REGRESSION(r239353): iOS WK1 Assertion failure in notifyChildNodeRemoved while running
authorrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 22 Dec 2018 00:28:44 +0000 (00:28 +0000)
committerrniwa@webkit.org <rniwa@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Sat, 22 Dec 2018 00:28:44 +0000 (00:28 +0000)
TestWebKitAPI.QuickLook.LegacyQuickLookContent
https://bugs.webkit.org/show_bug.cgi?id=192859
<rdar://problem/46887237>

Reviewed by Antti Koivisto.

After r239353, ScriptDisallowedScope::InMainThread::isScriptAllowed() may return false when the web thread
is inside a delegate callback even when there is a ScriptDisallowedScope defined.

Replace the existign debug assertions which assert !ScriptDisallowedScope::InMainThread::isScriptAllowed()
by a newly added ScriptDisallowedScope::InMainThread::hasDisallowedScope to avoid hitting this assertion.

Tests: TestWebKitAPI.QuickLook.LegacyQuickLookContent

* dom/ContainerNodeAlgorithms.cpp:
(WebCore::notifyChildNodeInserted):
(WebCore::notifyChildNodeRemoved):
* dom/Document.cpp:
(WebCore::Document::nodeChildrenWillBeRemoved):
(WebCore::Document::nodeWillBeRemoved):
* dom/ScriptDisallowedScope.h:
(WebCore::ScriptDisallowedScope::InMainThread::hasDisallowedScope):
* html/HTMLFormElement.cpp:
(WebCore:: const):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239529 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/dom/ContainerNodeAlgorithms.cpp
Source/WebCore/dom/Document.cpp
Source/WebCore/dom/ScriptDisallowedScope.h
Source/WebCore/html/HTMLFormElement.cpp

index 2dc9569..a98326a 100644 (file)
@@ -1,3 +1,31 @@
+2018-12-20  Ryosuke Niwa  <rniwa@webkit.org>
+
+        REGRESSION(r239353): iOS WK1 Assertion failure in notifyChildNodeRemoved while running
+        TestWebKitAPI.QuickLook.LegacyQuickLookContent
+        https://bugs.webkit.org/show_bug.cgi?id=192859
+        <rdar://problem/46887237>
+
+        Reviewed by Antti Koivisto.
+
+        After r239353, ScriptDisallowedScope::InMainThread::isScriptAllowed() may return false when the web thread
+        is inside a delegate callback even when there is a ScriptDisallowedScope defined.
+
+        Replace the existign debug assertions which assert !ScriptDisallowedScope::InMainThread::isScriptAllowed()
+        by a newly added ScriptDisallowedScope::InMainThread::hasDisallowedScope to avoid hitting this assertion.
+
+        Tests: TestWebKitAPI.QuickLook.LegacyQuickLookContent
+
+        * dom/ContainerNodeAlgorithms.cpp:
+        (WebCore::notifyChildNodeInserted):
+        (WebCore::notifyChildNodeRemoved):
+        * dom/Document.cpp:
+        (WebCore::Document::nodeChildrenWillBeRemoved):
+        (WebCore::Document::nodeWillBeRemoved):
+        * dom/ScriptDisallowedScope.h:
+        (WebCore::ScriptDisallowedScope::InMainThread::hasDisallowedScope):
+        * html/HTMLFormElement.cpp:
+        (WebCore:: const):
+
 2018-12-21  Joseph Pecoraro  <pecoraro@apple.com>
 
         Update status of some WebCore features in features.json
index fe8375a..0aafce9 100644 (file)
@@ -88,7 +88,7 @@ static void notifyNodeInsertedIntoTree(ContainerNode& parentOfInsertedTree, Node
 
 NodeVector notifyChildNodeInserted(ContainerNode& parentOfInsertedTree, Node& node)
 {
-    ASSERT(!ScriptDisallowedScope::InMainThread::isScriptAllowed());
+    ASSERT(ScriptDisallowedScope::InMainThread::hasDisallowedScope());
 
     InspectorInstrumentation::didInsertDOMNode(node.document(), node);
 
@@ -152,7 +152,7 @@ static void notifyNodeRemovedFromTree(ContainerNode& oldParentOfRemovedTree, Tre
 void notifyChildNodeRemoved(ContainerNode& oldParentOfRemovedTree, Node& child)
 {
     // Assert that the caller of this function has an instance of ScriptDisallowedScope.
-    ASSERT(!isMainThread() || !ScriptDisallowedScope::InMainThread::isScriptAllowed());
+    ASSERT(!isMainThread() || ScriptDisallowedScope::InMainThread::hasDisallowedScope());
     ContainerChildRemovalScope removalScope(oldParentOfRemovedTree, child);
 
     // Tree scope has changed if the container node from which "node" is removed is in a document or a shadow root.
index ec2292e..9ca30cc 100644 (file)
@@ -4358,7 +4358,7 @@ void Document::updateRangesAfterChildrenChanged(ContainerNode& container)
 
 void Document::nodeChildrenWillBeRemoved(ContainerNode& container)
 {
-    ASSERT(!ScriptDisallowedScope::InMainThread::isScriptAllowed());
+    ASSERT(ScriptDisallowedScope::InMainThread::hasDisallowedScope());
 
     adjustFocusedNodeOnNodeRemoval(container, NodeRemoval::ChildrenOfNode);
     adjustFocusNavigationNodeOnNodeRemoval(container, NodeRemoval::ChildrenOfNode);
@@ -4391,7 +4391,7 @@ void Document::nodeChildrenWillBeRemoved(ContainerNode& container)
 
 void Document::nodeWillBeRemoved(Node& node)
 {
-    ASSERT(!ScriptDisallowedScope::InMainThread::isScriptAllowed());
+    ASSERT(ScriptDisallowedScope::InMainThread::hasDisallowedScope());
 
     adjustFocusedNodeOnNodeRemoval(node);
     adjustFocusNavigationNodeOnNodeRemoval(node);
index a2b61b1..873bebf 100644 (file)
@@ -87,6 +87,12 @@ public:
 #endif
         }
 
+        static bool hasDisallowedScope()
+        {
+            ASSERT(isMainThread());
+            return s_count;
+        }
+
         static bool isScriptAllowed()
         {
             ASSERT(isMainThread());
index ec6bba3..6c6af7b 100644 (file)
@@ -863,7 +863,7 @@ void HTMLFormElement::finishParsingChildren()
 
 const Vector<FormAssociatedElement*>& HTMLFormElement::unsafeAssociatedElements() const
 {
-    ASSERT(!ScriptDisallowedScope::InMainThread::isScriptAllowed());
+    ASSERT(ScriptDisallowedScope::InMainThread::hasDisallowedScope());
     return m_associatedElements;
 }