RESOLVED FIXED 101791
REGRESSION(r130643): ASSERTION FAILED:!isDeletedBucket(*(lookupForWriting(Extractor::extract(entry)).first)) when running DRT in debug mode 
https://bugs.webkit.org/show_bug.cgi?id=101791
Summary REGRESSION(r130643): ASSERTION FAILED:!isDeletedBucket(*(lookupForWriting(Ext...
Roger Fong
Reported 2012-11-09 13:33:08 PST
The problem occurs when calling WebKitCreateInstance. The associated hashtable tries to resize and the reinsert objects but one of the object's values is CLSID_NULL for some reason which indicates that it has been deleted already, and the !isDeletedBucket assertion fails. Here is the stack trace: > WebKit.dll!WTF::HashTable<_GUID,WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> >,WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> > >,CLSIDHash,WTF::HashMapValueTraits<CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >,CLSIDHashTraits>::reinsert(WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> > & entry={...}) Line 953 + 0x51 bytes C++ WebKit.dll!WTF::HashTable<_GUID,WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> >,WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> > >,CLSIDHash,WTF::HashMapValueTraits<CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >,CLSIDHashTraits>::rehash(int newTableSize=16) Line 1135 C++ WebKit.dll!WTF::HashTable<_GUID,WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> >,WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> > >,CLSIDHash,WTF::HashMapValueTraits<CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >,CLSIDHashTraits>::expand() Line 1107 C++ WebKit.dll!WTF::HashTable<_GUID,WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> >,WTF::KeyValuePairKeyExtractor<WTF::KeyValuePair<_GUID,COMPtr<IClassFactory> > >,CLSIDHash,WTF::HashMapValueTraits<CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >,CLSIDHashTraits>::add<WTF::HashMapTranslator<WTF::HashMapValueTraits<CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >,CLSIDHash>,_GUID,COMPtr<IClassFactory> >(const _GUID & key={...}, const COMPtr<IClassFactory> & extra={...}) Line 893 C++ WebKit.dll!WTF::HashMap<_GUID,COMPtr<IClassFactory>,CLSIDHash,CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >::inlineAdd(const _GUID & key={...}, const COMPtr<IClassFactory> & mapped={...}) Line 334 + 0x14 bytes C++ WebKit.dll!WTF::HashMap<_GUID,COMPtr<IClassFactory>,CLSIDHash,CLSIDHashTraits,WTF::HashTraits<COMPtr<IClassFactory> > >::add(const _GUID & key={...}, const COMPtr<IClassFactory> & mapped={...}) Line 361 + 0x14 bytes C++ WebKit.dll!classFactory(const _GUID & clsid={...}) Line 54 + 0x21 bytes C++ WebKit.dll!WebKitCreateInstance(const _GUID & rclsid={...}, IUnknown * pUnkOuter=0x00000000, const _GUID & riid={...}, void * * ppvObject=0x002efb64) Line 64 + 0xd bytes C++ DumpRenderTree.dll!dllLauncherEntryPoint(int argc=2, const char * * argv=0x00141ba0) Line 1392 + 0x1a bytes C++ DumpRenderTree.exe!main(int argc=2, const char * * argv=0x00141ba0) Line 206 + 0x10 bytes C++ DumpRenderTree.exe!__tmainCRTStartup() Line 597 + 0x17 bytes C Work around: Following http://trac.webkit.org/changeset/132302, by reverting the minimum hash table size back to 64 this problem can be avoided temporarily. As with the r132302 this will need a proper fix at some point.
Attachments
patch (1.40 KB, patch)
2012-11-09 13:42 PST, Roger Fong 		webkit.review.bot: commit-queue-
DetailsFormatted DiffDiff
patch (1.46 KB, patch)
2012-11-12 18:37 PST, Roger Fong 		darin: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Roger Fong
Comment 1 2012-11-09 13:42:02 PST
Created attachment 173356 [details] patch
WebKit Review Bot
Comment 2 2012-11-09 13:53:23 PST
Comment on attachment 173356 [details] patch Attachment 173356 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/14794079
Alexey Proskuryakov
Comment 3 2012-11-10 22:40:37 PST
This probably needs a FIXME, like r132302 had.
Roger Fong
Comment 4 2012-11-12 18:37:42 PST
Created attachment 173791 [details] patch added a FIXME
Darin Adler
Comment 5 2012-11-12 19:10:03 PST
Comment on attachment 173791 [details] patch View in context: https://bugs.webkit.org/attachment.cgi?id=173791&action=review > Source/WebKit/win/WebKitCOMAPI.cpp:47 > + // FIXME: This is a work around - https://bugs.webkit.org/show_bug.cgi?id=101791 We will need a real fix soon! Might be nicer if the FIXME made it clearer how this works around the bug. Typically we frown on putting bug URLs into the code.
Roger Fong
Comment 6 2012-11-13 22:54:36 PST
Commited http://trac.webkit.org/changeset/134472 with FIXME clarifications.
Eric Seidel (no email)
Comment 7 2013-01-04 00:53:12 PST
Attachment 173791 [details] was posted by a committer and has review+, assigning to Roger Fong for commit.
Note You need to log in before you can comment on or make changes to this bug.