RESOLVED FIXED 27112
Crash in v8::internal::Context::global_context() 
https://bugs.webkit.org/show_bug.cgi?id=27112
Summary Crash in v8::internal::Context::global_context()
Yury Semikhatsky
Reported 2009-07-09 04:47:46 PDT
This crash was detected in 3.0.192.1 and appears to be a regression from 3.0.191.3. It is currently ranked #2 (based on the relative number of reports in the release). There have been 43 reports from 9 clients. Search query: http://crash/search?query=Chrome+3.0.192.1+v8%3A%3Ainternal%3A%3AContext%3A%3Aglobal_context%28%29 ---------------------------- * Summary Data * ---------------------------- Report Link: http://crash/reportdetail?reportid=55151b8b0c3cbe24 Mini Dump Link: http://crash/file?reportid=55151b8b0c3cbe24&name=upload_file_minidump Uptime: 0 sec User Comments: null OS: Windows Vista or Windows Server 2008 Service Pack 1 CPU Architecture: x86 CPU Info: GenuineIntel family 6 model 15 stepping 13 rept: null ptype: renderer plat: Win32 crash type:(EXCEPTION_ACCESS_VIOLATION@0x00000017) ---------------------------- * Crash Trace * ---------------------------- [contexts.cc:52] - v8::internal::Context::global_context() [api.cc:2968] - v8::Object::New() [v8proxy.cpp:3239] - WebCore::V8Proxy::setContextDebugId(int) [debugger_agent_manager.cc:225] - DebuggerAgentManager::SetHostId(WebFrameImpl *,int) [webdevtoolsagent_impl.cc:169] - WebDevToolsAgentImpl::WindowObjectCleared(WebFrameImpl *) [webframeloaderclient_impl.cc:121] - WebFrameLoaderClient::windowObjectCleared() [frameloader.cpp:5059] - WebCore::FrameLoader::dispatchWindowObjectAvailable() [frameloader.cpp:861] - WebCore::FrameLoader::receivedFirstData() [frameloader.cpp:1787] - WebCore::FrameLoader::setEncoding(WebCore::String const &,bool) [webframe_impl.cc:1525] - WebFrameImpl::DidReceiveData(WebCore::DocumentLoader *,char const *,int) [webframeloaderclient_impl.cc:1068] - WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader *,char const *,int) [frameloader.cpp:3618] - WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader *,char const *,int) [documentloader.cpp:361] - WebCore::DocumentLoader::commitLoad(char const *,int) [documentloader.cpp:373] - WebCore::DocumentLoader::receivedData(char const *,int) [frameloader.cpp:2435] - WebCore::FrameLoader::receivedData(char const *,int) [mainresourceloader.cpp:148] - WebCore::MainResourceLoader::addData(char const *,int,bool) [resourceloader.cpp:257] - WebCore::ResourceLoader::didReceiveData(char const *,int,__int64,bool) [mainresourceloader.cpp:360] - WebCore::MainResourceLoader::didReceiveData(char const *,int,__int64,bool) [resourceloader.cpp:411] - WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle *,char const *,int,int) [resourcehandle.cpp:137] - WebCore::ResourceHandleInternal::didReceiveData(WebKit::WebURLLoader *,char const *,int,__int64) [weburlloader_impl.cc:446] - webkit_glue::WebURLLoaderImpl::Context::OnReceivedData(char const *,int) [resource_dispatcher.cc:376] - ResourceDispatcher::OnReceivedData(IPC::Message const &,int,void *,int) [ipc_message_utils.h:1188] - IPC::MessageWithTuple<Tuple3<int,void *,int> >::Dispatch<ResourceDispatcher,int,void *,int>(IPC::Message const *,ResourceDispatcher *,void ( ResourceDispatcher::*)(IPC::Message const &,int,void *,int)) [resource_dispatcher.cc:486] - ResourceDispatcher::DispatchMessageW(IPC::Message const &) [resource_dispatcher.cc:293] - ResourceDispatcher::OnMessageReceived(IPC::Message const &) [child_thread.cc:70] - ChildThread::OnMessageReceived(IPC::Message const &) [task.h:307] - RunnableMethod<CancelableRequest<CallbackRunner<Tuple5<int,bool,scoped_refptr<RefCountedVector<unsigned char> >,bool,GURL> > >,void ( CancelableRequest<CallbackRunner<Tuple5<int,bool,scoped_refptr<RefCountedVector<unsigned char> >,bool,GURL> > >::*)(Tuple5<int,bool,scoped_refptr<RefCountedVector<unsigned char> >,bool,GURL> const &),Tuple1<Tuple5<int,bool,scoped_refptr<RefCountedVector<unsigned char> >,bool,GURL> > >::Run() [message_loop.cc:313] - MessageLoop::RunTask(Task *) [message_loop.cc:321] - MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const &) [message_loop.cc:427] - MessageLoop::DoWork() [message_pump_default.cc:50] - base::MessagePumpDefault::Run(base::MessagePump::Delegate *) [message_loop.cc:198] - MessageLoop::RunInternal() [message_loop.cc:181] - MessageLoop::RunHandler() [message_loop.cc:155] - MessageLoop::Run() [thread.cc:156] - base::Thread::ThreadMain() [platform_thread_win.cc:26] - `anonymous namespace'::ThreadFunc(void *) [kernel32.dll+0x00044910] - BaseThreadInitThunk [ntdll.dll+0x0003e4b5] - __RtlUserThreadStart [ntdll.dll+0x0003e488] - _RtlUserThreadStart ---------------------------- * Loaded Modules * ---------------------------- mzvkbd.dll mzvkbd3.dll avcodec-52.dll avformat-52.dll avutil-50.dll chrome.dll icudt38.dll pthreadGC2.dll chrome.exe Wldap32.dll advapi32.dll gdi32.dll imm32.dll kernel32.dll lpk.dll msctf.dll msvcrt.dll netapi32.dll nsi.dll ntdll.dll ntmarta.dll ole32.dll oleacc.dll oleaut32.dll psapi.dll rpcrt4.dll samlib.dll secur32.dll shell32.dll shlwapi.dll t2embed.dll user32.dll userenv.dll usp10.dll uxtheme.dll version.dll winmm.dll ws2_32.dll wsock32.dll comctl32.dll
Attachments
Enter the frame's context before creating new objects. (1.20 KB, patch)
2009-07-09 04:58 PDT, Yury Semikhatsky 		dglazkov: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Yury Semikhatsky
Comment 1 2009-07-09 04:58:38 PDT
Created attachment 32512 [details] Enter the frame's context before creating new objects.
Mads Ager
Comment 2 2009-07-09 05:46:45 PDT
Looks good to me. Dimitri, could you do the official review? Thanks, -- Mads
Dimitri Glazkov (Google)
Comment 3 2009-07-09 08:44:28 PDT
Comment on attachment 32512 [details] Enter the frame's context before creating new objects. r=me.
Dimitri Glazkov (Google)
Comment 4 2009-07-09 08:50:39 PDT
Landed as http://trac.webkit.org/changeset/45661.
Note You need to log in before you can comment on or make changes to this bug.