[Webkit-unassigned] [Bug 64954] New: Unpaired calls to Document::didAddWheelEventHandler / Document::didRemoveWheelEventHandler

Thu Jul 21 08:59:04 PDT 2011

https://bugs.webkit.org/show_bug.cgi?id=64954

           Summary: Unpaired calls to Document::didAddWheelEventHandler /
                    Document::didRemoveWheelEventHandler
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rob at linux.intel.com

With the EFL backend and some Chromium use cases (according to https://bugs.webkit.org/show_bug.cgi?id=60779#c27) we trigger the assertion below:

void Document::didRemoveWheelEventHandler()
{
    ASSERT(m_wheelEventHandlerCount > 0);
    --m_wheelEventHandlerCount;
    Frame* mainFrame = page() ? page()->mainFrame() : 0;
    if (mainFrame)
        mainFrame->notifyChromeClientWheelEventHandlerCountChanged();
}

When navigating from the page.

I observe the following from the backtraces

#0  WebCore::Document::didAddWheelEventHandler (this=0x74b240)
    at /home/rob/src/efl-webkit/source/WebKit/Source/WebCore/dom/Document.cpp:5050

and then

#0  WebCore::Document::didRemoveWheelEventHandler (this=0x856fa0)
    at /home/rob/src/efl-webkit/source/WebKit/Source/WebCore/dom/Document.cpp:5059

and then

#0  WebCore::Document::didAddWheelEventHandler (this=0x856fa0)
    at /home/rob/src/efl-webkit/source/WebKit/Source/WebCore/dom/Document.cpp:5050

So from my observations the Document inside the Frame has changed before the code that's doing the tidy up to remove the handlers gets called.

i.e. we would expect the call to didRemoveWheelEventHandler to act on 0x74b240.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.