[Webkit-unassigned] [Bug 50157] New: [GTK] dragn'drop related crashes in fast/events

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Nov 29 08:10:36 PST 2010 

https://bugs.webkit.org/show_bug.cgi?id=50157

           Summary: [GTK] dragn'drop related crashes in fast/events
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Mac OS X 10.5
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: pnormand at igalia.com


This doesn't seem to happen on the bots though.
Example: fast/events/ondrop-text-html.html

ASSERTION FAILED: !HashTranslator::equal(KeyTraits::emptyValue(), key)
(../../JavaScriptCore/wtf/HashTable.h:465 void WTF::HashTable<Key, Value, Extractor, HashFunctions, Traits, KeyTraits>::checkKey(const T&) [with T = GdkDragContext*, HashTranslator = WTF::HashMapTranslator<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::PtrHash<GdkDragContext*> >, Key = GdkDragContext*, Value = std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, Extractor = WTF::PairFirstExtractor<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> > >, HashFunctions = WTF::PtrHash<GdkDragContext*>, Traits = WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, KeyTraits = WTF::HashTraits<GdkDragContext*>])

Thread 1 (Thread 8627):
#0  0x00007f5a715944ce in WTF::HashTable<GdkDragContext*, std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, WTF::PairFirstExtractor<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::PtrHash<GdkDragContext*>, WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::HashTraits<GdkDragContext*> >::checkKey<GdkDragContext*, WTF::HashMapTranslator<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::PtrHash<GdkDragContext*> > > (this=0x251c1e8, key=@0x7fff3e4f69a8) at ../../JavaScriptCore/wtf/HashTable.h:465
#1  0x00007f5a71593f75 in WTF::HashTable<GdkDragContext*, std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, WTF::PairFirstExtractor<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::PtrHash<GdkDragContext*>, WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::HashTraits<GdkDragContext*> >::add<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk>, WTF::HashMapTranslator<std::pair<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk> >, WTF::PairHashTraits<WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >, WTF::PtrHash<GdkDragContext*> > > (this=0x251c1e8, key=@0x7fff3e4f69a8, extra=...) at ../../JavaScriptCore/wtf/HashTable.h:630
#2  0x00007f5a71593c1d in WTF::HashMap<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk>, WTF::PtrHash<GdkDragContext*>, WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >::inlineAdd (this=0x251c1e8, key=@0x7fff3e4f69a8, mapped=...)
    at ../../JavaScriptCore/wtf/HashMap.h:241
#3  0x00007f5a71593af1 in WTF::HashMap<GdkDragContext*, WTF::RefPtr<WebCore::DataObjectGtk>, WTF::PtrHash<GdkDragContext*>, WTF::HashTraits<GdkDragContext*>, WTF::HashTraits<WTF::RefPtr<WebCore::DataObjectGtk> > >::set (this=0x251c1e8, key=@0x7fff3e4f69a8, mapped=...) at ../../JavaScriptCore/wtf/HashMap.h:248
#4  0x00007f5a7159355c in WebKit::DragClient::startDrag (this=0x2523370, image=0x0, dragImageOrigin=..., eventPos=..., clipboard=0x24d5f90, 
    frame=0x2569200, linkDrag=false) at ../../WebKit/gtk/WebCoreSupport/DragClientGtk.cpp:109
#5  0x00007f5a710f8965 in WebCore::DragController::doSystemDrag (this=0x2524610, image=0x0, dragLoc=..., eventPos=..., clipboard=0x24d5f90, 
