ARGUMENT BAD: optionIndex, optionIndex < static_cast<int>(m_children.size()) ../../Source/WebCore/accessibility/AccessibilityMenuListPopup.cpp(135) : void WebCore::AccessibilityMenuListPopup::didUpdateActiveOption(int) 1 0x7f5ed376d82e /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libjavascriptcoregtk-3.0.so.0(WTFCrash+0x1e) [0x7f5ed376d82e] 2 0x7f5ed54058f8 /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore26AccessibilityMenuListPopup21didUpdateActiveOptionEi+0x86) [0x7f5ed54058f8] 3 0x7f5ed5404b56 /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore21AccessibilityMenuList21didUpdateActiveOptionEi+0x168) [0x7f5ed5404b56] 4 0x7f5ed5ec238b /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore14RenderMenuList21didUpdateActiveOptionEi+0x171) [0x7f5ed5ec238b] 5 0x7f5ed5ec1449 /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore14RenderMenuList17setTextFromOptionEi+0x14d) [0x7f5ed5ec1449] 6 0x7f5ed5ec12fa /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore14RenderMenuList17updateFromElementEv+0x88) [0x7f5ed5ec12fa] 7 0x7f5ed598d96f /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore17HTMLSelectElement12selectOptionEij+0x14b) [0x7f5ed598d96f] 8 0x7f5ed598d759 /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore17HTMLSelectElement16setSelectedIndexEi+0x25) [0x7f5ed598d759] 9 0x7f5ed624c687 /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(_ZN7WebCore35setJSHTMLSelectElementSelectedIndexEPN3JSC9ExecStateEPNS0_8JSObjectENS0_7JSValueE+0x72) [0x7f5ed624c687] 10 0x7f5ed624e0fc /home/kov/src/WebKit/WebKitBuild/Debug/.libs/libwebkitgtk-3.0.so.0(+0x24300fc) [0x7f5ed624e0fc] The reason is the AccessibilityMenuList's knowledge of how many children there are is outdated - m_children.size() is 1 and the active option is 1 (so the second element).
This is being rolled out with bug 125629 *** This bug has been marked as a duplicate of bug 125629 ***