Bug 46673 - Assertion failure in NetscapePlugin::platformDestroy when running plugins/mouse-events.html in WebKit2 on Windows
Summary: Assertion failure in NetscapePlugin::platformDestroy when running plugins/mou...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Plug-ins (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC Windows XP
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar, LayoutTestFailure, PlatformOnly
Depends on:
Blocks:
 
Reported: 2010-09-27 16:46 PDT by Adam Roben (:aroben)
Modified: 2010-10-27 14:05 PDT (History)
5 users (show)

See Also:


Attachments
Patch (2.98 KB, patch)
2010-10-27 11:44 PDT, Adam Roben (:aroben)
andersca: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Roben (:aroben) 2010-09-27 16:46:56 PDT
To reproduce:

1. run-webkit-tests -2 plugins/mouse-events.html

You'll hit an assertion failure in NetscapePlugin::platformDestroy:

if (!m_isWindowed) {
    ASSERT(!m_window);
    return;
}

Here's the backtrace:

WebKit!WebKit::NetscapePlugin::platformDestroy+0x42 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\netscape\win\netscapepluginwin.cpp @ 82]
WebKit!WebKit::NetscapePlugin::destroy+0x86 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\netscape\netscapeplugin.cpp @ 379]
WebKit!WebKit::PluginView::~PluginView+0x18e [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\plugins\pluginview.cpp @ 271]
WebKit!WebKit::PluginView::`scalar deleting destructor'+0x16
WebKit!WTF::RefCounted<WebCore::Widget>::deref+0x67 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\refcounted.h @ 139]
WebKit!WTF::derefIfNotNull<WebCore::Widget>+0x14 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\passrefptr.h @ 59]
WebKit!WTF::RefPtr<WebCore::Widget>::~RefPtr<WebCore::Widget>+0x19 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\refptr.h @ 58]
WebKit!std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>::~pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>+0x16
WebKit!std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>::`scalar deleting destructor'+0x16
WebKit!WTF::HashTable<WTF::RefPtr<WebCore::Widget>,std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCor
bCore::Widget> >,WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::dealloc
clude\private\javascriptcore\hashtable.h @ 892]
WebKit!WTF::HashTable<WTF::RefPtr<WebCore::Widget>,std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCor
bCore::Widget> >,WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::~HashTa
F::RefPtr<WebCore::Widget>,WebCore::FrameView *>,WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *> >,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,W
r<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >+0x28 [h:\cyghome\dev\build_webkit\include\private\javascriptcore\hashta
WebKit!WTF::HashMap<WTF::RefPtr<WebCore::Widget>,WebCore::FrameView *,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebC
Core::Widget>,WebCore::FrameView *,WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >,WTF::HashTraits<WebCore::FrameView *> >+0x16
WebKit!WebCore::RenderWidget::resumeWidgetHierarchyUpdates+0x137 [h:\cyghome\dev\webkit\opensource\webcore\rendering\renderwidget.cpp @ 83]
WebKit!WebCore::Element::detach+0x46 [h:\cyghome\dev\webkit\opensource\webcore\dom\element.cpp @ 868]
WebKit!WebCore::ContainerNode::detach+0x46 [h:\cyghome\dev\webkit\opensource\webcore\dom\containernode.cpp @ 717]
WebKit!WebCore::Document::detach+0x151 [h:\cyghome\dev\webkit\opensource\webcore\dom\document.cpp @ 1742]
WebKit!WebCore::Frame::setView+0xbd [h:\cyghome\dev\webkit\opensource\webcore\page\frame.cpp @ 255]
WebKit!WebCore::Frame::createView+0x100 [h:\cyghome\dev\webkit\opensource\webcore\page\frame.cpp @ 811]
WebKit!WebKit::WebFrameLoaderClient::transitionToCommittedForNewPage+0x65 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webcoresupport\webframeloaderclient.cpp @ 930]
WebKit!WebCore::FrameLoader::transitionToCommitted+0x400 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 1988]
WebKit!WebCore::FrameLoader::commitProvisionalLoad+0x263 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 1845]
WebKit!WebCore::DocumentLoader::commitIfReady+0x43 [h:\cyghome\dev\webkit\opensource\webcore\loader\documentloader.cpp @ 263]
WebKit!WebCore::DocumentLoader::finishedLoading+0x29 [h:\cyghome\dev\webkit\opensource\webcore\loader\documentloader.cpp @ 269]
WebKit!WebCore::FrameLoader::finishedLoading+0x55 [h:\cyghome\dev\webkit\opensource\webcore\loader\frameloader.cpp @ 2157]
WebKit!WebCore::MainResourceLoader::didFinishLoading+0xc1 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 442]
WebKit!WebCore::MainResourceLoader::continueAfterContentPolicy+0x488 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 280]
WebKit!WebCore::MainResourceLoader::continueAfterContentPolicy+0x97 [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 295]
WebKit!WebCore::MainResourceLoader::callContinueAfterContentPolicy+0xf [h:\cyghome\dev\webkit\opensource\webcore\loader\mainresourceloader.cpp @ 287]
WebKit!WebCore::PolicyCallback::call+0xf6 [h:\cyghome\dev\webkit\opensource\webcore\loader\policycallback.cpp @ 112]
WebKit!WebCore::PolicyChecker::continueAfterContentPolicy+0x4d [h:\cyghome\dev\webkit\opensource\webcore\loader\policychecker.cpp @ 188]
WebKit!WebKit::WebFrame::didReceivePolicyDecision+0xd2 [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webframe.cpp @ 185]
WebKit!WebKit::WebPage::didReceivePolicyDecision+0x4a [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webpage.cpp @ 578]
WebKit!CoreIPC::handleMessage<Messages::WebPage::DidReceivePolicyDecision,WebKit::WebPage,unsigned __int64,unsigned __int64,unsigned int>+0x75 [h:\cyghome\dev\webkit\opensource\webk
WebKit!WebKit::WebPage::didReceiveWebPageMessage+0x2f8 [h:\cyghome\dev\build_webkit\obj\webkit\derivedsources\webpagemessagereceiver.cpp @ 92]
WebKit!WebKit::WebPage::didReceiveMessage+0xba [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webpage\webpage.cpp @ 784]
WebKit!WebKit::WebProcess::didReceiveMessage+0x38e [h:\cyghome\dev\webkit\opensource\webkit2\webprocess\webprocess.cpp @ 350]
WebKit!CoreIPC::Connection::dispatchMessages+0x246 [h:\cyghome\dev\webkit\opensource\webkit2\platform\coreipc\connection.cpp @ 278]
WebKit!MemberFunctionWorkItem0<CoreIPC::Connection>::execute+0x1f [h:\cyghome\dev\webkit\opensource\webkit2\platform\workitem.h @ 74]
WebKit!RunLoop::performWork+0x97 [h:\cyghome\dev\webkit\opensource\webkit2\platform\runloop.cpp @ 62]
WebKit!RunLoop::wndProc+0x3a [h:\cyghome\dev\webkit\opensource\webkit2\platform\win\runloopwin.cpp @ 56]
WebKit!RunLoop::RunLoopWndProc+0x58 [h:\cyghome\dev\webkit\opensource\webkit2\platform\win\runloopwin.cpp @ 38]
Comment 1 Adam Roben (:aroben) 2010-09-27 16:47:59 PDT
<rdar://problem/8484211>
Comment 2 Adam Roben (:aroben) 2010-10-27 08:04:48 PDT
The plugin starts out windowed (as all plugins do on Windows), but then sets itself to be windowless after the test starts running.

