[Webkit-unassigned] [Bug 44863] Renderer ASSERT failure in Chrome when using click-to-play

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=44863





--- Comment #2 from Bernhard Bauer <bauerb at chromium.org>  2010-08-30 08:55:15 PST ---
Stack trace to the point where root->m_normalChildNeedsLayout is set: 

#0  WebCore::RenderObject::markContainingBlocksForLayout (this=0x8eb2cdc, scheduleRelayout=true, newRoot=0x0) at RenderObject.h:967
#1  0x023446d3 in WebCore::RenderObject::setNeedsLayout (this=0x8eb2cdc, b=true, markParents=true) at RenderObject.h:886
#2  0x02315d7f in WebCore::RenderObject::setNeedsLayoutAndPrefWidthsRecalc (this=0x8eb2cdc) at RenderObject.h:467
#3  0x0230c934 in WebCore::RenderObject::styleDidChange (this=0x8eb2cdc, diff=WebCore::StyleDifferenceLayout, oldStyle=0x8d4b120) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderObject.cpp:1879
#4  0x022a6a3a in WebCore::RenderBoxModelObject::styleDidChange (this=0x8eb2cdc, diff=WebCore::StyleDifferenceLayout, oldStyle=0x8d4b120) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBoxModelObject.cpp:282
#5  0x0229c577 in WebCore::RenderBox::styleDidChange (this=0x8eb2cdc, diff=WebCore::StyleDifferenceLayout, oldStyle=0x8d4b120) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBox.cpp:168
#6  0x0226a34a in WebCore::RenderBlock::styleDidChange (this=0x8eb2cdc, diff=WebCore::StyleDifferenceLayout, oldStyle=0x8d4b120) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:233
#7  0x0230eb5a in WebCore::RenderObject::setStyle (this=0x8eb2cdc, style=@0xbfffa96c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderObject.cpp:1753
#8  0x0230c5f3 in WebCore::RenderObject::setAnimatableStyle (this=0x8eb2cdc, style=@0xbfffa99c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderObject.cpp:1679
#9  0x01e26e5b in WebCore::Node::setRenderStyle (this=0x8eb29e0, s=@0xbfffaa04) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Node.cpp:1436
#10 0x01e0ba46 in WebCore::Element::recalcStyle (this=0x8eb29e0, change=WebCore::Node::Force) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Element.cpp:935
#11 0x01dda1d8 in WebCore::Document::recalcStyle (this=0x9818200, change=WebCore::Node::Force) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Document.cpp:1447
#12 0x01dd9e9e in WebCore::Document::updateStyleIfNeeded (this=0x9818200) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Document.cpp:1491
#13 0x01ebf2ea in WebCore::SelectionController::updateAppearance (this=0x99376a4) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../editing/SelectionController.cpp:1437
#14 0x020ff917 in WebCore::FrameView::layout (this=0x98dbe00, allowSubtree=true) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:785
#15 0x0210046a in WebCore::FrameView::visibleContentsResized (this=0x98dbe00) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:1217
#16 0x02210e27 in WebCore::ScrollView::updateScrollbars (this=0x98dbe00, desiredOffset=@0x98dbe88) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/ScrollView.cpp:345
#17 0x02211a88 in WebCore::ScrollView::setFrameRect (this=0x98dbe00, newRect=@0xbfffae70) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/ScrollView.cpp:693
#18 0x02100e36 in WebCore::FrameView::setFrameRect (this=0x98dbe00, newRect=@0xbfffae70) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:338
#19 0x021462ca in WebCore::Widget::resize (this=0x98dbe00, w=640, h=360) at Widget.h:158
