LayoutTests/fast/loader/recursive-before-unload-crash-expected.txt - WebKit - Git at Google

 This test demonstrates a problem with our handling of the beforeunload event.
 If a script manages to try and navigate the frame from beforeunload - when a navigation is already pending - we end up blowing out the stack by recursively consulting the policy delegate then running onbeforeunload repeatedly.
 After this happens, the FrameLoader is in a bogus state where it thinks it is in the middle of a provisional load, but it doesn't have a provisional document loader.
 In this state, the frame is very difficult to navigate anywhere else, and attempts to load new things within the frame can result in a crash.
 This was reproducibly identified on sears.com following a bizarre Safari specific code path.
 Click here to run the beforeunload test and blow out the stack
 Click here to append an iframe and crash
 onbeforeunload called, and iframe hasn't been added yet.
 Adding iframe.
	This test demonstrates a problem with our handling of the beforeunload event.
	If a script manages to try and navigate the frame from beforeunload - when a navigation is already pending - we end up blowing out the stack by recursively consulting the policy delegate then running onbeforeunload repeatedly.
	After this happens, the FrameLoader is in a bogus state where it thinks it is in the middle of a provisional load, but it doesn't have a provisional document loader.
	In this state, the frame is very difficult to navigate anywhere else, and attempts to load new things within the frame can result in a crash.
	This was reproducibly identified on sears.com following a bizarre Safari specific code path.
	Click here to run the beforeunload test and blow out the stack
	Click here to append an iframe and crash
	onbeforeunload called, and iframe hasn't been added yet.
	Adding iframe.