New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 753765 link

Starred by 1 user
Status: Fixed
Owner:
dtapu...@chromium.org
Closed: Nov 2017
Cc:
hdodda@chromium.org
dtapu...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

DCHECK is sometimes hit when the dropdown of an html select is closed

Reported by as...@opera.com, Aug 9 2017 
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36

Steps to reproduce the problem:
The problem is highly timing dependent and I did not manage to reproduce it in content_shell on chromium master. This is what triggers it in our integration: 

1. Start the integration and load the attached test case
2. Select TC5
3. Repeat steps 1 and 2 until the NOTREACHED DCHECK is hit...

What is the expected behavior?
No DCHECK hit

What went wrong?
When the dropdown closes after selection, sometimes an input event for that window arrives after the renderer view has been unregistered as a route in the input handler (InputMsg_MouseCaptureLost it looks like). This causes the newly added NOTREACHED in InputEventFilter::QueueClosureForMainThreadEventQueue to be hit.

Did this work before? Yes 

Chrome version: 61.0.3142.0  Channel: dev
OS Version: 
Flash Version: 

This is a regression from https://codereview.chromium.org/2765583002.

I would think that simply removing the NOTREACHED in InputEventFilter::QueueClosureForMainThreadEventQueue may be acceptable? Maybe also removing the message push since one may assume there is no longer a receiver when there is no route?
crash_on_input_in_dropdown.html
355 bytes View Download

Comment 1 by hdodda@chromium.org, Aug 10 2017

Cc: hdodda@chromium.org
Labels: TE-NeedsTriageHelp
@Adding TE-NeedsTriageHelp label , as TE cannot perform integration testing.

Thanks!

Comment 2 by as...@opera.com, Sep 21 2017

Cc: dtapu...@chromium.org

Comment 3 by dtapu...@chromium.org, Oct 5 2017

Components: Blink>Input
Owner: dtapu...@chromium.org
Status: Assigned (was: Unconfirmed)
Project Member

Comment 4 by bugdroid1@chromium.org, Nov 15 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ed24a1eef351b06559d4c4b831b2f9807f4f7d5f

commit ed24a1eef351b06559d4c4b831b2f9807f4f7d5f
Author: Dave Tapuska <dtapuska@chromium.org>
Date: Wed Nov 15 16:14:00 2017

Remove NOTREACHED in InputEventFilter

It is possible to reach the statement as this is largely dependant on
timing of events and when things are destroyed. Remove the NOTREACHED
which causes DCHECKS because the code correctly handles the situation.

BUG= 753765 

Change-Id: Ieeda4d3e85f27cd0608143c76e927687659574c1
Reviewed-on: https://chromium-review.googlesource.com/768620
Reviewed-by: David Bokan <bokan@chromium.org>
Commit-Queue: Dave Tapuska <dtapuska@chromium.org>
Cr-Commit-Position: refs/heads/master@{#516712}
[modify] https://crrev.com/ed24a1eef351b06559d4c4b831b2f9807f4f7d5f/content/renderer/input/input_event_filter.cc

Comment 5 by dtapu...@chromium.org, Nov 15 2017

Status: Fixed (was: Assigned)

Sign in to add a comment