#20 0x01c3c222 in WebKit::WebViewImpl::resize (this=0x8eb1420, newSize=@0xbfffaf38) at /build/chromium/src/third_party/WebKit/WebKit/chromium/src/WebViewImpl.cpp:906
#21 0x01749e3b in WebViewPlugin::updateGeometry (this=0x8eb13d0, frame_rect=@0xbfffaf8c, clip_rect=@0xbfffaf7c, cut_out_rects=@0xbfffafd8, is_visible=false) at /build/chromium/src/webkit/support/../glue/plugins/webview_plugin.cc:121
#22 0x01c2c098 in WebKit::WebPluginContainerImpl::reportGeometry (this=0x8eb0b30) at /build/chromium/src/third_party/WebKit/WebKit/chromium/src/WebPluginContainerImpl.cpp:286
#23 0x01c2c7f4 in WebKit::WebPluginContainerImpl::setParent (this=0x8eb0b30, view=0x980e600) at /build/chromium/src/third_party/WebKit/WebKit/chromium/src/WebPluginContainerImpl.cpp:221
#24 0x02210a2f in WebCore::ScrollView::addChild (this=0x980e600, prpChild=@0xbfffb08c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/ScrollView.cpp:69
#25 0x0238df5b in WebCore::moveWidgetToParentSoon (child=0x8eb0b30, parent=0x980e600) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderWidget.cpp:90
#26 0x0238e1e7 in WebCore::RenderWidget::setWidget (this=0x8eaf45c, widget=@0xbfffb11c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderWidget.cpp:211
#27 0x023185f4 in WebCore::RenderPart::setWidget (this=0x8eaf45c, widget=@0xbfffb18c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderPart.cpp:50
#28 0x0209191c in WebCore::SubframeLoader::loadPlugin (this=0x90373a0, renderer=0x8eaf45c, url=@0xbfffb234, mimeType=@0xbfffb49c, paramNames=@0xbfffb420, paramValues=@0xbfffb414, useFallback=false) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/SubframeLoader.cpp:350
#29 0x020926f1 in WebCore::SubframeLoader::requestObject (this=0x90373a0, renderer=0x8eaf45c, url=@0xbfffb4a0, frameName=@0x3c26ae4, mimeType=@0xbfffb49c, paramNames=@0xbfffb420, paramValues=@0xbfffb414) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/SubframeLoader.cpp:129
#30 0x022b3634 in WebCore::RenderEmbeddedObject::updateWidget (this=0x8eaf45c, onlyCreateNonNetscapePlugins=false) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderEmbeddedObject.cpp:278
#31 0x020fcc7a in WebCore::FrameView::updateWidgets (this=0x980e600) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:1583
#32 0x020fcfc9 in WebCore::FrameView::performPostLayoutTasks (this=0x980e600) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:1613
#33 0x020ffb0c in WebCore::FrameView::layout (this=0x980e600, allowSubtree=true) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:826
#34 0x01dd9c6f in WebCore::Document::updateLayout (this=0x9815200) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Document.cpp:1523
#35 0x01ddba43 in WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0x9815200) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/Document.cpp:1554
#36 0x01f71391 in WebCore::HTMLEmbedElement::renderWidgetForJSBindings (this=0x8eadd50) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../html/HTMLEmbedElement.cpp:72
#37 0x01fa7802 in WebCore::HTMLPlugInElement::pluginWidget (this=0x8eadd50) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../html/HTMLPlugInElement.cpp:103
#38 0x01fa7d50 in WebCore::HTMLPlugInElement::getInstance (this=0x8eadd50) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../html/HTMLPlugInElement.cpp:95
