[Webkit-unassigned] [Bug 60931] New: [Chromium] crash after r86584 due to calling willRemoveWheelEventHandler too many times

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon May 16 16:07:12 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=60931

           Summary: [Chromium] crash after r86584 due to calling
                    willRemoveWheelEventHandler too many times
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Frames
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: atwilson at chromium.org
                CC: dglazkov at chromium.org, jam at chromium.org


r86584 relies on didAddWheelEventHandler() and willRemoveWheelEventHandler() getting called the same number of times.

We're getting errors on a few tests after this CL, and I think the implication is that willRemoveWheelEventHandler() is being called too often - I haven't been able to debug this after a few hours of trying, so I'm not sure of the cause:

ASSERTION FAILED: m_wheelEventHandlerCount > 0
Backtrace:
    WebCore::Document::didRemoveWheelEventHandler [0x01428ED6+70] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:5095)
    WebCore::FrameView::willRemoveHorizontalScrollbar [0x013D9242+98] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\frameview.cpp:323)
    WebCore::ScrollView::setHasHorizontalScrollbar [0x018CEF26+310] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\platform\scrollview.cpp:100)
    WebCore::ScrollView::updateScrollbars [0x018D088B+315] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\platform\scrollview.cpp:477)
    WebCore::ScrollView::setScrollbarModes [0x018CF271+193] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\platform\scrollview.cpp:163)
    WebCore::ScrollView::setHorizontalScrollbarMode [0x013DB774+52] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\platform\scrollview.h:92)
    WebCore::FrameView::layout [0x013DB1AA+1754] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\frameview.cpp:942)
    WebCore::Document::implicitClose [0x0141C023+851] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:2162)
    WebCore::FrameLoader::checkCallImplicitClose [0x013BF994+132] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:980)
    WebCore::FrameLoader::checkCompleted [0x013BF6FD+237] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:929)
    WebCore::FrameLoader::finishedParsing [0x013BF468+152] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:863)
    WebCore::Document::finishedParsing [0x0142538C+332] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:4273)
    WebCore::HTMLTreeBuilder::finished [0x0219C6B4+100] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmltreebuilder.cpp:2803)
    WebCore::HTMLDocumentParser::end [0x0213C963+131] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:379)
    WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd [0x0213CA36+182] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:388)
    WebCore::HTMLDocumentParser::prepareToStopParsing [0x0213B7AC+188] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:152)
    WebCore::HTMLDocumentParser::attemptToEnd [0x0213CAA9+57] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:399)
    WebCore::HTMLDocumentParser::finish [0x0213CBF3+51] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:428)
    WebCore::Document::finishParsing [0x0141C61B+75] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:2285)
    WebCore::DocumentWriter::endIfNotLoadingMainResource [0x0141342D+125] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\documentwriter.cpp:225)
    WebCore::DocumentWriter::end [0x01413397+39] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\documentwriter.cpp:210)
    WebCore::DocumentWriter::replaceDocument [0x014123D6+230] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\documentwriter.cpp:85)
    WebCore::ScriptController::executeIfJavaScriptURL [0x014C2B97+391] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\scriptcontrollerbase.cpp:114)
    WebCore::FrameLoader::urlSelected [0x013BCAB7+135] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:288)
    WebCore::FrameLoader::changeLocation [0x013BC8FD+157] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:271)
    WebCore::DOMWindow::createWindow [0x014B9995+677] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\domwindow.cpp:1752)
    WebCore::DOMWindow::open [0x014B9EA7+983] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\domwindow.cpp:1821)
    WebCore::V8DOMWindow::openCallback [0x016305CF+463] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\v8\custom\v8domwindowcustom.cpp:456)
    v8::internal::HandleApiCallHelper<0> [0x0064EE3C+892] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\builtins.cc:1126)
    v8::internal::Builtin_Impl_HandleApiCall [0x00649CD4+20] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\builtins.cc:1143)
    v8::internal::Builtin_HandleApiCall [0x00649C52+66] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\builtins.cc:1142)
    (No symbol) [0x0CC300B6]
    (No symbol) [0x3DBC413C]
    (No symbol) [0x0CC3115F]
    (No symbol) [0x0CC438D1]
    (No symbol) [0x0CC30B22]
    v8::internal::Invoke [0x004DAD1C+412] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\execution.cc:122)
    v8::internal::Execution::Call [0x004DAB62+34] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\execution.cc:153)
    v8::Function::Call [0x00478AD7+407] (e:\b\build\slave\webkit_win__dbg__2_\build\src\v8\src\api.cc:3297)
    WebCore::V8Proxy::callFunction [0x01381190+464] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\v8\v8proxy.cpp:483)
    WebCore::V8EventListener::callListenerFunction [0x01633907+167] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\v8\v8eventlistener.cpp:77)
    WebCore::V8AbstractEventListener::invokeEventHandler [0x01818E6C+332] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\v8\v8abstracteventlistener.cpp:154)
    WebCore::V8AbstractEventListener::handleEvent [0x01818B43+275] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\bindings\v8\v8abstracteventlistener.cpp:99)
    WebCore::EventTarget::fireEventListeners [0x01544F75+261] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\eventtarget.cpp:360)
    WebCore::EventTarget::fireEventListeners [0x01544E06+262] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\eventtarget.cpp:331)
    WebCore::DOMWindow::dispatchEvent [0x014B8E4E+238] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\domwindow.cpp:1588)
    WebCore::DOMWindow::dispatchTimedEvent [0x014B9066+150] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\domwindow.cpp:1601)
    WebCore::DOMWindow::dispatchLoadEvent [0x014B8BB2+242] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\page\domwindow.cpp:1564)
    WebCore::Document::dispatchWindowLoadEvent [0x0142145F+95] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:3523)
    WebCore::Document::implicitClose [0x0141BE66+406] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:2119)
    WebCore::FrameLoader::checkCallImplicitClose [0x013BF994+132] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:980)
    WebCore::FrameLoader::checkCompleted [0x013BF6FD+237] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:929)
    WebCore::FrameLoader::finishedParsing [0x013BF468+152] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\frameloader.cpp:863)
    WebCore::Document::finishedParsing [0x0142538C+332] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:4273)
    WebCore::HTMLTreeBuilder::finished [0x0219C6B4+100] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmltreebuilder.cpp:2803)
    WebCore::HTMLDocumentParser::end [0x0213C963+131] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:379)
    WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd [0x0213CA36+182] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:388)
    WebCore::HTMLDocumentParser::prepareToStopParsing [0x0213B7AC+188] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:152)
    WebCore::HTMLDocumentParser::attemptToEnd [0x0213CAA9+57] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:399)
    WebCore::HTMLDocumentParser::finish [0x0213CBF3+51] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\html\parser\htmldocumentparser.cpp:428)
    WebCore::Document::finishParsing [0x0141C61B+75] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\dom\document.cpp:2285)
    WebCore::DocumentWriter::endIfNotLoadingMainResource [0x0141342D+125] (e:\b\build\slave\webkit_win__dbg__2_\build\src\third_party\webkit\source\webcore\loader\documentwriter.cpp:225)

It doesn't seem to fail on the webkit.org bots, nor can I get it to fail in a chromium build, so I think that it may just be a chromium DRT/TestShell issue. I'm going to disable the tests that break as a result of this so I can roll forward.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list