    frame=0x2569200, forLink=false) at ../../WebCore/page/DragController.cpp:826
#6  0x00007f5a710f82cf in WebCore::DragController::startDrag(WebCore::Frame *, WebCore::Clipboard *, WebCore::<anonymous enum>, const WebCore::PlatformMouseEvent &, const WebCore::IntPoint &, bool) (this=0x2524610, src=0x2569200, clipboard=0x24d5f90, srcOp=4294967295, dragEvent=..., dragOrigin=..., 
    isDHTMLDrag=false) at ../../WebCore/page/DragController.cpp:761
#7  0x00007f5a7110332b in WebCore::EventHandler::handleDrag (this=0x2569990, event=...) at ../../WebCore/page/EventHandler.cpp:2590
#8  0x00007f5a710fad66 in WebCore::EventHandler::handleMouseDraggedEvent (this=0x2569990, event=...) at ../../WebCore/page/EventHandler.cpp:508
#9  0x00007f5a710fe891 in WebCore::EventHandler::handleMouseMoveEvent (this=0x2569990, mouseEvent=..., hoveredNode=0x7fff3e4f73d0)
    at ../../WebCore/page/EventHandler.cpp:1517
#10 0x00007f5a710fdfce in WebCore::EventHandler::mouseMoved (this=0x2569990, event=...) at ../../WebCore/page/EventHandler.cpp:1395
#11 0x00007f5a715c2216 in webkit_web_view_motion_event (widget=0x251c040, event=0x26da8b0) at ../../WebKit/gtk/webkit/webkitwebview.cpp:881
#12 0x00007f5a6e2f5613 in _gtk_marshal_BOOLEAN__BOXED (closure=0x24ce310, return_value=0x7fff3e4f76e0, n_param_values=<value optimized out>, 
    param_values=0x2539ad0, invocation_hint=<value optimized out>, marshal_data=0x7f5a715c2188) at gtkmarshalers.c:86
#13 0x00007f5a6cc5e02e in g_closure_invoke (closure=0x24ce310, return_value=0x7fff3e4f76e0, n_param_values=2, param_values=0x2539ad0, 
    invocation_hint=0x7fff3e4f76a0) at gclosure.c:766
#14 0x00007f5a6cc76ce2 in signal_emit_unlocked_R (node=0x24ce380, detail=<value optimized out>, instance=<value optimized out>, 
    emission_return=<value optimized out>, instance_and_params=<value optimized out>) at gsignal.c:3290
#15 0x00007f5a6cc7866c in g_signal_emit_valist (instance=0x251c040, signal_id=<value optimized out>, detail=0, var_args=0x7fff3e4f7890) at gsignal.c:2993
#16 0x00007f5a6cc79053 in g_signal_emit (instance=0x7fff3e4f5e30, signal_id=0, detail=1799486976) at gsignal.c:3040
#17 0x00007f5a6e426fef in gtk_widget_event_internal (widget=0x251c040, event=0x26da8b0) at gtkwidget.c:4975
#18 0x00007f5a6e2ec303 in IA__gtk_propagate_event (widget=0x251c040, event=0x26da8b0) at gtkmain.c:2460
#19 0x00007f5a6e2ed4bb in IA__gtk_main_do_event (event=0x26da8b0) at gtkmain.c:1665
#20 0x000000000041e90f in dispatchEvent (event=0x26da8b0) at ../../WebKitTools/DumpRenderTree/gtk/EventSender.cpp:453
#21 0x000000000041ea9b in replaySavedEvents () at ../../WebKitTools/DumpRenderTree/gtk/EventSender.cpp:496
#22 0x000000000041e8a9 in sendOrQueueEvent (event=0x26da920, shouldReplaySavedEvents=true) at ../../WebKitTools/DumpRenderTree/gtk/EventSender.cpp:436
#23 0x000000000041e30f in mouseUpCallback (context=0x7f59d85d5078, function=0x7f5a641434c0, thisObject=0x7f5a64142bc0, argumentCount=0, 
    arguments=0x7fff3e4f7b38, exception=0x7fff3e4f7bd8) at ../../WebKitTools/DumpRenderTree/gtk/EventSender.cpp:336
#24 0x00007f5a71923840 in JSC::JSCallbackFunction::call (exec=0x7f59d85d5078) at ../../JavaScriptCore/API/JSCallbackFunction.cpp:66
#25 0x00007f5a719c5371 in JSC::cti_op_call_NotJSFunction (args=0x7fff3e4f7d10) at ../../JavaScriptCore/jit/JITStubs.cpp:2208
