[Webkit-unassigned] [Bug 38478] [GTK] browser using webkit crashes on java pages with openjdk6 6.b18_1.8-1

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Sep 30 06:48:49 PDT 2010


https://bugs.webkit.org/show_bug.cgi?id=38478





--- Comment #2 from Gustavo Noronha (kov) <gns at gnome.org>  2010-09-30 06:48:49 PST ---
WebKitGTK+ also crashes for me in the following URL:

ttps://www2.bancobrasil.com.br/aapf/login.jsp?aapf.IDH=sim&perfil=1

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffd9998710 (LWP 9836)]
operator< (__first=..., __holeIndex=0, __value=<value optimized out>, 
    __topIndex=<value optimized out>) at ../WebCore/platform/Timer.cpp:108
108    ../WebCore/platform/Timer.cpp: No such file or directory.
    in ../WebCore/platform/Timer.cpp
(gdb) bt
#0  operator< (__first=..., __holeIndex=0, __value=<value optimized out>, 
    __topIndex=<value optimized out>) at ../WebCore/platform/Timer.cpp:108
#1  std::__push_heap<WebCore::TimerHeapIterator, int, WebCore::TimerHeapElement> (__first=..., 
    __holeIndex=0, __value=<value optimized out>, __topIndex=<value optimized out>)
    at /usr/include/c++/4.4/bits/stl_heap.h:134
#2  0x00007ffff4ed4e87 in push_heap<WebCore::TimerHeapIterator> (this=<value optimized out>)
    at /usr/include/c++/4.4/bits/stl_heap.h:169
#3  WebCore::TimerBase::heapDecreaseKey (this=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:228
#4  0x00007ffff4ed5121 in heapPop (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:268
#5  heapDelete (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:235
#6  WebCore::TimerBase::setNextFireTime (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:298
#7  0x00007ffff4e5fa98 in WebCore::DOMTimer::~DOMTimer (this=0x7ffff7f0d3c8, 
    __in_chrg=<value optimized out>) at ../WebCore/page/DOMTimer.cpp:83
#8  0x00007ffff54e6908 in WebCore::jsDOMWindowPrototypeFunctionClearTimeout (
    exec=0x7fffdad720b0, thisValue=..., args=...) at DerivedSources/JSDOMWindow.cpp:8624
#9  0x00007fffe46f01b4 in ?? ()
#10 0x00007fffdad72068 in ?? ()
#11 0x0000000000000001 in ?? ()
#12 0x0000000000000000 in ?? ()
(gdb) 30-Sep-2010 10:46:11 java.util.prefs.FileSystemPreferences syncWorld
WARNING: Couldn't flush system prefs: java.util.prefs.BackingStoreException: /etc/.java/.systemPrefs/390EB7D8 create failed.

Seems to be a problem with the timer being used after it got destroyed?


(gdb) bt full
#0  operator< (__first=..., __holeIndex=0, __value=<value optimized out>, 
    __topIndex=<value optimized out>) at ../WebCore/platform/Timer.cpp:108
        aFireTime = 1285854341.9096789
        bFireTime = <value optimized out>
#1  std::__push_heap<WebCore::TimerHeapIterator, int, WebCore::TimerHeapElement> (__first=..., 
    __holeIndex=0, __value=<value optimized out>, __topIndex=<value optimized out>)
    at /usr/include/c++/4.4/bits/stl_heap.h:134
No locals.
#2  0x00007ffff4ed4e87 in push_heap<WebCore::TimerHeapIterator> (this=<value optimized out>)
    at /usr/include/c++/4.4/bits/stl_heap.h:169
No locals.
#3  WebCore::TimerBase::heapDecreaseKey (this=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:228
No locals.
#4  0x00007ffff4ed5121 in heapPop (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:268
No locals.
#5  heapDelete (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:235
No locals.
#6  WebCore::TimerBase::setNextFireTime (this=0x7ffff7f0d3c8, newTime=<value optimized out>)
    at ../WebCore/platform/Timer.cpp:298
        currentHeapInsertionOrder = 92766
        oldTime = 1285854341.9096789
#7  0x00007ffff4e5fa98 in WebCore::DOMTimer::~DOMTimer (this=0x7ffff7f0d3c8, 
    __in_chrg=<value optimized out>) at ../WebCore/page/DOMTimer.cpp:83
No locals.
#8  0x00007ffff54e6908 in WebCore::jsDOMWindowPrototypeFunctionClearTimeout (
    exec=0x7fffdad720b0, thisValue=..., args=...) at DerivedSources/JSDOMWindow.cpp:8624
        castedThisObj = <value optimized out>
        imp = 0x7ffff7eb8dc0
        handle = 1

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.



More information about the webkit-unassigned mailing list