFormControlElement::removeChildren(); > - if (result) > - recalcSelectOptions(); > return result; > } These overrides should all be removed entirely. > @@ -299,40 +295,30 @@ void HTMLSelectElement::restoreState(con > bool HTMLSelectElement::insertBefore(PassRefPtr<Node> newChild, Node* refChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElementWithState::insertBefore(newChild, refChild, ec, shouldLazyAttach); > - if (result) > - setRecalcListItems(); > return result; > } > > bool HTMLSelectElement::replaceChild(PassRefPtr<Node> newChild, Node *oldChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElementWithState::replaceChild(newChild, oldChild, ec, shouldLazyAttach); > - if (result) > - setRecalcListItems(); > return result; > } > > bool HTMLSelectElement::removeChild(Node* oldChild, ExceptionCode& ec) > { > bool result = HTMLFormControlElementWithState::removeChild(oldChild, ec); > - if (result) > - setRecalcListItems(); > return result; > } > > bool HTMLSelectElement::appendChild(PassRefPtr<Node> newChild, ExceptionCode& ec, bool shouldLazyAttach) > { > bool result = HTMLFormControlElementWithState::appendChild(newChild, ec, shouldLazyAttach); > - if (result) > - setRecalcListItems(); > return result; > } > > bool HTMLSelectElement::removeChildren() > { > bool result = HTMLFormControlElementWithState::removeChildren(); > - if (result) > - setRecalcListItems(); > return result; > } These too. I haven't reviewed the rest of the patch yet.
Alexey Proskuryakov
Comment 3 2009-02-13 11:53:06 PST
> These overrides should all be removed entirely. I'm actually adding code in these in bug 13287.
Alexey Proskuryakov
Comment 4 2009-03-15 01:43:37 PDT
Committed revision 41713.
Note You need to log in before you can comment on or make changes to this bug.