[Webkit-unassigned] [Bug 60808] New: Crash (preceded by assertion failure in Document::updateStyleIfNeeded) on http://javatester.org/enabled.html
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri May 13 14:59:28 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=60808
Summary: Crash (preceded by assertion failure in
Document::updateStyleIfNeeded) on
http://javatester.org/enabled.html
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
URL: http://javatester.org/enabled.html
OS/Version: Windows 7
Status: NEW
Keywords: NeedsRadar, PlatformOnly
Severity: Normal
Priority: P2
Component: Plug-ins
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: aroben at apple.com
To reproduce:
1. Install Java 6 Update 3 from http://java.sun.com/products/archive/j2se/6u3/index.html
2. Go to http://javatester.org/enabled.html
You'll first hit an assertion failure in Document::updateStyleIfNeeded, then sometime later you'll crash.
It looks like Java is spinning a nested message loop which is causing WebCore Timers to fire at unexpected times.
Here's the backtrace of the asertion failure:
> WebKit.dll!WebCore::Document::updateStyleIfNeeded() Line 1576 C++
WebKit.dll!WebCore::RenderView::selectionBounds(bool clipToVisibleContent=true) Line 345 + 0x26 bytes C++
WebKit.dll!WebCore::FrameSelection::bounds(bool clipToVisibleContent=true) Line 1805 C++
WebKit.dll!WebCore::FrameSelection::focusedOrActiveStateChanged() Line 1560 + 0x12 bytes C++
WebKit.dll!WebCore::FrameSelection::setFocused(bool flag=false) Line 1611 C++
WebKit.dll!WebCore::FocusController::setFocused(bool focused=false) Line 143 C++
WebKit.dll!WebView::WebViewWndProc(HWND__ * hWnd=0x00030bd4, unsigned int message=8, unsigned int wParam=0, long lParam=0) Line 2250 C++
user32.dll!_InternalCallWinProc at 20() + 0x28 bytes
user32.dll!_UserCallWinProcCheckWow at 32() + 0xb7 bytes
user32.dll!_CallWindowProcAorW at 24() + 0x51 bytes
user32.dll!_CallWindowProcW at 20() + 0x1b bytes
comctl32.dll!_CallOriginalWndProc at 24() + 0x1a bytes
comctl32.dll!_CallNextSubclassProc at 20() + 0x3c bytes
comctl32.dll!_DefSubclassProc at 16() + 0x46 bytes
comctl32.dll!TTSubclassProc() + 0x59 bytes
comctl32.dll!_CallNextSubclassProc at 20() + 0x3c bytes
comctl32.dll!_MasterSubclassProc at 16() + 0x54 bytes
user32.dll!_InternalCallWinProc at 20() + 0x28 bytes
user32.dll!_UserCallWinProcCheckWow at 32() + 0xb7 bytes
user32.dll!_DispatchClientMessage at 20() + 0x4d bytes
user32.dll!___fnDWORD at 4() + 0x24 bytes
ntdll.dll!_KiUserCallbackDispatcher at 12() + 0x13 bytes
user32.dll!_NtUserMessageCall at 28() + 0xc bytes
user32.dll!_SendMessageW at 16() + 0x49 bytes
awt.dll!6d110d12()
[Frames below may be incorrect and/or missing, no symbols loaded for awt.dll]
jvm.dll!135d02ec()
jvm.dll!135d067d()
jvm.dll!1365f4f1()
jvm.dll!135f7988()
jvm.dll!135d9aa3()
jvm.dll!135d070e()
jvm.dll!135d9a7b()
jvm.dll!1365197a()
jvm.dll!13529125()
msvcr71.dll!7c34218f()
jvm.dll!1365197a()
jvm.dll!1365197a()
msvcr71.dll!7c34218f()
jvm.dll!135280f6()
jvm.dll!135dc933()
jpinscp.dll!6d4c6f03()
jpinscp.dll!6d4c74e0()
jpinscp.dll!6d4c39a4()
jpinscp.dll!6d4c3c41()
jpioji.dll!6d4e3215()
npJavaPlugin.dll!JavaPlugin::windowCreated() + 0x25 bytes C++
npJavaPlugin.dll!NP::Plugin::setwindow() + 0x31 bytes C++
WebKit.dll!WebCore::PluginView::setNPWindowRect(const WebCore::IntRect & rect={...}) Line 811 + 0x2d bytes C++
