- Revision
- 90779
- Author
- yi.4.s...@nokia.com
- Date
- 2011-07-11 12:33:32 -0700 (Mon, 11 Jul 2011)
Log Message
[Qt] ASSERTION FAILED in ResourceHandle::setDefersLoading causes crash
https://bugs.webkit.org/show_bug.cgi?id=62808
Source/WebCore:
Reviewed by Benjamin Poulain.
The assertion in ResourceHandle::setDefersLoading assumes asynchronous
content delivery -- To resume a page, first, its main resource loader
calls setDefersLoading to resume loading the main content; then all the
sub-resource loaders calls setDefersLoading to resume sub-contents.
However, since QNetworkReplyHandler delivers content synchronously,
some new sub-resource loaders get created as soon as the main resource
loader resumed, and all these new sub-resource loaders set their
defersLoading flag to false. Then, the assertion fails for these new
sub-resource loaders when calling setDefersLoading on them. As a fix,
this path makes QNetworkReplyHandler deliver content asynchronously.
Test: loader/load-defer-resume-crash.html
* platform/network/qt/QNetworkReplyHandler.cpp:
(WebCore::QNetworkReplyHandlerCallQueue::setDeferSignals):
* platform/network/qt/QNetworkReplyHandler.h:
LayoutTests:
Added a test for the crash occurs when load deferring is turned off.
Reviewed by Benjamin Poulain.
* loader/load-defer-resume-crash-expected.txt: Added.
* loader/load-defer-resume-crash.html: Added.
* loader/resources/images.html: Added.
* platform/chromium/test_expectations.txt: Skip this test since the LayoutTestController::setDefersLoading is not implemented for chromium.
Modified Paths
Added Paths
Diff
Modified: trunk/LayoutTests/ChangeLog (90778 => 90779)
--- trunk/LayoutTests/ChangeLog 2011-07-11 19:20:49 UTC (rev 90778)
+++ trunk/LayoutTests/ChangeLog 2011-07-11 19:33:32 UTC (rev 90779)
@@ -1,3 +1,17 @@
+2011-07-11 Yi Shen <yi.4.s...@nokia.com>
+
+ [Qt] ASSERTION FAILED in ResourceHandle::setDefersLoading causes crash
+ https://bugs.webkit.org/show_bug.cgi?id=62808
+
+ Added a test for the crash occurs when load deferring is turned off.
+
+ Reviewed by Benjamin Poulain.
+
+ * loader/load-defer-resume-crash-expected.txt: Added.
+ * loader/load-defer-resume-crash.html: Added.
+ * loader/resources/images.html: Added.
+ * platform/chromium/test_expectations.txt: Skip this test since the LayoutTestController::setDefersLoading is not implemented for chromium.
+
2011-07-11 Stephen White <senorbla...@chromium.org>
Unreviewed; chromium test expectations update.
Added: trunk/LayoutTests/loader/load-defer-resume-crash-expected.txt (0 => 90779)
--- trunk/LayoutTests/loader/load-defer-resume-crash-expected.txt (rev 0)
+++ trunk/LayoutTests/loader/load-defer-resume-crash-expected.txt 2011-07-11 19:33:32 UTC (rev 90779)
@@ -0,0 +1,3 @@
+For the test to pass there should be no crash.
+
+
Added: trunk/LayoutTests/loader/load-defer-resume-crash.html (0 => 90779)
--- trunk/LayoutTests/loader/load-defer-resume-crash.html (rev 0)
+++ trunk/LayoutTests/loader/load-defer-resume-crash.html 2011-07-11 19:33:32 UTC (rev 90779)
@@ -0,0 +1,24 @@
+<html>
+<script>
+if (window.layoutTestController) {
+ layoutTestController.dumpAsText();
+ layoutTestController.waitUntilDone();
+}
+
+function run() {
+ var frameElement = document.createElement('iframe')
+ frameElement.setAttribute("src", "resources/images.html");
+ document.getElementById("frameDiv").appendChild(frameElement);
+ if (window.layoutTestController) {
+ layoutTestController.setDefersLoading(true);
+ setTimeout("layoutTestController.setDefersLoading(false);layoutTestController.notifyDone();",1000);
+ } else
+ alert("Deferring loads");
+}
+
+</script>
+<body _onload_='run()'>
+<p>For the test to pass there should be no crash.</p>
+<div id="frameDiv"></div>
+</body>
+</html>
Added: trunk/LayoutTests/loader/resources/images.html (0 => 90779)
--- trunk/LayoutTests/loader/resources/images.html (rev 0)
+++ trunk/LayoutTests/loader/resources/images.html 2011-07-11 19:33:32 UTC (rev 90779)
@@ -0,0 +1,6 @@
+<html>
+<body>
+<img border="0" src=""
+<img border="0" src=""
+</body>
+</html>
Modified: trunk/LayoutTests/platform/chromium/test_expectations.txt (90778 => 90779)
--- trunk/LayoutTests/platform/chromium/test_expectations.txt 2011-07-11 19:20:49 UTC (rev 90778)
+++ trunk/LayoutTests/platform/chromium/test_expectations.txt 2011-07-11 19:33:32 UTC (rev 90779)
@@ -212,6 +212,7 @@
// Unskip after implementing LayoutTestController::setDefersLoading and ::goBack.