#26 0x00007f5a719c039b in JSC::JITThunks::tryCacheGetByID (callFrame=0x7f59d85d5038, codeBlock=0x7fff3e4f7d10, returnAddress=..., baseValue=..., 
    propertyName=Traceback (most recent call last):
  File "/home/phil/gst/jhbuild/build/WebKit/WebKitTools/gdb/webkit.py", line 121, in to_string
    return JSCUStringPrinter(self.val['m_string']).to_string()
  File "/home/phil/gst/jhbuild/build/WebKit/WebKitTools/gdb/webkit.py", line 111, in to_string
    if self.get_length() == 0:
RuntimeError: Cannot access memory at address 0xfff4b5e90845894d
, slot=..., stubInfo=0x2662600) at ../../JavaScriptCore/jit/JITStubs.cpp:974
#27 0x00007f5a719937c1 in JSC::JITCode::execute (this=0x269cf08, registerFile=0x25db548, callFrame=0x7f59d85d5038, globalData=0x2662600)
    at ../../JavaScriptCore/jit/JITCode.h:77
#28 0x00007f5a7199008c in JSC::Interpreter::execute (this=0x25db530, program=0x269cef0, callFrame=0x25c4678, scopeChain=0x25c4950, thisObj=0x7f5a64140000)
    at ../../JavaScriptCore/interpreter/Interpreter.cpp:778
#29 0x00007f5a71a2a401 in JSC::evaluate (exec=0x25c4678, scopeChain=..., source=..., thisValue=...) at ../../JavaScriptCore/runtime/Completion.cpp:62
#30 0x00007f5a70bd4b7f in WebCore::JSMainThreadExecState::evaluate (exec=0x25c4678, chain=..., source=..., thisValue=...)
    at ../../WebCore/bindings/js/JSMainThreadExecState.h:54
#31 0x00007f5a70bf4fda in WebCore::ScriptController::evaluateInWorld (this=0x25696d0, sourceCode=..., world=0x2665d10, 
    shouldAllowXSS=WebCore::DoNotAllowXSS) at ../../WebCore/bindings/js/ScriptController.cpp:148
#32 0x00007f5a70bf51b3 in WebCore::ScriptController::evaluate (this=0x25696d0, sourceCode=..., shouldAllowXSS=WebCore::DoNotAllowXSS)
    at ../../WebCore/bindings/js/ScriptController.cpp:171
#33 0x00007f5a70c220ed in WebCore::ScriptController::executeScript (this=0x25696d0, sourceCode=..., shouldAllowXSS=WebCore::DoNotAllowXSS)
    at ../../WebCore/bindings/ScriptControllerBase.cpp:60
#34 0x00007f5a70de7822 in WebCore::ScriptElement::executeScript (this=0x25c41c0, sourceCode=...) at ../../WebCore/dom/ScriptElement.cpp:215
#35 0x00007f5a70f4bd36 in WebCore::HTMLScriptRunner::runScript (this=0x2563c20, script=0x25c4140, scriptStartPosition=...)
    at ../../WebCore/html/parser/HTMLScriptRunner.cpp:313
#36 0x00007f5a70f4b25d in WebCore::HTMLScriptRunner::execute (this=0x2563c20, scriptElement=..., scriptStartPosition=...)
    at ../../WebCore/html/parser/HTMLScriptRunner.cpp:173
#37 0x00007f5a70f40b6e in WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder (this=0x25d9920)
    at ../../WebCore/html/parser/HTMLDocumentParser.cpp:199
#38 0x00007f5a70f40e04 in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x25d9920, mode=WebCore::HTMLDocumentParser::AllowYield)
    at ../../WebCore/html/parser/HTMLDocumentParser.cpp:235
#39 0x00007f5a70f409c7 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x25d9920, mode=WebCore::HTMLDocumentParser::AllowYield)
    at ../../WebCore/html/parser/HTMLDocumentParser.cpp:169
#40 0x00007f5a70f41214 in WebCore::HTMLDocumentParser::append (this=0x25d9920, source=...) at ../../WebCore/html/parser/HTMLDocumentParser.cpp:311
#41 0x00007f5a70d46cff in WebCore::DecodedDataDocumentParser::appendBytes (this=0x25d9920, writer=0x2569428, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578, shouldFlush=false)
    at ../../WebCore/dom/DecodedDataDocumentParser.cpp:54
