[Webkit-unassigned] [Bug 66082] New: Assertion fails in Chrome print preview after webkit revision 92813 (chromium revision 96355)

Thu Aug 11 12:04:23 PDT 2011

https://bugs.webkit.org/show_bug.cgi?id=66082

           Summary: Assertion fails in Chrome print preview after webkit
                    revision 92813 (chromium revision 96355)
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: dpapad at chromium.org
                CC: abarth at webkit.org

Repro steps: Just open Chrome print preview (tried with 15.0.850.0).
Print preview tab is crashing. Stack trace is shown below.

third_party/WebKit/Source/WebKit/chromium/src/ScrollbarGroup.cpp(49) : virtual WebKit::ScrollbarGroup::~ScrollbarGroup()

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffda0d2700 (LWP 11351)]
0x00007ffff363af88 in WebKit::ScrollbarGroup::~ScrollbarGroup (this=0x7fffdefc68c0, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebKit/chromium/src/ScrollbarGroup.cpp:49
49        ASSERT(!m_horizontalScrollbar);
(gdb) bt
#0  0x00007ffff363af88 in WebKit::ScrollbarGroup::~ScrollbarGroup (this=0x7fffdefc68c0, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebKit/chromium/src/ScrollbarGroup.cpp:49
#1  0x00007ffff35e8f9b in WTF::deleteOwnedPtr<WebKit::ScrollbarGroup> (ptr=0x7fffdefc68c0) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtrCommon.h:65
#2  0x00007ffff35e892d in WTF::OwnPtr<WebKit::ScrollbarGroup>::~OwnPtr (this=0x7fffdf04cbc8, __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/OwnPtr.h:54
#3  0x00007ffff35e6ad8 in WebKit::WebPluginContainerImpl::~WebPluginContainerImpl (this=0x7fffdf04cb40, __in_chrg=<value optimized out>) at third_party/WebKit/Source/WebKit/chromium/src/WebPluginContainerImpl.cpp:491
#4  0x00007ffff35dac2a in WTF::RefCounted<WebCore::Widget>::deref (this=0x7fffdf04cb48) at third_party/WebKit/Source/JavaScriptCore/wtf/RefCounted.h:184
#5  0x00007ffff35d9340 in WTF::derefIfNotNull<WebCore::Widget> (ptr=0x7fffdf04cb40) at third_party/WebKit/Source/JavaScriptCore/wtf/PassRefPtr.h:59
#6  0x00007ffff3aac351 in WTF::RefPtr<WebCore::Widget>::~RefPtr (this=0x7fffdefd66d0, __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/RefPtr.h:58
#7  0x00007ffff4349344 in std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*>::~pair (this=0x7fffdefd66d0, __in_chrg=<value optimized out>) at /usr/include/c++/4.4/bits/stl_pair.h:68
#8  0x00007ffff434938f in WTF::HashTable<WTF::RefPtr<WebCore::Widget>, std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*>, WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*> >, WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >, WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >, WTF::HashTraits<WebCore::FrameView*> >, WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::deallocateTable (table=0x7fffdefd6400, size=64)
    at third_party/WebKit/Source/JavaScriptCore/wtf/HashTable.h:893
#9  0x00007ffff4348c70 in WTF::HashTable<WTF::RefPtr<WebCore::Widget>, std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*>, WTF::PairFirstExtractor<std::pair<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*> >, WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >, WTF::PairHashTraits<WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >, WTF::HashTraits<WebCore::FrameView*> >, WTF::HashTraits<WTF::RefPtr<WebCore::Widget> > >::~HashTable (this=0x7fffda0cf500, 
    __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/HashTable.h:300
#10 0x00007ffff4348a20 in WTF::HashMap<WTF::RefPtr<WebCore::Widget>, WebCore::FrameView*, WTF::PtrHash<WTF::RefPtr<WebCore::Widget> >, WTF::HashTraits<WTF::RefPtr<WebCore::Widget> >, WTF::HashTraits<WebCore::FrameView*> >::~HashMap (
    this=0x7fffda0cf500, __in_chrg=<value optimized out>) at third_party/WebKit/Source/JavaScriptCore/wtf/HashMap.h:32
#11 0x00007ffff4346c5b in WebCore::RenderWidget::resumeWidgetHierarchyUpdates () at third_party/WebKit/Source/WebCore/rendering/RenderWidget.cpp:82
#12 0x00007ffff39d98f4 in WebCore::Element::detach (this=0x7fffdec50300) at third_party/WebKit/Source/WebCore/dom/Element.cpp:1052
#13 0x00007ffff3aaba99 in WebCore::HTMLPlugInElement::detach (this=0x7fffdec50300) at third_party/WebKit/Source/WebCore/html/HTMLPlugInElement.cpp:81
#14 0x00007ffff3aaced6 in WebCore::HTMLPlugInImageElement::detach (this=0x7fffdec50300) at third_party/WebKit/Source/WebCore/html/HTMLPlugInImageElement.cpp:156
#15 0x00007ffff3987fce in WebCore::ContainerNode::removeBetween (this=0x7fffdec853f0, previousChild=0x7fffdee20480, nextChild=0x7fffdee1b720, oldChild=0x7fffdec50300) at third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:484
#16 0x00007ffff3987e43 in WebCore::ContainerNode::removeChild (this=0x7fffdec853f0, oldChild=0x7fffdec50300, ec=@0x7fffda0cf728) at third_party/WebKit/Source/WebCore/dom/ContainerNode.cpp:461
#17 0x00007ffff3a033ed in WebCore::Node::removeChild (this=0x7fffdec853f0, oldChild=0x7fffdec50300, ec=@0x7fffda0cf728) at third_party/WebKit/Source/WebCore/dom/Node.cpp:673
#18 0x00007ffff3d3ba86 in WebCore::V8Node::removeChildCallback (args=...) at third_party/WebKit/Source/WebCore/bindings/v8/custom/V8NodeCustom.cpp:106
#19 0x00007ffff2fa5fa6 in v8::internal::HandleApiCallHelper<false> (args=..., isolate=0x7ffff0def000) at v8/src/builtins.cc:1105
#20 0x00007ffff2fa0be3 in v8::internal::Builtin_Impl_HandleApiCall (args=..., isolate=0x7ffff0def000) at v8/src/builtins.cc:1122
#21 0x00007ffff2fa0bb4 in v8::internal::Builtin_HandleApiCall (args=..., isolate=0x7ffff0def000) at v8/src/builtins.cc:1121

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.