HistoryConroller::m_currentItem can sometimes be null for a fully loaded frame This should not be possible, and it causes the following problems: 1) Unable to save form and scrollbar state 2) Unable to support history.replaceState method I'll attach a test case that shows at least one way for m_currentItem to be null.
Created attachment 51365 [details] testcase
Another testcase looks like that (Qt, C++ code): QWebPage page; page.mainFrame->setHtml("..."); Documentation of the QWebFrane::setHtml contains a note: "This method will not affect session or global history for the frame". As the setHtml doesn't affect a history it is really easy to assert/crash on a history opertions (for example pushState). It seems that we can't assume that m_currentItem or m_previousItem are always set after frame got loaded. I'm linking the bug to 38840.
*** This bug has been marked as a duplicate of bug 252944 ***