WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
NEW
68859
ASSERT(!m_styleSheets->length()) can be easily hit when playing with document.open
https://bugs.webkit.org/show_bug.cgi?id=68859
Summary
ASSERT(!m_styleSheets->length()) can be easily hit when playing with document...
Julien Chaffraix
Reported
2011-09-26 18:18:32 PDT
Kind of a follow up of
bug 60935
, the ASSERT that was not removed is actually hit on
bug 64284
. Instead of fixing both issues from the previous bug at the same time, I thought it would be better to provide remove the ASSERT first as it may be controversial. Patch on his way.
Attachments
Proposed removal.
(3.65 KB, patch)
2011-09-26 18:38 PDT
,
Julien Chaffraix
no flags
Details
Formatted Diff
Diff
Tweaked the ASSERT to not trigger in this case as it is too fragile. Added a comment about the fix.
(4.73 KB, patch)
2011-10-06 14:35 PDT
,
Julien Chaffraix
jchaffraix
: review-
Details
Formatted Diff
Diff
Show Obsolete
(1)
View All
Add attachment
proposed patch, testcase, etc.
Julien Chaffraix
Comment 1
2011-09-26 18:38:30 PDT
Created
attachment 108774
[details]
Proposed removal.
Alexey Proskuryakov
Comment 2
2011-09-26 20:14:32 PDT
Comment on
attachment 108774
[details]
Proposed removal. View in context:
https://bugs.webkit.org/attachment.cgi?id=108774&action=review
Hmm, but isn't this assertion catching a bug here? Stylesheets should have a matching compatibility mode AFAICT.
> LayoutTests/fast/parser/append-style-followed-by-close.html:7 > + layoutTestController.waitUntilDone();
No need for waitUntilDone() - onload is called before DRT automatically dumps results.
Darin Adler
Comment 3
2011-09-26 20:32:46 PDT
Comment on
attachment 108774
[details]
Proposed removal. View in context:
https://bugs.webkit.org/attachment.cgi?id=108774&action=review
> Source/WebCore/dom/Document.cpp:-682 > - ASSERT(!m_styleSheets->length());
What was the rationale of the original assertion? I assume it’s asserting because if there are style sheets they might have to be processed again to handle the compatibility mode properly. So if we are removing the assertion it seems we might have to add code that does something to cause the style sheets to be processed again. It’s fairly common to assert something like this to emphasize that there is no work to be done. Work that otherwise we might need to have code to accomplish. Or maybe the assertion was completely spurious with no value. We should find out.
Julien Chaffraix
Comment 4
2011-09-27 09:07:19 PDT
Comment on
attachment 108774
[details]
Proposed removal. View in context:
https://bugs.webkit.org/attachment.cgi?id=108774&action=review
>> LayoutTests/fast/parser/append-style-followed-by-close.html:7 >> + layoutTestController.waitUntilDone(); > > No need for waitUntilDone() - onload is called before DRT automatically dumps results.
I would have agreed with you before writing the test. If you don't put waitUntilDone, you don't dump the alert() on Chromium. As the test is not slow, there seems to be some race-condition (seen only under NRWT not under plain DRT) but I did not investigate it.
>> Source/WebCore/dom/Document.cpp:-682 >> - ASSERT(!m_styleSheets->length()); > > What was the rationale of the original assertion? I assume it’s asserting because if there are style sheets they might have to be processed again to handle the compatibility mode properly. So if we are removing the assertion it seems we might have to add code that does something to cause the style sheets to be processed again. > > It’s fairly common to assert something like this to emphasize that there is no work to be done. Work that otherwise we might need to have code to accomplish. > > Or maybe the assertion was completely spurious with no value. > > We should find out.
The ASSERT was added in
bug 44788
- implement HTML5-compliant doctype switching - as a way to catch what any already processed stylesheet. The goal was to underline what you said (that we did not have to reprocess some of the stylesheets). The default Document's parser will not hit the ASSERT: per HTML5's parsing algorithm, it would have changed the tree builder's state if it sees any <style> element. However any series of document.open, document.addChild, document.close would trigger it. I bet there are other examples if you start mixing up some parsing + document.addChild from JS. Under those assumptions, it seemed fine to remove it. Another way would be to loosen it to skip the check for a JS-created parser (likely with a comment saying that we would need to have a reparsing phase in this case).
Julien Chaffraix
Comment 5
2011-10-04 11:01:31 PDT
Comment on
attachment 108774
[details]
Proposed removal. Clearing the review flag while I find another way to handle the ASSERT.
Julien Chaffraix
Comment 6
2011-10-06 10:54:46 PDT
Renaming the bug as the consensus is that the ASSERT should be kept and my assumptions were wrong.
Julien Chaffraix
Comment 7
2011-10-06 14:35:46 PDT
Created
attachment 110024
[details]
Tweaked the ASSERT to not trigger in this case as it is too fragile. Added a comment about the fix.
Julien Chaffraix
Comment 8
2011-11-03 15:14:16 PDT
Comment on
attachment 110024
[details]
Tweaked the ASSERT to not trigger in this case as it is too fragile. Added a comment about the fix. Looking again at the patch, I thought it was blocking some testing for the associated crasher but it's possible to work around the ASSERT by enabling the test only in Release. Under this light, the patch is not not a good change as we lose coverage for a potentially bad situation. I will just progress with the other bug and use this one for the ASSERT failure.
mitz
Comment 9
2012-02-23 21:25:46 PST
I disabled a test that was failing this assertion in<
http://trac.webkit.org/r108725
>.
Julien Chaffraix
Comment 10
2012-02-24 10:20:05 PST
***
Bug 51793
has been marked as a duplicate of this bug. ***
Julien Chaffraix
Comment 11
2012-02-24 10:23:20 PST
***
Bug 75135
has been marked as a duplicate of this bug. ***
Hao Zheng
Comment 12
2012-06-19 00:55:55 PDT
***
Bug 89441
has been marked as a duplicate of this bug. ***
Eric Seidel (no email)
Comment 13
2012-06-19 06:51:28 PDT
Comment on
attachment 110024
[details]
Tweaked the ASSERT to not trigger in this case as it is too fragile. Added a comment about the fix. View in context:
https://bugs.webkit.org/attachment.cgi?id=110024&action=review
> Source/WebCore/dom/Document.cpp:684 > + // in ways that are unknown to the parser (like manually inserting stylesheets). FIXME: To solve this issue
This reminded me of this comment:
http://trac.webkit.org/browser/trunk/Source/WebCore/css/StyleResolver.cpp#L410
Marking the document's style-resolver as needing recalc will cause it to reparse sheets I think. I suspect clearPageUserSheet, etc. have that effect already (but I have not confirmed).
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug