Bug 148529

Summary:

REGRESSION(r188548): Some tests crash after r188548 because injected bundle messages are received after the test finishes

Product:

WebKit

Reporter:

Carlos Garcia Campos <cgarcia>

Component:

Tools / Tests

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

andersca, darin, ossy, sam

Priority:

Keywords:

Regression

Version:

WebKit Local Build

Hardware:

Unspecified

OS:

Unspecified

Bug Depends on:

148528

Bug Blocks:

148093

Attachments:

Description	Flags
Patch	darin: review+

Description Carlos Garcia Campos 2015-08-27 09:42:59 PDT

1   0x431b17 bin/WebKitTestRunner(WTFCrash+0x17) [0x431b17]
2   0x430bed bin/WebKitTestRunner(_ZN3WTR16EventSenderProxy17releaseTouchPointEi+0x18d) [0x430bed]
3   0x424f08 bin/WebKitTestRunner(_ZN3WTR14TestController46didReceiveSynchronousMessageFromInjectedBundleEPK14OpaqueWKStringPKv+0x6d8) [0x424f08]
4   0x424fa9 bin/WebKitTestRunner(_ZN3WTR14TestController50didReceiveSynchronousPageMessageFromInjectedBundleEPK12OpaqueWKPagePK14OpaqueWKStringPKvPS8_S8_+0x19) [0x424fa9]
5   0x7f5ae50ed886 /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit27WebPageInjectedBundleClient46didReceiveSynchronousMessageFromInjectedBundleEPNS_12WebPageProxyERKN3WTF6StringEPN3API6ObjectERNS3_6RefPtrIS8_EE+0xb6) [0x7f5ae50ed886]
6   0x7f5ae50f3f5d /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit12WebPageProxy24handleSynchronousMessageERN3IPC10ConnectionERKN3WTF6StringERKNS_8UserDataERS8_+0x7d) [0x7f5ae50f3f5d]
7   0x7f5ae5302608 /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit12WebPageProxy21didReceiveSyncMessageERN3IPC10ConnectionERNS1_14MessageDecoderERSt10unique_ptrINS1_14MessageEncoderESt14default_deleteIS7_EE+0x12f8) [0x7f5ae5302608]
8   0x7f5ae506f5d1 /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC18MessageReceiverMap19dispatchSyncMessageERNS_10ConnectionERNS_14MessageDecoderERSt10unique_ptrINS_14MessageEncoderESt14default_deleteIS6_EE+0x2b1) [0x7f5ae506f5d1]
9   0x7f5ae512391b /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN6WebKit15WebProcessProxy21didReceiveSyncMessageERN3IPC10ConnectionERNS1_14MessageDecoderERSt10unique_ptrINS1_14MessageEncoderESt14default_deleteIS7_EE+0x1b) [0x7f5ae512391b]
10  0x7f5ae506b5fb /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection19dispatchSyncMessageERNS_14MessageDecoderE+0x1cb) [0x7f5ae506b5fb]
11  0x7f5ae506b6ed /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection15dispatchMessageESt10unique_ptrINS_14MessageDecoderESt14default_deleteIS2_EE+0xdd) [0x7f5ae506b6ed]
12  0x7f5ae506c0d3 /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3IPC10Connection18dispatchOneMessageEv+0xd3) [0x7f5ae506c0d3]
13  0x7f5ae67142cf /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3WTF7RunLoop11performWorkEv+0x3ef) [0x7f5ae67142cf]
14  0x4735b5 bin/WebKitTestRunner(_ZN3WTF15GMainLoopSource12voidCallbackEv+0x295) [0x4735b5]
15  0x471b6a bin/WebKitTestRunner(_ZN3WTF15GMainLoopSource18voidSourceCallbackEPS0_+0xa) [0x471b6a]
16  0x7f5ae1f8abdd /home/cgarcia/gnome/lib/libglib-2.0.so.0(g_main_context_dispatch+0x13d) [0x7f5ae1f8abdd]
17  0x7f5ae1f8af78 /home/cgarcia/gnome/lib/libglib-2.0.so.0(+0x48f78) [0x7f5ae1f8af78]
18  0x7f5ae1f8b292 /home/cgarcia/gnome/lib/libglib-2.0.so.0(g_main_loop_run+0xc2) [0x7f5ae1f8b292]
19  0x7f5ae67193e0 /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37(_ZN3WTF7RunLoop3runEv+0x120) [0x7f5ae67193e0]
20  0x42ee4f bin/WebKitTestRunner(_ZN3WTR14TestController16platformRunUntilERbd+0xbf) [0x42ee4f]
21  0x422db4 bin/WebKitTestRunner(_ZN3WTR14TestController28resetStateToConsistentValuesEv+0x2f4) [0x422db4]
22  0x42baa5 bin/WebKitTestRunner(_ZN3WTR14TestInvocation6invokeEv+0x375) [0x42baa5]
23  0x423b89 bin/WebKitTestRunner(_ZN3WTR14TestController7runTestEPKc+0xb9) [0x423b89]
24  0x4278b4 bin/WebKitTestRunner(_ZN3WTR14TestControllerC1EiPPKc+0x1f4) [0x4278b4]
25  0x41dee6 bin/WebKitTestRunner(main+0x56) [0x41dee6]
26  0x7f5ada630b45 /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf5) [0x7f5ada630b45]
27  0x41df68 bin/WebKitTestRunner() [0x41df68]

This happens for example with fast/events/touch/inserted-fragment-touch-target.html because it does:

eventSender.addTouchPoint(x, y);
eventSender.touchStart();
eventSender.releaseTouchPoint(0);
eventSender.touchEnd();

The test adds a listener to touchstart from which calls notifyDone(). Then the tests finishes and resetStateToConsistentValues() is called. This creates a new EventSenderProxy and then load about:blank. When loading abpout:blank the run loop starts again and it processes the injected bundle message for the js calls after the touchStart, releaseTouchPoint and touchEnd, but those are processed by the new EvenSenderProxy, and in this case releaseTouchPoint crashes because this new event sender doesn't have any touch event to process. I've added early returns when receiving injected bundle messages for the event sender when the test is not running and it fixes the crash, but I'm not sure if that's the right fix or just a workaround. This depends on bug #148528.

Comment 1 Carlos Garcia Campos 2015-08-28 01:06:04 PDT

Created attachment 260135 [details]
Patch

Comment 2 Carlos Garcia Campos 2015-09-02 05:12:40 PDT

Committed r189246: <http://trac.webkit.org/changeset/189246>