Bug 46673

Summary: Assertion failure in NetscapePlugin::platformDestroy when running plugins/mouse-events.html in WebKit2 on Windows
Product: WebKit Reporter: Adam Roben (:aroben) <aroben>
Component: Plug-insAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, andersca, eric, jhoneycutt, webkit.review.bot
Priority: P2 Keywords: InRadar, LayoutTestFailure, PlatformOnly
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Windows XP   
Attachments:
Description Flags
Patch andersca: review+

Adam Roben (:aroben)
Reported 2010-09-27 16:46:56 PDT
To reproduce: 1. run-webkit-tests -2 plugins/mouse-events.html You'll hit an assertion failure in NetscapePlugin::platformDestroy: if (!m_isWindowed) { ASSERT(!m_window); return; } Here's the backtrace: WebKit!WebKit::NetscapePlugin::platformDestroy+0x42 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\netscape\win\netscapepluginwin.cpp @ 82] WebKit!WebKit::NetscapePlugin::destroy+0x86 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\netscape\netscapeplugin.cpp @ 379] WebKit!WebKit::PluginView::~PluginView+0x18e [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\pluginview.cpp @ 271] WebKit!WebKit::PluginView::`scalar deleting destructor'+0x16 WebKit!WTF::RefCounted<WebCore::Widget>::deref+0x67 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\refcounted.h @ 139] WebKit!WTF::derefIfNotNull<WebCore::Widget>+0x14 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\passrefptr.h @ 59] WebKit!WTF::RefPtr<WebCore::Widget>::~RefPtr<WebCore::Widget>+0x19 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\refptr.h @ 58] WebKit!std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>::~pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>+0x16 WebKit!std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>::`scalar deleting destructor'+0x16 WebKit!WTF::HashTable<WTF::RefPtr<WebCore::Widget>,std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCor bCore::Widget> >,WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::dealloc clude\private\javascriptcore\hashtable.h @ 892] WebKit!WTF::HashTable<WTF::RefPtr<WebCore::Widget>,std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCor bCore::Widget> >,WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::~HashTa F::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *> >,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,W r<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >+0x28 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\hashta WebKit!WTF::HashMap<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebC Core::Widget>,WebCore::FrameView *,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >+0x16 WebKit!WebCore::RenderWidget::resumeWidgetHierarchyUpdates+0x137 [h:\cyghome\dev\webkit\opensource\webcore\rendering\renderwidget.cpp @ 83] WebKit!WebCore::Element::detach+0x46 [h:\cyghome\dev\webkit\opensource\webcore\dom\element.cpp @ 868] WebKit!WebCore::ContainerNode::detach+0x46 [h:\cyghome\dev\webkit\opensource\webcore\dom\containernode.cpp @ 717] WebKit!WebCore::Document::detach+0x151 [h:\cyghome\dev\webkit\opensource\webcore\dom\document.cpp @ 1742] WebKit!WebCore::Frame::setView+0xbd [h:\cyghome\dev\webkit\opensource\webcore\page\frame.cpp @ 255] WebKit!WebCore::Frame::createView+0x100 [h:\cyghome\dev\webkit\opensource\webcore\page\frame.cpp @ 811] WebKit!WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage+0x65 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webcoresupport\webframeloaderclient.cpp @ 930] WebKit!WebCore::FrameLoader::transitionToCommitted+0x400 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 1988] WebKit!WebCore::FrameLoader::commitProvisionalLoad+0x263 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 1845] WebKit!WebCore::DocumentLoader::commitIfReady+0x43 [h:\cyghome\dev\webkit\opensource\webcore\loader\documentloader.cpp @ 263] WebKit!WebCore::DocumentLoader::finishedLoading+0x29 [h:\cyghome\dev\webkit\opensource\webcore\loader\documentloader.cpp @ 269] WebKit!WebCore::FrameLoader::finishedLoading+0x55 