[Webkit-unassigned] [Bug 108524] New: Crash under FrameView::isRubberBandInProgress() during FrameView creation

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Jan 31 14:13:28 PST 2013 

https://bugs.webkit.org/show_bug.cgi?id=108524

           Summary: Crash under FrameView::isRubberBandInProgress() during
                    FrameView creation
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: jamesr at chromium.org
                CC: bdakin at apple.com, simon.fraser at apple.com


Copied from https://code.google.com/p/chromium/issues/detail?id=173009:

Thread 0 *CRASHED* ( EXCEPTION_ACCESS_VIOLATION_READ @ 0xfffffffffaa6fc6a )

0x68abf5e3     [chrome.dll]     - scrollingcoordinator.cpp:436 (cs|src|ann)]    WebCore::ScrollingCoordinator::hasVisibleSlowRepaintViewportConstrainedObjects(WebCore::FrameView *)
0x68abf6a3     [chrome.dll]     - scrollingcoordinator.cpp:463 (cs|src|ann)]    WebCore::ScrollingCoordinator::mainThreadScrollingReasons()
0x682a27dd     [chrome.dll]     - frameview.cpp:1919 (cs|src|ann)]    WebCore::FrameView::isRubberBandInProgress()
0x68285408     [chrome.dll]     - scrollview.cpp:618 (cs|src|ann)]    WebCore::ScrollView::updateScrollbars(WebCore::IntSize const &)
0x689315ff     [chrome.dll]     - scrollview.cpp:188 (cs|src|ann)]    WebCore::ScrollView::setCanHaveScrollbars(bool)
0x68a7e82c     [chrome.dll]     - frameview.cpp:507 (cs|src|ann)]    WebCore::FrameView::setCanHaveScrollbars(bool)
0x6820a110     [chrome.dll]     - frameview.cpp:352 (cs|src|ann)]    WebCore::FrameView::init()
0x68209f6f     [chrome.dll]     - frameview.cpp:202 (cs|src|ann)]    WebCore::FrameView::FrameView(WebCore::Frame *)
0x68209798     [chrome.dll]     - frame.cpp:796 (cs|src|ann)]    WebCore::Frame::createView(WebCore::IntSize const &,WebCore::Color const &,bool,WebCore::IntSize const &,WebCore::IntRect const &,bool,WebCore::ScrollbarMode,bool,WebCore::ScrollbarMode,bool)
0x6820953d     [chrome.dll]     - webframeimpl.cpp:2280 (cs|src|ann)]    WebKit::WebFrameImpl::createFrameView()
0x68208edd     [chrome.dll]     - frameloader.cpp:1864 (cs|src|ann)]    WebCore::FrameLoader::transitionToCommitted(WTF::PassRefPtr<WebCore::CachedPage>)
0x682084ed     [chrome.dll]     - frameloader.cpp:1701 (cs|src|ann)]    WebCore::FrameLoader::commitProvisionalLoad()
0x682082d3     [chrome.dll]     - documentloader.cpp:283 (cs|src|ann)]    WebCore::DocumentLoader::finishedLoading()
0x68207ada     [chrome.dll]     - documentloader.cpp:880 (cs|src|ann)]    WebCore::DocumentLoader::maybeLoadEmpty()
0x682075a5     [chrome.dll]     - documentloader.cpp:890 (cs|src|ann)]    WebCore::DocumentLoader::startLoadingMainResource()
0x68204e97     [chrome.dll]     - frameloader.cpp:261 (cs|src|ann)]    WebCore::FrameLoader::init()
0x6944d834     [chrome.dll]     - webframeimpl.cpp:2242 (cs|src|ann)]    WebKit::WebFrameImpl::createChildFrame(WebCore::FrameLoadRequest const &,WebCore::HTMLFrameOwnerElement *)
0x6945f4cc     [chrome.dll]     - frameloaderclientimpl.cpp:1477 (cs|src|ann)]    WebKit::FrameLoaderClientImpl::createFrame(WebCore::KURL const &,WTF::String const &,WebCore::HTMLFrameOwnerElement *,WTF::String const &,bool,int,int)
0x68af7b3b     [chrome.dll]     - subframeloader.cpp:367 (cs|src|ann)]    WebCore::SubframeLoader::loadSubframe(WebCore::HTMLFrameOwnerElement *,WebCore::KURL const &,WTF::String const &,WTF::String const &)
0x68af79cf     [chrome.dll]     - subframeloader.cpp:341 (cs|src|ann)]    WebCore::SubframeLoader::loadOrRedirectSubframe(WebCore::HTMLFrameOwnerElement *,WebCore::KURL const &,WTF::AtomicString const &,bool,bool)
0x68af6bc2     [chrome.dll]     - subframeloader.cpp:87 (cs|src|ann)]    WebCore::SubframeLoader::requestFrame(WebCore::HTMLFrameOwnerElement *,WTF::String const &,WTF::AtomicString const &,bool,bool)
0x68e74c66     [chrome.dll]     - htmlframeelementbase.cpp:88 (cs|src|ann)]    WebCore::HTMLFrameElementBase::openURL(bool,bool)
0x68e7503e     [chrome.dll]     - htmlframeelementbase.cpp:141 (cs|src|ann)]    WebCore::HTMLFrameElementBase::setNameAndOpenURL()
0x68e7508e     [chrome.dll]     - htmlframeelementbase.cpp:172 (cs|src|ann)]    WebCore::HTMLFrameElementBase::didNotifySubtreeInsertions(WebCore::ContainerNode *)
0x6822de07     [chrome.dll]     - containernodealgorithms.h:230 (cs|src|ann)]    WebCore::ChildNodeInsertionNotifier::notify(WebCore::Node *)
0x684a262c     [chrome.dll]     - containernode.cpp:1105 (cs|src|ann)]    WebCore::updateTreeAfterInsertion
0x684a222f     [chrome.dll]     - containernode.cpp:686 (cs|src|ann)]    WebCore::ContainerNode::appendChild(WTF::PassRefPtr<WebCore::Node>,int &,bool)
0x684f80c5     [chrome.dll]     - node.cpp:570 (cs|src|ann)]    WebCore::Node::appendChild(WTF::PassRefPtr<WebCore::Node>,int &,bool)
0x684f7fff     [chrome.dll]     - api.cc:4842 (cs|src)]    v8::FunctionTemplate::HasInstance(v8::Handle<v8::Value>)
0x68392cee     [chrome.dll]     - builtins.cc:1350 (cs|src)]    v8::internal::HandleApiCallHelper<0>
0x68392ac5     [chrome.dll]     - builtins.cc:1368 (cs|src)]    v8::internal::Builtin_HandleApiCall
0x0022e033            
0x2dee2478    

We're constructing a new FrameView for the main Frame, but haven't set it as the mainFrame's view yet.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list