WebKit.dll!WebCore::PluginView::platformStart() Line 1000 C++
WebKit.dll!WebCore::PluginView::start() Line 268 + 0x8 bytes C++
WebKit.dll!WebCore::PluginView::startOrAddToUnstartedList() Line 224 C++
WebKit.dll!WebCore::PluginView::init() Line 201 + 0x8 bytes C++
WebKit.dll!WebCore::PluginView::setParent(WebCore::ScrollView * parent=0x10809548) Line 750 C++
WebKit.dll!WebCore::ScrollView::addChild(WTF::PassRefPtr<WebCore::Widget> prpChild={...}) Line 74 + 0x13 bytes C++
WebKit.dll!WebCore::moveWidgetToParentSoon(WebCore::Widget * child=0x106000f8, WebCore::FrameView * parent=0x10809548) Line 91 C++
WebKit.dll!WebCore::RenderWidget::setWidget(WTF::PassRefPtr<WebCore::Widget> widget={...}) Line 215 + 0x18 bytes C++
WebKit.dll!WebCore::RenderApplet::createWidgetIfNecessary() Line 81 C++
WebKit.dll!WebCore::RenderApplet::layout() Line 92 C++
WebKit.dll!WebCore::RenderObject::layoutIfNeeded() Line 537 + 0x30 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutInlineChildren(bool relayoutChildren=true, int & repaintLogicalTop=0, int & repaintLogicalBottom=0) Line 1149 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1236 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x1059169c, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderTableCell::layout() Line 162 + 0x1d bytes C++
WebKit.dll!WebCore::RenderTableRow::layout() Line 150 + 0x12 bytes C++
WebKit.dll!WebCore::RenderObject::layoutIfNeeded() Line 537 + 0x30 bytes C++
WebKit.dll!WebCore::RenderTableSection::layout() Line 404 C++
WebKit.dll!WebCore::RenderObject::layoutIfNeeded() Line 537 + 0x30 bytes C++
WebKit.dll!WebCore::RenderTable::layout() Line 307 C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x1038b424, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x1046dddc, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x0af4105c, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x106a7d14, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChild(WebCore::RenderBox * child=0x1072268c, WebCore::RenderBlock::MarginInfo & marginInfo={...}, int & previousFloatLogicalBottom=0, int & maxFloatLogicalBottom=0) Line 1975 + 0x12 bytes C++
WebKit.dll!WebCore::RenderBlock::layoutBlockChildren(bool relayoutChildren=true, int & maxFloatLogicalBottom=0) Line 1914 C++
WebKit.dll!WebCore::RenderBlock::layoutBlock(bool relayoutChildren=true, int pageLogicalHeight=0) Line 1240 C++
WebKit.dll!WebCore::RenderBlock::layout() Line 1133 + 0x16 bytes C++
WebKit.dll!WebCore::RenderView::layout() Line 132 C++
WebKit.dll!WebCore::FrameView::layout(bool allowSubtree=true) Line 964 + 0x12 bytes C++
WebKit.dll!WebCore::FrameView::layoutTimerFired(WebCore::Timer<WebCore::FrameView> * __formal=0x10809660) Line 1685 C++
WebKit.dll!WebCore::Timer<WebCore::FrameView>::fired() Line 100 + 0x29 bytes C++
WebKit.dll!WebCore::ThreadTimers::sharedTimerFiredInternal() Line 112 + 0xf bytes C++
WebKit.dll!WebCore::ThreadTimers::sharedTimerFired() Line 91 C++
WebKit.dll!WebCore::TimerWindowWndProc(HWND__ * hWnd=0x002207cc, unsigned int message=49574, unsigned int wParam=0, long lParam=0) Line 103 + 0x8 bytes C++
user32.dll!_InternalCallWinProc at 20() + 0x28 bytes
user32.dll!_UserCallWinProcCheckWow at 32() + 0xb7 bytes
user32.dll!_DispatchMessageWorker at 8() + 0xdc bytes
user32.dll!_DispatchMessageW at 4() + 0xf bytes
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list