We could fix the assertion by making platformDestroy destroy m_window if it exists regardless of the value of m_isWindowed. But maybe we should also be destroying the window when the plugin tells us it's becoming windowless?
Comment 3 Adam Roben (:aroben) 2010-10-27 09:02:31 PDT
(In reply to comment #2)
> But maybe we should also be destroying the window when the plugin tells us it's becoming windowless?

It looks like Firefox and Chrome don't do this, so we shouldn't either.
Comment 4 Adam Roben (:aroben) 2010-10-27 11:35:16 PDT
The windowless mode is being changed via plg.windowedPlugin = true. This was added in r66408 [1]. It seems like changing the windowed mode this was was a mistake, as on Windows you aren't allowed to change the windowed mode after NPP_New is called. A better solution would have been to add a windowless or wmode attribute to the plugin element. I've filed bug 48448 to cover this issue.

1. http://trac.webkit.org/changeset/66408
Comment 5 Adam Roben (:aroben) 2010-10-27 11:44:07 PDT
Created attachment 72064 [details]
Patch
Comment 6 Adam Roben (:aroben) 2010-10-27 12:09:22 PDT
Committed r70685: <http://trac.webkit.org/changeset/70685>
Comment 7 WebKit Review Bot 2010-10-27 14:05:14 PDT
http://trac.webkit.org/changeset/70685 might have broken GTK Linux 64-bit Debug