[chromium-bugs] Issue 8799 in chromium: Gmail renderer crash @ WebCore::V8Proxy::GetConstructor

Sun, 15 Mar 2009 17:11:40 -0700 

Status: Untriaged
Owner: [email protected]
CC: [email protected]
Labels: Type-Bug Pri-2 OS-All Area-Misc Crash Channel-Dev

New issue 8799 by [email protected]: Gmail renderer crash @  
WebCore::V8Proxy::GetConstructor
http://code.google.com/p/chromium/issues/detail?id=8799

***Chrome2.0.169.1***

What steps will reproduce the problem?
1. Login into flickr.com and go to http://www.flickr.com/photos/organize/
2. Login into gmail and click on 'Compose Mail'
3. Now copy the content 'if you want to plow ahead and see if maybe your
browser will work, go for it.' from flickr and paste it in compose box
4. Click on the link 'go for it' in gmail.

What is the expected output?
To show the actual link hidden behind

What do you see instead?
The whole content of that email disappears just showing the hyperlink. The
renderer crashed a couple of times in Chrome

FF3 seems to work fine. Safari4 also exhibits the same behavior as Chrome
though.

Full call stack can be found at http://go/crash/reportdetail?
email=&clientid=&reportid=c0ffef7ae0d481c&product=Chrome&version=&signature
=&date=

Call stack
-----------
Thread 1 *CRASHED* (EXCEPTION_ACCESS_VIOLATION @0x00000008)

0x0104083a       [chrome.dll     - v8_proxy.cpp:1478]   
WebCore::V8Proxy::GetConstructor(WebCore::V8ClassIndex::V8WrapperType)
0x0104fc5c       [chrome.dll     - v8domwindow.cpp:430] 
WebCore::DOMWindowInternal::DOMWindowConstructorGetter
0x0160438f       [chrome.dll     - objects.cc:205]      
v8::internal::Object::GetPropertyWithCallback(v8::internal::Object
*,v8::internal::Object *,v8::internal::String *,v8::internal::Object *)
0x0160feb3       [chrome.dll     - objects.cc:472]      
v8::internal::Object::GetProperty(v8::internal::Object
*,v8::internal::LookupResult *,v8::internal::String *,PropertyAttributes *)
0x0166c76c       [chrome.dll     - ic.cc:542]   
v8::internal::LoadIC::Load(v8::internal::InlineCacheState,v8::internal::Han
dle<v8::internal::Object>,v8::internal::Handle<v8::internal::String>)
0x0166cf78       [chrome.dll     - ic.cc:1095]  
v8::internal::LoadIC_Miss(v8::internal::Arguments)
0x01980187                      
0x0351f085                      
0x01b004a8                      
0x019ed442                      
0x019853f1                      
0x0352340a                      
0x019809be                      
0x03a2f705                      
0x03a75fa7                      
0x019809be                      
0x03a2fee7                      
0x03a6bec5                      
0x019809be                      
0x01989e8e                      
0x03523e6f                      
0x019809be                      
0x0355e7ee                      
0x03a79f96                      
0x03a337f0                      
0x01989e95                      
0x01a37772                      
0x01989e95                      
0x01b5f271                      
0x01989e95                      
0x0199f7e0                      
0x0198b6f8                      
0x01980f73                      
0x01616e41       [chrome.dll     - execution.cc:90]     
v8::internal::Invoke
0x01616f04       [chrome.dll     - execution.cc:116]    
v8::internal::Execution::Call(v8::internal::Handle<v8::internal::JSFunction
> ,v8::internal::Handle<v8::internal::Object>,int,v8::internal::Object * *
*,bool *)
0x015f4f5b       [chrome.dll     - api.cc:1941] 
v8::Function::Call(v8::Handle<v8::Object>,int,v8::Handle<v8::Value> *
const)
0x010407fd       [chrome.dll     - v8_proxy.cpp:1464]   
WebCore::V8Proxy::CallFunction(v8::Handle<v8::Function>,v8::Handle<v8::Obje
ct>,int,v8::Handle<v8::Value> * const)
0x01059c08       [chrome.dll     - scheduledaction.cpp:104]     
WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext *)
0x01222d56       [chrome.dll     - domtimer.cpp:129]    
WebCore::DOMTimer::fired()
0x0129868e       [chrome.dll     - threadtimers.cpp:111]        
WebCore::ThreadTimers::fireTimers(double,WTF::Vector<WebCore::TimerBase
*,0> const &)
0x0129870c       [chrome.dll     - threadtimers.cpp:141]        
WebCore::ThreadTimers::sharedTimerFiredInternal()
0x012986b7       [chrome.dll     - threadtimers.cpp:122]        
WebCore::ThreadTimers::sharedTimerFired()
0x01385d09       [chrome.dll     - message_loop.cc:308] 
MessageLoop::RunTask(Task *)
0x01385d40       [chrome.dll     - message_loop.cc:316] 
MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const &)
0x01385f94       [chrome.dll     - message_loop.cc:435] 
MessageLoop::DoDelayedWork(base::Time *)
0x0139f788       [chrome.dll     - message_pump_default.cc:27]  
base::MessagePumpDefault::Run(base::MessagePump::Delegate *)
0x01385bd5       [chrome.dll     - message_loop.cc:197] 
MessageLoop::RunInternal()
0x01385ba4       [chrome.dll     - message_loop.cc:180] 
MessageLoop::RunHandler()
0x01385b47       [chrome.dll     - message_loop.cc:154]  MessageLoop::Run()
0x0138bfb3       [chrome.dll     - thread.cc:156]       
base::Thread::ThreadMain()
0x0138b7bd       [chrome.dll     - platform_thread_win.cc:26]    `anonymous
namespace'::ThreadFunc(void *)
0x7c80b682       [kernel32.dll   + 0x0000b682]   BaseThreadStart

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---

Reply via email to