#39 0x01c8f262 in WebCore::npObjectNamedGetter<WebCore::V8HTMLEmbedElement> (name={<v8::Handle<v8::String>> = {val_ = 0x9844c4c}, <No data fields>}, info=@0xbfffb8a8) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/custom/V8HTMLPlugInElementCustom.cpp:51
#40 0x01c8f346 in WebCore::V8HTMLEmbedElement::namedPropertyGetter (name={<v8::Handle<v8::String>> = {val_ = 0x9844c4c}, <No data fields>}, info=@0xbfffb8a8) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/custom/V8HTMLPlugInElementCustom.cpp:86
#41 0x013bac03 in v8::internal::JSObject::GetPropertyWithInterceptor (this=0x1804a8d5, receiver=0x1804a8d5, name=0xaf17a51, attributes=0xbfffb9cc) at /build/chromium/src/v8/tools/gyp/../../src/objects.cc:6780
#42 0x013bafe9 in v8::internal::Object::GetProperty (this=0x1804a8d5, receiver=0x1804a8d5, result=0xbfffb99c, name=0xaf17a51, attributes=0xbfffb9cc) at /build/chromium/src/v8/tools/gyp/../../src/objects.cc:505
#43 0x0136c26d in v8::internal::CallICBase::LoadFunction (this=0xbfffba28, state=v8::internal::UNINITIALIZED, object={location_ = 0xbfffba80}, name={location_ = 0xbfffba7c}) at /build/chromium/src/v8/tools/gyp/../../src/ic.cc:522
#44 0x0136c50d in v8::internal::CallIC_Miss (args={<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = 0xbfffba80}) at /build/chromium/src/v8/tools/gyp/../../src/ic.cc:1551
#45 0x0af200ae in ?? ()
#46 0x0af34280 in ?? ()
#47 0x16d9d3de in ?? ()
#48 0x16d9b86b in ?? ()
#49 0x16d8b2ee in ?? ()
#50 0x16d88489 in ?? ()
#51 0x16d890e3 in ?? ()
#52 0x19776a29 in ?? ()
#53 0x19774328 in ?? ()
#54 0x1976d591 in ?? ()
#55 0x1976d2de in ?? ()
#56 0x194fb8fd in ?? ()
#57 0x194f9c0a in ?? ()
#58 0x0af215df in ?? ()
#59 0x19495f09 in ?? ()
#60 0x0af215df in ?? ()
#61 0x0af2cbcc in ?? ()
#62 0x0c5e0e58 in ?? ()
#63 0x0af215df in ?? ()
#64 0x1977599d in ?? ()
#65 0x0af215df in ?? ()
#66 0x163745f1 in ?? ()
#67 0x16375d22 in ?? ()
#68 0x0af215df in ?? ()
#69 0x0af2cbcc in ?? ()
#70 0x0c5e0e58 in ?? ()
#71 0x0af215df in ?? ()
#72 0x0af2f291 in ?? ()
#73 0x0af20fe2 in ?? ()
#74 0x0131c409 in v8::internal::Invoke (construct=false, func={location_ = 0x9844c2c}, receiver={location_ = 0x9844c30}, argc=1, args=0xbfffc080, has_pending_exception=0xbfffbfbf) at /build/chromium/src/v8/tools/gyp/../../src/execution.cc:94
#75 0x0131c915 in v8::internal::Execution::Call (func={location_ = 0x9844c2c}, receiver={location_ = 0x9844c30}, argc=1, args=0xbfffc080, pending_exception=0xbfffbfbf) at /build/chromium/src/v8/tools/gyp/../../src/execution.cc:121
#76 0x012c800b in v8::Function::Call (this=0x9844c2c, recv={val_ = 0x9844c30}, argc=1, argv=0xbfffc080) at /build/chromium/src/v8/tools/gyp/../../src/api.cc:2795
#77 0x01cd783a in WebCore::V8Proxy::callFunction (this=0x8d1c3f0, function={val_ = 0x9844c2c}, receiver={val_ = 0x9844c30}, argc=1, args=0xbfffc080) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/V8Proxy.cpp:525
#78 0x01c8231b in WebCore::V8EventListener::callListenerFunction (this=0x8e8baf0, context=0x9815238, jsEvent={val_ = 0x9844c10}, event=0x8e96630) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/custom/V8CustomEventListener.cpp:75
#79 0x01cbc87e in WebCore::V8AbstractEventListener::invokeEventHandler (this=0x8e8baf0, context=0x9815238, event=0x8e96630, jsEvent={val_ = 0x9844c10}) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/V8AbstractEventListener.cpp:151
