[Webkit-unassigned] [Bug 36412] New: [GTK] Crashes reproducibly in www.formula1.com with Adobe's Flash plugin
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Mar 20 06:49:42 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=36412
Summary: [GTK] Crashes reproducibly in www.formula1.com with
Adobe's Flash plugin
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: NEW
Keywords: Gtk
Severity: Normal
Priority: P2
Component: Plug-ins
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: gns at gnome.org
Here's the backtrace:
#0 0x00007ffff1d8af45 in *__GI_raise (sig=<value optimized out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff1d8dd80 in *__GI_abort () at abort.c:88
#2 0x00007ffff2814a4a in g_logv () from /lib/libglib-2.0.so.0
#3 0x00007ffff2814ad3 in g_log () from /lib/libglib-2.0.so.0
#4 0x00007ffff3addda2 in ?? () from /usr/lib/libgdk-x11-2.0.so.0
#5 0x00007ffff72abb3c in _XError () from /usr/lib/libX11.so.6
#6 0x00007ffff72b2edc in ?? () from /usr/lib/libX11.so.6
#7 0x00007ffff72b3580 in _XReply () from /usr/lib/libX11.so.6
#8 0x00007ffff72a70d3 in XSync () from /usr/lib/libX11.so.6
#9 0x00007ffff517da3c in WebCore::PluginView::updatePluginWidget (
this=0x7fffd4d02000) at ../WebCore/plugins/gtk/PluginViewGtk.cpp:144
#10 0x00007ffff4f416ec in WebCore::PluginView::setFrameRect (
this=0x7fffd4d02000, rect=...) at ../WebCore/plugins/PluginView.cpp:135
#11 0x00007ffff4ffaff9 in WebCore::RenderWidget::setWidgetGeometry (
this=0x7fffd4c5f040, frame=...)
at ../WebCore/rendering/RenderWidget.cpp:159
#12 0x00007ffff4ffb1c5 in WebCore::RenderWidget::updateWidgetPosition (
this=0x7fffd4c5f040) at ../WebCore/rendering/RenderWidget.cpp:317
#13 0x00007ffff4ff6e6d in WebCore::RenderView::updateWidgetPositions (
this=0x7fffe36f8420) at ../WebCore/rendering/RenderView.cpp:543
#14 0x00007ffff4ea0095 in WebCore::FrameView::performPostLayoutTasks (
this=0x7fffe36c6a00) at ../WebCore/page/FrameView.cpp:1490
#15 0x00007ffff4ea1fd6 in WebCore::FrameView::layout (this=0x7fffe36c6a00,
allowSubtree=<value optimized out>) at ../WebCore/page/FrameView.cpp:751
#16 0x00007ffff4c9f468 in
WebCore::Document::updateLayoutIgnorePendingStylesheets (this=0x7fffe3791c00)
at ../WebCore/dom/Document.cpp:1460
#17 0x00007ffff4db5b8d in WebCore::HTMLObjectElement::renderWidgetForJSBindings
(this=0x7fffd503dea0) at ../WebCore/html/HTMLObjectElement.cpp:64
#18 0x00007ffff4dc15f4 in WebCore::HTMLPlugInElement::getInstance (this=0x243b)
at ../WebCore/html/HTMLPlugInElement.cpp:84
#19 0x00007ffff4bcce8b in WebCore::pluginInstance (node=<value optimized out>)
at ../WebCore/bindings/js/JSPluginElementFunctions.cpp:46
#20 0x00007ffff4bccfac in getRuntimeObject (exec=0x7fffe0a952a8, node=0x243b)
at ../WebCore/bindings/js/JSPluginElementFunctions.cpp:54
#21 0x00007ffff4bcd1ad in WebCore::runtimeObjectCustomGetOwnPropertySlot (
exec=0x243b, propertyName=..., slot=..., element=0xffffffffffffffff)
at ../WebCore/bindings/js/JSPluginElementFunctions.cpp:72
#22 0x00007ffff54a2f29 in WebCore::JSHTMLObjectElement::getOwnPropertySlot (
this=0x243b, exec=0x243b, propertyName=..., slot=...)