#42 0x00007f5a7105d5ef in WebCore::DocumentWriter::addData (this=0x2569428, 
    str=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., len=1578, flush=false) at ../../WebCore/loader/DocumentWriter.cpp:200
#43 0x00007f5a71052c34 in WebCore::DocumentLoader::commitData (this=0x2652b80, 
    bytes=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578) at ../../WebCore/loader/DocumentLoader.cpp:308
#44 0x00007f5a7159ec99 in WebKit::FrameLoaderClient::committedLoad (this=0x2578a10, loader=0x2652b80, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578) at ../../WebKit/gtk/WebCoreSupport/FrameLoaderClientGtk.cpp:286
#45 0x00007f5a71052b05 in WebCore::DocumentLoader::commitLoad (this=0x2652b80, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578) at ../../WebCore/loader/DocumentLoader.cpp:293
#46 0x00007f5a71052cf4 in WebCore::DocumentLoader::receivedData (this=0x2652b80, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578) at ../../WebCore/loader/DocumentLoader.cpp:320
#47 0x00007f5a7109cf9f in WebCore::MainResourceLoader::addData (this=0x25bafd0, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578, allAtOnce=false)
    at ../../WebCore/loader/MainResourceLoader.cpp:157
#48 0x00007f5a710a97b5 in WebCore::ResourceLoader::didReceiveData (this=0x25bafd0, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578, lengthReceived=1578, allAtOnce=false)
    at ../../WebCore/loader/ResourceLoader.cpp:276
#49 0x00007f5a7109e0e6 in WebCore::MainResourceLoader::didReceiveData (this=0x25bafd0, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578, lengthReceived=1578, allAtOnce=false)
    at ../../WebCore/loader/MainResourceLoader.cpp:436
#50 0x00007f5a710aa108 in WebCore::ResourceLoader::didReceiveData (this=0x25bafd0, 
    data=0x2659f70 "<div id=\"dragme\">This test verifies that we can get text/html from the drag object\nduring an ondrop event.  This test requires DRT.</div>\n\n<div id=\"droptarget\" contenteditable ondragover=\"dragover(eve"..., length=1578, lengthReceived=1578)
    at ../../WebCore/loader/ResourceLoader.cpp:429
#51 0x00007f5a715740bf in WebCore::readCallback (source=0x25dc860, asyncResult=0x25dc640, data=0x0)
    at ../../WebCore/platform/network/soup/ResourceHandleSoup.cpp:827
#52 0x00007f5a6cef6955 in async_ready_callback_wrapper (source_object=0x25dc860, res=0x25dc640, user_data=0x0) at ginputstream.c:470
#53 0x00007f5a6cf08778 in complete_in_idle_cb_for_thread (_data=<value optimized out>) at gsimpleasyncresult.c:813
#54 0x00007f5a6c37fde2 in g_main_dispatch (context=0x24b64c0) at gmain.c:2436
#55 g_main_context_dispatch (context=0x24b64c0) at gmain.c:3009
#56 0x00007f5a6c3844a8 in g_main_context_iterate (context=0x24b64c0, block=<value optimized out>, dispatch=<value optimized out>, 
    self=<value optimized out>) at gmain.c:3087
#57 0x00007f5a6c3849b5 in g_main_loop_run (loop=0x25b9f00) at gmain.c:3295
#58 0x00007f5a6e2ed977 in IA__gtk_main () at gtkmain.c:1237
#59 0x000000000041ad32 in runTest (testPathOrURL=...) at ../../WebKitTools/DumpRenderTree/gtk/DumpRenderTree.cpp:655
#60 0x000000000041a42e in runTestingServerLoop () at ../../WebKitTools/DumpRenderTree/gtk/DumpRenderTree.cpp:469
#61 0x000000000041c308 in main (argc=2, argv=0x7fff3e4f96a8) at ../../WebKitTools/DumpRenderTree/gtk/DumpRenderTree.cpp:1096

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list