[Webkit-unassigned] [Bug 21218] New: REGRESSION: Crash in Frame::prohibitsScrolling() when releasing a page from the back/forward cache

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Sep 29 12:59:04 PDT 2008 

https://bugs.webkit.org/show_bug.cgi?id=21218

           Summary: REGRESSION: Crash in Frame::prohibitsScrolling() when
                    releasing a page from the back/forward cache
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Keywords: PlatformOnly, NeedsRadar
          Severity: Major
          Priority: P1
         Component: Platform
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: mitz at webkit.org
                CC: hyatt at apple.com


Steps to reproduce:
1) Go to data:text/html,a
2) In the same window, go to data:text/html,b
3) Open a new tab
4) Close the tab in which you visited a and b
5) Wait (do not interact with Safari while waiting)

Backtrace:
>	WebKit_debug.dll!WebCore::Frame::prohibitsScrolling()  Line 1732 + 0x3 bytes	C++
        WebKit_debug.dll!WebCore::ScrollView::updateScrollbars(const
WebCore::IntSize & desiredOffset={...})  Line 270 + 0xf bytes      C++
       
WebKit_debug.dll!WebCore::ScrollView::setScrollbarModes(WebCore::ScrollbarMode
horizontalMode=ScrollbarAuto, WebCore::ScrollbarMode
verticalMode=ScrollbarAuto)  Line 76        C++
        WebKit_debug.dll!WebCore::FrameView::resetScrollbars()  Line 215       
C++
        WebKit_debug.dll!WebCore::FrameView::~FrameView()  Line 184     C++
        WebKit_debug.dll!WebCore::FrameView::`scalar deleting destructor'()  +
0x16 bytes       C++
        WebKit_debug.dll!WebCore::FrameView::deref()  Line 68 + 0x55 bytes     
C++
       
WebKit_debug.dll!WTF::RefPtr<WebCore::FrameView>::operator=(WebCore::FrameView
* optr=0x00000000)  Line 119     C++
        WebKit_debug.dll!WebCore::CachedPage::clear()  Line 169 C++
        WebKit_debug.dll!WebCore::PageCache::releaseAutoreleasedPagesNow() 
Line 167 + 0x16 bytes       C++
       
WebKit_debug.dll!WebCore::PageCache::releaseAutoreleasedPagesNowOrReschedule(WebCore::Timer<WebCore::PageCache>
* timer=0x0447e6b0)  Line 153   C++
        WebKit_debug.dll!WebCore::Timer<WebCore::PageCache>::fired()  Line 99 +
0x23 bytes      C++
        WebKit_debug.dll!WebCore::TimerBase::fireTimers(double
fireTime=1222718154.5365591, const WTF::Vector<WebCore::TimerBase *,0> &
firingTimers={...})  Line 347 + 0xf bytes       C++
        WebKit_debug.dll!WebCore::TimerBase::sharedTimerFired()  Line 368 +
0x12 bytes  C++
        WebKit_debug.dll!WebCore::TimerWindowWndProc(HWND__ * hWnd=0x00020676,
unsigned int message=0x0000c1bb, unsigned int wParam=0x00000000, long
lParam=0x00000000)  Line 102 + 0x8 bytes   C++

Note:
The Frame is null in the topmost stack frame.


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list