[Webkit-unassigned] [Bug 55078] [GTK] Double free error when double-clicking on webpage

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 24 07:12:32 PST 2011 

https://bugs.webkit.org/show_bug.cgi?id=55078


Philippe Normand <pnormand at igalia.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pnormand at igalia.com




--- Comment #5 from Philippe Normand <pnormand at igalia.com>  2011-02-24 07:12:33 PST ---
I get this if I double-click on the google background:

#0  0x00007ffff15dc165 in raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x00007ffff15def70 in abort () at abort.c:92
#2  0x00007ffff161227b in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>)
    at ../sysdeps/unix/sysv/linux/libc_fatal.c:189
#3  0x00007ffff161bad6 in malloc_printerr (action=3, str=0x7ffff16cfad6 "corrupted double-linked list", 
    ptr=<value optimized out>) at malloc.c:6267
#4  0x00007ffff161bf4d in malloc_consolidate (av=<value optimized out>) at malloc.c:5153
#5  0x00007ffff161e254 in _int_malloc (av=0x7ffff1906e40, bytes=26661) at malloc.c:4373
#6  0x00007ffff1620930 in __libc_malloc (bytes=1792) at malloc.c:3661
#7  0x00007ffff62ba49a in WTF::fastMalloc (n=1792) at ../../Source/JavaScriptCore/wtf/FastMalloc.cpp:250
#8  0x00007ffff5a74e0f in WTF::VectorBufferBase<WebCore::GraphicsContextState>::allocateBuffer (
    this=0x7fffffffca40, newCapacity=16) at ../../Source/JavaScriptCore/wtf/Vector.h:288
#9  0x00007ffff5a74882 in WTF::Vector<WebCore::GraphicsContextState, 0ul>::reserveCapacity (
    this=0x7fffffffca38, newCapacity=16) at ../../Source/JavaScriptCore/wtf/Vector.h:875
#10 0x00007ffff5a73f9b in WTF::Vector<WebCore::GraphicsContextState, 0ul>::expandCapacity (
    this=0x7fffffffca38, newMinCapacity=1) at ../../Source/JavaScriptCore/wtf/Vector.h:792
#11 0x00007ffff5a732ec in WTF::Vector<WebCore::GraphicsContextState, 0ul>::expandCapacity (
    this=0x7fffffffca38, newMinCapacity=1, ptr=0x7fffffffc9c8)
    at ../../Source/JavaScriptCore/wtf/Vector.h:799
#12 0x00007ffff5a712a3 in WTF::Vector<WebCore::GraphicsContextState, 0ul>::append<WebCore::GraphicsContextState> (this=0x7fffffffca38, val=...) at ../../Source/JavaScriptCore/wtf/Vector.h:971
#13 0x00007ffff5a6dddb in WebCore::GraphicsContext::save (this=0x7fffffffc9c0)
    at ../../Source/WebCore/platform/graphics/GraphicsContext.cpp:95
#14 0x00007ffff5ac297d in WebCore::ScrollView::paint (this=0x7476e0, context=0x7fffffffc9c0, rect=...)
    at ../../Source/WebCore/platform/ScrollView.cpp:922
#15 0x00007ffff534d540 in paintWebView (frame=0x729800, transparent=0, context=..., clipRect=..., rects=...)
    at ../../Source/WebKit/gtk/webkit/webkitwebview.cpp:683
#16 0x00007ffff534d860 in webkit_web_view_draw (widget=0x6fc0c0, cr=0x7ffff30739e0)
    at ../../Source/WebKit/gtk/webkit/webkitwebview.cpp:751
#17 0x00007ffff44727c8 in _gtk_marshal_BOOLEAN__BOXED (closure=0x66fde0, return_value=0x7fffffffcd00, 
    n_param_values=<value optimized out>, param_values=0xdae520, invocation_hint=<value optimized out>, 
    marshal_data=0x7ffff534d666) at gtkmarshalers.c:85
#18 0x00007ffff45a16a0 in gtk_widget_draw_marshaller (closure=0x66fde0, return_value=0x7fffffffcd00, 
    n_param_values=2, param_values=0xdae520, invocation_hint=<value optimized out>, 
    marshal_data=<value optimized out>) at gtkwidget.c:782
#19 0x00007ffff245802e in g_closure_invoke (closure=0x66fde0, return_value=0x7fffffffcd00, n_param_values=2, 
    param_values=0xdae520, invocation_hint=0x7fffffffccc0) at gclosure.c:767
#20 0x00007ffff2470d12 in signal_emit_unlocked_R (node=0x66fe90, detail=<value optimized out>, 
    instance=<value optimized out>, emission_return=<value optimized out>, 
    instance_and_params=<value optimized out>) at gsignal.c:3290
#21 0x00007ffff247269c in g_signal_emit_valist (instance=0x6fc0c0, signal_id=<value optimized out>, 
    detail=0, var_args=0x7fffffffceb0) at gsignal.c:2993
#22 0x00007ffff2473083 in g_signal_emit (instance=0x6825, signal_id=26661, detail=6) at gsignal.c:3040
#23 0x00007ffff45971fa in _gtk_widget_draw_internal (widget=0x6fc0c0, cr=0x7ffff30739e0, clip_to_size=1)
    at gtkwidget.c:5653
#24 0x00007ffff4599525 in gtk_widget_send_expose (widget=0x6fc0c0, event=<value optimized out>)
    at gtkwidget.c:5900
#25 0x00007ffff446d39a in gtk_main_do_event (event=0x7fffffffd060) at gtkmain.c:1788
#26 0x00007ffff40d3182 in _gdk_window_process_updates_recurse (window=0x632b40, expose_region=0x1175250)
    at gdkwindow.c:3872
#27 0x00007ffff40d311f in _gdk_window_process_updates_recurse (window=0x632360, expose_region=0x1171180)
    at gdkwindow.c:3845
#28 0x00007ffff40d3542 in gdk_window_process_updates_internal (window=0x632360) at gdkwindow.c:4028
#29 0x00007ffff40d3828 in gdk_window_process_all_updates () at gdkwindow.c:4159
#30 0x00007ffff40d3899 in gdk_window_update_idle (data=0x6825) at gdkwindow.c:3762
#31 0x00007ffff40be36f in gdk_threads_dispatch (data=0x1089440) at gdk.c:741
#32 0x00007ffff1b6a342 in g_main_dispatch (context=0x638270) at gmain.c:2440
#33 g_main_context_dispatch (context=0x638270) at gmain.c:3013
#34 0x00007ffff1b6ea08 in g_main_context_iterate (context=0x638270, block=<value optimized out>, 
    dispatch=<value optimized out>, self=<value optimized out>) at gmain.c:3091
#35 0x00007ffff1b6ef15 in g_main_loop_run (loop=0xe62020) at gmain.c:3299
#36 0x00007ffff446d55d in gtk_main () at gtkmain.c:1349

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list