#80 0x01cbcd95 in WebCore::V8AbstractEventListener::handleEvent (this=0x8e8baf0, context=0x9815238, event=0x8e96630) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../bindings/v8/V8AbstractEventListener.cpp:94
#81 0x01e142c6 in WebCore::EventTarget::fireEventListeners (this=0x9819200, event=0x8e96630, d=0x9819458, entry=@0x8e8bda0) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/EventTarget.cpp:339
#82 0x01e14962 in WebCore::EventTarget::fireEventListeners (this=0x9819200, event=0x8e96630) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/EventTarget.cpp:300
#83 0x01e14af2 in WebCore::EventTarget::dispatchEvent (this=0x9819200, event=@0xbfffc28c) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../dom/EventTarget.cpp:286
#84 0x024e7942 in WebCore::XMLHttpRequestProgressEventThrottle::dispatchEvent (this=0x98194b8, event=@0xbfffc2e0, progressEventAction=WebCore::FlushProgressEvent) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../xml/XMLHttpRequestProgressEventThrottle.cpp:81
#85 0x024e3fcd in WebCore::XMLHttpRequest::callReadyStateChangeListener (this=0x9819200) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../xml/XMLHttpRequest.cpp:287
#86 0x024e41c3 in WebCore::XMLHttpRequest::changeState (this=0x9819200, newState=WebCore::XMLHttpRequest::DONE) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../xml/XMLHttpRequest.cpp:270
#87 0x024e47cb in WebCore::XMLHttpRequest::didFinishLoading (this=0x9819200, identifier=92) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../xml/XMLHttpRequest.cpp:913
#88 0x02058e41 in WebCore::DocumentThreadableLoader::didFinishLoading (this=0x8e8bde0, identifier=92) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/DocumentThreadableLoader.cpp:245
#89 0x0205956b in WebCore::DocumentThreadableLoader::didFinishLoading (this=0x8e8bde0, loader=0x9919400) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/DocumentThreadableLoader.cpp:235
#90 0x02093508 in WebCore::SubresourceLoader::didFinishLoading (this=0x9919400) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/SubresourceLoader.cpp:183
#91 0x0208e526 in WebCore::ResourceLoader::didFinishLoading (this=0x9919400) at /build/chromium/src/third_party/WebKit/WebCore/WebCore.gyp/../loader/ResourceLoader.cpp:444
#92 0x01bead40 in WebCore::ResourceHandleInternal::didFinishLoading (this=0x8e8c4c0) at /build/chromium/src/third_party/WebKit/WebKit/chromium/src/ResourceHandle.cpp:191
#93 0x01788919 in webkit_glue::WebURLLoaderImpl::Context::OnCompletedRequest (this=0x8e8c400, status=@0xbfffc634, security_info=@0xbfffc63c) at /build/chromium/src/webkit/support/../glue/weburlloader_impl.cc:614
#94 0x000f3561 in ResourceDispatcher::OnRequestComplete (this=0xab05790, request_id=92, status=@0xbfffc634, security_info=@0xbfffc63c) at /build/chromium/src/chrome/common/resource_dispatcher.cc:471
#95 0x000f50ce in DispatchToMethod<ResourceDispatcher, void (ResourceDispatcher::*)(int, URLRequestStatus const&, std::string const&), int, URLRequestStatus, std::string> (obj=0xab05790, method={__pfn = 0xf33fc <ResourceDispatcher::OnRequestComplete(int, URLRequestStatus const&, std::string const&)>, __delta = 0}, arg=@0xbfffc630) at tuple.h:560
#96 0x000f7578 in IPC::MessageWithTuple<Tuple3<int, URLRequestStatus, std::string> >::Dispatch<ResourceDispatcher, void (ResourceDispatcher::*)(int, URLRequestStatus const&, std::string const&)> (msg=0xa9083fc, obj=0xab05790, func={__pfn = 0xf33fc <ResourceDispatcher::OnRequestComplete(int, URLRequestStatus const&, std::string const&)>, __delta = 0}) at ipc_message_utils.h:944