BUGWK60877 SKIP : loader/navigation-while-deferring-loads.html = FAIL
+BUGWK60877 SKIP : loader/load-defer-resume-crash.html = FAIL
// Skipped until new WebSocket protocol is implemented.
BUGWK50099 SKIP : http/tests/websocket/tests/hybi/ = PASS FAIL TIMEOUT
Modified: trunk/Source/WebCore/ChangeLog (90778 => 90779)
--- trunk/Source/WebCore/ChangeLog 2011-07-11 19:20:49 UTC (rev 90778)
+++ trunk/Source/WebCore/ChangeLog 2011-07-11 19:33:32 UTC (rev 90779)
@@ -1,3 +1,27 @@
+2011-07-11 Yi Shen <yi.4.s...@nokia.com>
+
+ [Qt] ASSERTION FAILED in ResourceHandle::setDefersLoading causes crash
+ https://bugs.webkit.org/show_bug.cgi?id=62808
+
+ Reviewed by Benjamin Poulain.
+
+ The assertion in ResourceHandle::setDefersLoading assumes asynchronous
+ content delivery -- To resume a page, first, its main resource loader
+ calls setDefersLoading to resume loading the main content; then all the
+ sub-resource loaders calls setDefersLoading to resume sub-contents.
+ However, since QNetworkReplyHandler delivers content synchronously,
+ some new sub-resource loaders get created as soon as the main resource
+ loader resumed, and all these new sub-resource loaders set their
+ defersLoading flag to false. Then, the assertion fails for these new
+ sub-resource loaders when calling setDefersLoading on them. As a fix,
+ this path makes QNetworkReplyHandler deliver content asynchronously.
+
+ Test: loader/load-defer-resume-crash.html
+
+ * platform/network/qt/QNetworkReplyHandler.cpp:
+ (WebCore::QNetworkReplyHandlerCallQueue::setDeferSignals):
+ * platform/network/qt/QNetworkReplyHandler.h:
+
2011-07-08 Ryosuke Niwa <rn...@webkit.org>
Move innerTextElement() from RenderTextControl to HTMLTextFormControlElement
Modified: trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp (90778 => 90779)
--- trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp 2011-07-11 19:20:49 UTC (rev 90778)
+++ trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.cpp 2011-07-11 19:33:32 UTC (rev 90779)
@@ -181,7 +181,7 @@
void QNetworkReplyHandlerCallQueue::setDeferSignals(bool defer)
{
m_deferSignals = defer;
- flush();
+ QMetaObject::invokeMethod(this, "flush", Qt::QueuedConnection);
}
void QNetworkReplyHandlerCallQueue::flush()
Modified: trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.h (90778 => 90779)
--- trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.h 2011-07-11 19:20:49 UTC (rev 90778)
+++ trunk/Source/WebCore/platform/network/qt/QNetworkReplyHandler.h 2011-07-11 19:33:32 UTC (rev 90779)
@@ -41,7 +41,8 @@
class ResourceResponse;
class QNetworkReplyHandler;
-class QNetworkReplyHandlerCallQueue {
+class QNetworkReplyHandlerCallQueue : public QObject {
+ Q_OBJECT
public:
QNetworkReplyHandlerCallQueue(QNetworkReplyHandler*, bool deferSignals);
bool deferSignals() const { return m_deferSignals; }
@@ -60,7 +61,7 @@
bool m_flushing;
QList<EnqueuedCall> m_enqueuedCalls;
- void flush();
+ Q_INVOKABLE void flush();
};
class QNetworkReplyWrapper : public QObject {
