RESOLVED FIXED31027
CRASH: Rehashing of EventListenerMap leads to loss of EventListenerList. 
https://bugs.webkit.org/show_bug.cgi?id=31027
Summary CRASH: Rehashing of EventListenerMap leads to loss of EventListenerList.
Dimitri Glazkov (Google)
Reported 2009-11-02 12:34:58 PST
:( .. which in turn ruins our brand new no-copy scheme. Have a layout test. Coming up in a sec.
Attachments
Layout Test/Reduction (1.66 KB, patch)
2009-11-02 12:37 PST, Dimitri Glazkov (Google) 		no flags
DetailsFormatted DiffDiff
patch: proposed fix (7.10 KB, patch)
2009-11-03 05:43 PST, Vitaly Repeshko 		no flags
DetailsFormatted DiffDiff
patch: proposed fix v2 (6.82 KB, patch)
2009-11-03 06:46 PST, Vitaly Repeshko 		no flags
DetailsFormatted DiffDiff
patch: proposed fix v3 (now includes the test) (8.97 KB, patch)
2009-11-03 11:54 PST, Vitaly Repeshko 		ggaren: review+
DetailsFormatted DiffDiff
patch: proposed fix v4 (8.96 KB, patch)
2009-11-04 22:00 PST, Vitaly Repeshko 		dglazkov: review-
DetailsFormatted DiffDiff
patch: proposed fix v5 (9.57 KB, patch)
2009-11-05 11:51 PST, Vitaly Repeshko 		dglazkov: review+
DetailsFormatted DiffDiff
Show Obsolete (4) View All Add attachment proposed patch, testcase, etc.
Dimitri Glazkov (Google)
Comment 1 2009-11-02 12:37:47 PST
Created attachment 42338 [details] Layout Test/Reduction
Geoffrey Garen
Comment 2 2009-11-02 13:49:08 PST
I guess we need to store a pointer to a vector, instead of a vector, in the event target's hash table.
Geoffrey Garen
Comment 3 2009-11-02 13:53:35 PST
<rdar://problem/7358150>
Dimitri Glazkov (Google)
Comment 4 2009-11-02 14:05:45 PST
Just to avoid double-work... Geoffrey, are you working on this or am I :)?
Dimitri Glazkov (Google)
Comment 5 2009-11-02 14:18:44 PST
Vitaly wins the straw poll!
Vitaly Repeshko
Comment 6 2009-11-03 05:43:22 PST
Created attachment 42371 [details] patch: proposed fix
Vitaly Repeshko
Comment 7 2009-11-03 06:46:21 PST
Created attachment 42376 [details] patch: proposed fix v2
Dimitri Glazkov (Google)
Comment 8 2009-11-03 09:43:53 PST
You probably need to also include my test in your patch.
Vitaly Repeshko
Comment 9 2009-11-03 11:54:24 PST
Created attachment 42402 [details] patch: proposed fix v3 (now includes the test)
Darin Adler
Comment 10 2009-11-03 15:56:01 PST
I think Geoff should review this.
Geoffrey Garen
Comment 11 2009-11-04 14:56:43 PST
Comment on attachment 42402 [details] patch: proposed fix v3 (now includes the test) r=me Please update your ChangeLogs to match the title of this bug.
Vitaly Repeshko
Comment 12 2009-11-04 22:00:28 PST
Created attachment 42546 [details] patch: proposed fix v4
Vitaly Repeshko
Comment 13 2009-11-04 22:00:53 PST
(In reply to comment #11) > (From update of attachment 42402 [details]) > r=me > > Please update your ChangeLogs to match the title of this bug. Done.
Dimitri Glazkov (Google)
Comment 14 2009-11-04 22:16:08 PST
Comment on attachment 42546 [details] patch: proposed fix v4 great!
Dimitri Glazkov (Google)
Comment 15 2009-11-05 10:47:54 PST
Comment on attachment 42546 [details] patch: proposed fix v4 Also needs to build with USE(JSC) == 1.
Vitaly Repeshko
Comment 16 2009-11-05 11:51:40 PST
Created attachment 42583 [details] patch: proposed fix v5
Vitaly Repeshko
Comment 17 2009-11-05 11:52:40 PST
(In reply to comment #15) > (From update of attachment 42546 [details]) > Also needs to build with USE(JSC) == 1. Oops. Done.
Dimitri Glazkov (Google)
Comment 18 2009-11-05 11:55:42 PST
Comment on attachment 42583 [details] patch: proposed fix v5 r=Geof and me.
Dimitri Glazkov (Google)
Comment 19 2009-11-05 12:11:01 PST
Landed as http://trac.webkit.org/changeset/50573.
Note You need to log in before you can comment on or make changes to this bug.