#97 0x000f2d55 in ResourceDispatcher::DispatchMessage (this=0xab05790, message=@0xa9083fc) at /build/chromium/src/chrome/common/resource_dispatcher.cc:540
#98 0x000f4001 in ResourceDispatcher::OnMessageReceived (this=0xab05790, message=@0xa9083fc) at /build/chromium/src/chrome/common/resource_dispatcher.cc:306
#99 0x0011e312 in ChildThread::OnMessageReceived (this=0xab05c64, msg=@0xa9083fc) at /build/chromium/src/chrome/common/child_thread.cc:139
#100 0x0167d880 in IPC::ChannelProxy::Context::OnDispatchMessage (this=0xab05430, message=@0xa9083fc) at /build/chromium/src/ipc/ipc_channel_proxy.cc:206
#101 0x0167e87e in DispatchToMethod<IPC::ChannelProxy::Context, void (IPC::ChannelProxy::Context::*)(IPC::Message const&), IPC::Message> (obj=0xab05430, method={__pfn = 0x167d7f0 <IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&)>, __delta = 0}, arg=@0xa9083fc) at tuple.h:547
#102 0x0167e8b9 in RunnableMethod<IPC::ChannelProxy::Context, void (IPC::ChannelProxy::Context::*)(IPC::Message const&), Tuple1<IPC::Message> >::Run (this=0xa9083e0) at task.h:327
#103 0x00bdef81 in MessageLoop::RunTask (this=0xbfffe584, task=0xa9083e0) at /build/chromium/src/base/message_loop.cc:408
#104 0x00bdf031 in MessageLoop::DeferOrRunPendingTask (this=0xbfffe584, pending_task=@0xbfffcd1c) at /build/chromium/src/base/message_loop.cc:417
#105 0x00bdf2c1 in MessageLoop::DoWork (this=0xbfffe584) at /build/chromium/src/base/message_loop.cc:524
#106 0x00c404ca in base::MessagePumpCFRunLoopBase::RunWork (this=0xae00d20) at /build/chromium/src/base/message_pump_mac.mm:291
#107 0x00c4050f in base::MessagePumpCFRunLoopBase::RunWorkSource (info=0xae00d20) at /build/chromium/src/base/message_pump_mac.mm:269
#108 0x967a5f91 in __CFRunLoopDoSources0 ()
#109 0x967a3bbf in __CFRunLoopRun ()
#110 0x967a3094 in CFRunLoopRunSpecific ()
#111 0x967a2ec1 in CFRunLoopRunInMode ()
#112 0x97cd2f9c in RunCurrentEventLoopInMode ()
#113 0x97cd2d51 in ReceiveNextEventCommon ()
#114 0x97cd2bd6 in BlockUntilNextEventMatchingListInMode ()
#115 0x95cf7a89 in _DPSNextEvent ()
#116 0x95cf72ca in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#117 0x95cb955b in -[NSApplication run] ()
#118 0x00c4000c in base::MessagePumpNSApplication::DoRun (this=0xae00d20, delegate=0xbfffe584) at /build/chromium/src/base/message_pump_mac.mm:677
#119 0x00c405fb in base::MessagePumpCFRunLoopBase::Run (this=0xae00d20, delegate=0xbfffe584) at /build/chromium/src/base/message_pump_mac.mm:213
#120 0x00bdfacc in MessageLoop::RunInternal (this=0xbfffe584) at /build/chromium/src/base/message_loop.cc:256
#121 0x00bdfae7 in MessageLoop::RunHandler (this=0xbfffe584) at /build/chromium/src/base/message_loop.cc:228
#122 0x00bdfb4b in MessageLoop::Run (this=0xbfffe584) at /build/chromium/src/base/message_loop.cc:206
#123 0x00b33484 in RendererMain (parameters=@0xbfffeffc) at /build/chromium/src/chrome/renderer/renderer_main.cc:294
#124 0x00008f44 in ChromeMain (argc=7, argv=0xbffff190) at /build/chromium/src/chrome/app/chrome_dll_main.cc:807
#125 0x00001f52 in main (argc=7, argv=0xbffff190) at /build/chromium/src/chrome/app/chrome_exe_main.mm:16

The stack trace for the failing ASSERT is pretty much the same, starting at frame 14, in FrameView.cpp:805, so I'm not repeating it here.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.