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 2157] WebKit!WebCore::MainResourceLoader::didFinishLoading+0xc1 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 442] WebKit!WebCore::MainResourceLoader::continueAfterContentPolicy+0x488 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 280] WebKit!WebCore::MainResourceLoader::continueAfterContentPolicy+0x97 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 295] WebKit!WebCore::MainResourceLoader::callContinueAfterContentPolicy+0xf [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 287] WebKit!WebCore::PolicyCallback::call+0xf6 [h:\cyghome\dev\webkit\opensource\webcore\loader\policycallback.cpp @ 112] WebKit!WebCore::PolicyChecker::continueAfterContentPolicy+0x4d [h:\cyghome\dev\webkit\opensource\webcore\loader\policychecker.cpp @ 188] WebKit!WebKit::WebFrame::didReceivePolicyDecision+0xd2 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webframe.cpp @ 185] WebKit!WebKit::WebPage::didReceivePolicyDecision+0x4a [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webpage.cpp @ 578] WebKit!CoreIPC::handleMessage<Messages::WebPage::DidReceivePolicyDecision,WebKit::WebPage,unsigned __int64,unsigned __int64,unsigned int>+0x75 [h:\cyghome\dev\webkit\opensource\webk WebKit!WebKit::WebPage::didReceiveWebPageMessage+0x2f8 [h:\cyghome\dev\build_webkit\obj\webkit\derivedsources\webpagemessagereceiver.cpp @ 92] WebKit!WebKit::WebPage::didReceiveMessage+0xba [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webpage.cpp @ 784] WebKit!WebKit::WebProcess::didReceiveMessage+0x38e [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webprocess.cpp @ 350] WebKit!CoreIPC::Connection::dispatchMessages+0x246 [h:\cyghome\dev\webkit\opensource\webkit2\platform\coreipc\connection.cpp @ 278] WebKit!MemberFunctionWorkItem0<CoreIPC::Connection>::execute+0x1f [h:\cyghome\dev\webkit\opensource\webkit2\platform\workitem.h @ 74] WebKit!RunLoop::performWork+0x97 [h:\cyghome\dev\webkit\opensource\webkit2\platform\runloop.cpp @ 62] WebKit!RunLoop::wndProc+0x3a [h:\cyghome\dev\webkit\opensource\webkit2\platform\win\runloopwin.cpp @ 56] WebKit!RunLoop::RunLoopWndProc+0x58 [h:\cyghome\dev\webkit\opensource\webkit2\platform\win\runloopwin.cpp @ 38]
Attachments
Patch (2.98 KB, patch)
2010-10-27 11:44 PDT, Adam Roben (:aroben) 		andersca: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Adam Roben (:aroben)
Comment 1 2010-09-27 16:47:59 PDT
<rdar://problem/8484211>
Adam Roben (:aroben)
Comment 2 2010-10-27 08:04:48 PDT
The plugin starts out windowed (as all plugins do on Windows), but then sets itself to be windowless after the test starts running. We could fix the assertion by making platformDestroy destroy m_window if it exists regardless of the value of m_isWindowed. But maybe we should also be destroying the window when the plugin tells us it's becoming windowless?
Adam Roben (:aroben)
Comment 3 2010-10-27 09:02:31 PDT
(In reply to comment #2) > But maybe we should also be destroying the window when the plugin tells us it's becoming windowless? It looks like Firefox and Chrome don't do this, so we shouldn't either.
Adam Roben (:aroben)
Comment 4 2010-10-27 11:35:16 PDT
The windowless mode is being changed via plg.windowedPlugin = true. This was added in r66408 [1]. It seems like changing the windowed mode this was was a mistake, as on Windows you aren't allowed to change the windowed mode after NPP_New is called. A better solution would have been to add a windowless or wmode attribute to the plugin element. I've filed bug 48448 to cover this issue. 1. http://trac.webkit.org/changeset/66408
Adam Roben (:aroben)
Comment 5 2010-10-27 11:44:07 PDT
Created attachment 72064 [details] Patch
Adam Roben (:aroben)
Comment 6 2010-10-27 12:09:22 PDT
Committed r70685: <http://trac.webkit.org/changeset/70685>
WebKit Review Bot
Comment 7 2010-10-27 14:05:14 PDT
http://trac.webkit.org/changeset/70685 might have broken GTK Linux 64-bit Debug
Note You need to log in before you can comment on or make changes to this bug.