Status: Untriaged Owner: [email protected] CC: [email protected], [email protected] Labels: Type-Bug Pri-1 OS-All Area-BrowserUI Regression Channel-Dev
New issue 7435 by [email protected]: Tab crash @ WebCore::PopupListBox::acceptIndex() http://code.google.com/p/chromium/issues/detail?id=7435 Build: 2.0.160.1 (Developer Build 9247) -Open a form, type something to bring up the autocomplete popup -Use arrow keys to select a selection from the pop-up and hit enter key. Expected: Selected element from the pop-up should be displayed on the edit box. Result: Tab crash. Crash Analysis for the crash ############################ FAULTING_IP: +2990360 02990360 f8 clc EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 02990360 ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000008 Parameter[1]: 02990360 Attempt to execute non-executable address 02990360 PROCESS_NAME: chrome.exe FAULTING_MODULE: 7c900000 ntdll DEBUG_FLR_IMAGE_TIMESTAMP: 498b5350 ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s". WRITE_ADDRESS: 02990360 FAILED_INSTRUCTION_ADDRESS: +2990360 02990360 f8 clc IP_ON_HEAP: 02990360 FAULTING_THREAD: 00000298 DEFAULT_BUCKET_ID: WRONG_SYMBOLS PRIMARY_PROBLEM_CLASS: SOFTWARE_NX_FAULT BUGCHECK_STR: APPLICATION_FAULT_SOFTWARE_NX_FAULT_WRONG_SYMBOLS_NULL_INSTRUCTION_PTR LAST_CONTROL_TRANSFER: from 016418d0 to 02990360 STACK_TEXT: WARNING: Frame IP not in any known module. Following frames may be wrong. 00d7fa4c 016418d0 00000000 00000001 00d7fa90 0x2990360 00d7fa64 01641c03 00000000 00d7fac0 00d7fb0c chrome_1000000!WebCore::PopupListBox::acceptIndex+0x70 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\platform\chromium\popupmenuchromium.cpp @ 866] 00d7fa78 01641050 00d7fa90 01a813f0 00facdb0 chrome_1000000!WebCore::PopupListBox::handleMouseReleaseEvent+0x73 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\platform\chromium\popupmenuchromium.cpp @ 542] 00d7fac8 013a527e 00d7fadc 00facc98 00facc98 chrome_1000000!WebCore::PopupContainer::handleMouseReleaseEvent+0x40 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\platform\chromium\popupmenuchromium.cpp @ 397] 00d7fb0c 013a5660 00fad358 00d7fb40 012dfafb chrome_1000000!WebWidgetImpl::MouseUp+0x2e [c:\b\slave\chromium-rel-xp\build\src\webkit\glue\webwidget_impl.cc @ 85] 00d7fb18 012dfafb 00fad358 00facc98 00000000 chrome_1000000!WebWidgetImpl::HandleInputEvent+0x50 [c:\b\slave\chromium-rel-xp\build\src\webkit\glue\webwidget_impl.cc @ 171] 00d7fb40 012df9bd 00fad358 00d7fc00 012e267e chrome_1000000!RenderWidget::OnHandleInputEvent+0x4b [c:\b\slave\chromium-rel-xp\build\src\chrome\renderer\render_widget.cc @ 325] 00d7fb4c 012e267e 00face00 00facc98 012dfab0 chrome_1000000!IPC::Message::Dispatch<RenderWidget>+0x1d [c:\b\slave\chromium-rel-xp\build\src\chrome\common\ipc_message.h @ 142] 00d7fc00 012ad494 00face00 00face00 00a68f08 chrome_1000000!RenderWidget::OnMessageReceived+0x11e [c:\b\slave\chromium-rel-xp\build\src\chrome\renderer\render_widget.cc @ 167] 00d7fc14 012ad450 00face00 00face00 00a68ecc chrome_1000000!MessageRouter::RouteMessage+0x34 [c:\b\slave\chromium-rel-xp\build\src\chrome\common\message_router.cc @ 39] 00d7fc28 012cdd35 00face00 00d7fef0 00a6a908 chrome_1000000!MessageRouter::OnMessageReceived+0x30 [c:\b\slave\chromium-rel-xp\build\src\chrome\common\message_router.cc @ 30] 00d7fc44 01152db7 00face00 00facdf0 010119a0 chrome_1000000!RenderThread::OnMessageReceived+0x115 [c:\b\slave\chromium-rel-xp\build\src\chrome\renderer\render_thread.cc @ 201] 00d7fc50 010119a0 00000000 00d7fef0 00000001 chrome_1000000!RunnableMethod<ProfileWriter,void (__thiscall ProfileWriter::*)(PasswordForm const &),Tuple1<PasswordForm> >::Run+0x17 [c:\b\slave\chromium-rel-xp\build\src\base\task.h @ 312] 00d7fcf0 0101251a 00facdf0 00a692d8 00d7fef0 chrome_1000000!MessageLoop::RunTask+0x80 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 309] 00d7fd40 01026d21 00d7fef0 00d7fef0 00000000 chrome_1000000!MessageLoop::DoWork+0x1ea [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 416] 00d7fdec 01012097 01d7fef0 00a68ed4 00a68ed4 chrome_1000000!base::MessagePumpDefault::Run+0x111 [c:\b\slave\chromium-rel-xp\build\src\base\message_pump_default.cc @ 50] 00d7fe8c 01012230 cd9a1538 00a68ee8 00a68ed4 chrome_1000000!MessageLoop::RunInternal+0xb7 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 197] 00d7fec0 01012acd 00000001 00000000 00000000 chrome_1000000!MessageLoop::RunHandler+0xa0 [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 181] 00d7fedc 01577d3a 00000048 00a60000 00000000 chrome_1000000!MessageLoop::Run+0x3d [c:\b\slave\chromium-rel-xp\build\src\base\message_loop.cc @ 155] 00d7ffac 0101abad 00d7ffec 7c80b713 00a68ed4 chrome_1000000!base::Thread::ThreadMain+0x8a [c:\b\slave\chromium-rel-xp\build\src\base\thread.cc @ 159] 00d7ffb4 7c80b713 00a68ed4 00000048 00a60000 chrome_1000000!`anonymous namespace'::ThreadFunc+0xd [c:\b\slave\chromium-rel-xp\build\src\base\platform_thread_win.cc @ 27] 00d7ffec 00000000 0101aba0 00a68ed4 00000000 kernel32!GetModuleFileNameA+0x1b4 STACK_COMMAND: ~2s; .ecxr ; kb FOLLOWUP_IP: chrome_1000000!WebCore::PopupListBox::acceptIndex+70 [c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\platform\chromium\popupmenuchromium.cpp @ 866] 016418d0 8b8680000000 mov eax,dword ptr [esi+80h] FAULTING_SOURCE_CODE: No source found for 'c:\b\slave\chromium-rel-xp\build\src\third_party\webkit\webcore\platform\chromium\popupmenuchromium.cpp' SYMBOL_STACK_INDEX: 1 SYMBOL_NAME: chrome_1000000!WebCore::PopupListBox::acceptIndex+70 FOLLOWUP_NAME: MachineOwner MODULE_NAME: chrome_1000000 IMAGE_NAME: chrome.dll BUCKET_ID: WRONG_SYMBOLS FAILURE_BUCKET_ID: SOFTWARE_NX_FAULT_c0000005_chrome.dll!base_address -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