at DerivedSources/JSHTMLObjectElement.cpp:173
#23 0x00007ffff5266d1e in JSC::JSValue::get(JSC::ExecState*, JSC::Identifier
const&, JSC::PropertySlot&) const () from /usr/lib/libwebkit-1.0.so.2
#24 0x00007ffff52600e4 in cti_op_get_by_id (args=<value optimized out>)
at ../JavaScriptCore/jit/JITStubs.cpp:1291
#25 0x00007fffd502213f in ?? ()
#26 0x0000000000000002 in ?? ()
#27 0x00007fffd06418c0 in ?? ()
#28 0x00007fffd4e83e88 in ?? ()
#29 0x00007fff00000002 in ?? ()
#30 0x0000000000000019 in ?? ()
#31 0x00007ffff5366e27 in WTF::TCMalloc_ThreadCache::GetThreadHeap (
ptr=0x7fffffffa630) at ../JavaScriptCore/wtf/FastMalloc.cpp:2942
#32 WTF::TCMalloc_ThreadCache::GetCacheIfPresent (ptr=0x7fffffffa630)
at ../JavaScriptCore/wtf/FastMalloc.cpp:2962
#33 do_free (ptr=0x7fffffffa630) at ../JavaScriptCore/wtf/FastMalloc.cpp:3534
#34 WTF::fastFree (ptr=0x7fffffffa630)
at ../JavaScriptCore/wtf/FastMalloc.cpp:3735
#35 0x00007ffff526da80 in JSC::JITCode::execute (this=0x7fffe36aa1b8,
program=0x7fffe377fc30, callFrame=0x7fffe0a95048,
scopeChain=0x7fffd073a370, thisObj=<value optimized out>,
exception=<value optimized out>) at ../JavaScriptCore/jit/JITCode.h:77
#36 JSC::Interpreter::execute (this=0x7fffe36aa1b8, program=0x7fffe377fc30,
callFrame=0x7fffe0a95048, scopeChain=0x7fffd073a370,
thisObj=<value optimized out>, exception=<value optimized out>)
at ../JavaScriptCore/interpreter/Interpreter.cpp:621
#37 0x00007ffff531f13d in JSC::evaluate (exec=0x7fffe36c9088, scopeChain=...,
source=<value optimized out>, thisValue=...)
at ../JavaScriptCore/runtime/Completion.cpp:62
#38 0x00007ffff4bf9748 in _NPN_Evaluate (instance=<value optimized out>,
o=<value optimized out>, s=<value optimized out>, variant=0x7fffffffa830)
at ../WebCore/bridge/NP_jsobject.cpp:278
#39 0x00007fffd6a37f4a in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#40 0x00007fffd6a3b215 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#41 0x00007fffd6bd2842 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#42 0x00007fffd6d41961 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#43 0x00007fffd6c5e08c in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#44 0x00007fffd6d08ba5 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#45 0x00007fffd6daf6d0 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#46 0x00007fffd6a36a18 in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#47 0x00007fffd6a3852c in ?? ()
from /usr/lib/flashplugin-nonfree/libflashplayer.so
#48 0x00007ffff4f3d493 in WebCore::PluginStream::destroyStream (
this=0x7fffe3761580) at ../WebCore/plugins/PluginStream.cpp:273
#49 0x00007ffff4f3d7e3 in WebCore::PluginStream::didFinishLoading (
this=0x7fffe3761580, loader=<value optimized out>)
at ../WebCore/plugins/PluginStream.cpp:461
#50 0x00007ffff4e525c5 in WebCore::NetscapePlugInStreamLoader::didFinishLoading
(this=0x7fffd4c6e000)
at ../WebCore/loader/NetscapePlugInStreamLoader.cpp:103
#51 0x00007ffff51b33b6 in finishedCallback (session=<value optimized out>,
msg=0x11b7ab0, data=<value optimized out>)
at ../WebCore/platform/network/soup/ResourceHandleSoup.cpp:326
#52 0x00007ffff3d66aad in final_finished (req=0x11b7ab0,
user_data=<value optimized out>) at soup-session-async.c:384
#53 0x00007ffff2ea944e in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#54 0x00007ffff2ebdb00 in ?? () from /usr/lib/libgobject-2.0.so.0
#55 0x00007ffff2ebe8cf in g_signal_emit_valist ()
from /usr/lib/libgobject-2.0.so.0
#56 0x00007ffff2ebedd3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#57 0x00007ffff3d5cb0f in soup_message_io_finished (msg=0x11b7ab0)
at soup-message-io.c:177
#58 0x00007ffff2ea944e in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#59 0x00007ffff2ebd513 in ?? () from /usr/lib/libgobject-2.0.so.0
#60 0x00007ffff2ebe8cf in g_signal_emit_valist ()
from /usr/lib/libgobject-2.0.so.0
#61 0x00007ffff2ebedd3 in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#62 0x00007ffff3d68b91 in socket_read_watch (chan=<value optimized out>,
cond=0, user_data=<value optimized out>) at soup-socket.c:1245
#63 0x00007ffff280a90e in g_main_context_dispatch () from /lib/libglib-2.0.so.0
#64 0x00007ffff280e2c8 in ?? () from /lib/libglib-2.0.so.0
#65 0x00007ffff280e725 in g_main_loop_run () from /lib/libglib-2.0.so.0
#66 0x00007ffff40d69e7 in gtk_main () from /usr/lib/libgtk-x11-2.0.so.0
#67 0x0000000000435193 in main (argc=1, argv=0x7fffffffdce8)
at /tmp/buildd/epiphany-browser-2.29.91/src/ephy-main.c:741
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list