Status: Untriaged Owner: ---- CC: [email protected], [email protected], [email protected], [email protected] Labels: Type-Bug Pri-1 OS-All Area-WebKit Size-Medium Crash
New issue 17366 by [email protected]: Crash in WTF::RefPtr<WebCore::HTMLScriptElement>::operator= http://code.google.com/p/chromium/issues/detail?id=17366 This happens since r21111. The previous build r21094 is ok. Possible URL to repro: http://playonclick.com/Videos/showMovie.php chrome_23a0000!WTF::RefPtr<WebCore::Node>::operator=+0x1b [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\javascriptcore\wtf\refptr.h @ 100] chrome_23a0000!WebCore::FrameView::scrollToAnchor+0xbc [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\page\frameview.cpp @ 1165] chrome_23a0000!WebCore::FrameView::maintainScrollPositionAtAnchor+0x90 [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\page\frameview.cpp @ 763] chrome_23a0000!WebCore::FrameLoader::gotoAnchor+0x252 [c:\b\slave\chromium- rel-xp\build\src\third_party\webkit\webcore\loader\frameloader.cpp @ 1592] chrome_23a0000!WebCore::FrameLoader::gotoAnchor+0x45 [c:\b\slave\chromium- rel-xp\build\src\third_party\webkit\webcore\loader\frameloader.cpp @ 1184] chrome_23a0000!WebCore::FrameLoader::finishedParsing+0x55 [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\loader\frameloader.cpp @ 1214] chrome_23a0000!WebCore::Document::finishedParsing+0x8f [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\dom\document.cpp @ 3919] chrome_23a0000!WebCore::HTMLTokenizer::end+0x90 [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\html\htmltokenizer.cpp @ 1846] chrome_23a0000!WebCore::HTMLTokenizer::write+0x56e [c:\b\slave\chromium- rel-xp\build\src\third_party\webkit\webcore\html\htmltokenizer.cpp @ 1791] chrome_23a0000!WebCore::HTMLTokenizer::timerFired+0x93 [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\html\htmltokenizer.cpp @ 1824] chrome_23a0000!WebCore::Timer<WebCore::SMILTimeContainer>::fired+0xe [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\platform\timer.h @ 98] chrome_23a0000!WebCore::ThreadTimers::fireTimers+0x74 [c:\b\slave\chromium- rel-xp\build\src\third_party\webkit\webcore\platform\threadtimers.cpp @ 114] chrome_23a0000!WebCore::ThreadTimers::sharedTimerFiredInternal+0x4f [c:\b\slave\chromium-rel- xp\build\src\third_party\webkit\webcore\platform\threadtimers.cpp @ 143] chrome_23a0000!MessageLoop::RunTask+0x7e [c:\b\slave\chromium-rel- xp\build\src\base\message_loop.cc @ 314] chrome_23a0000!MessageLoop::DoWork+0x1ea [c:\b\slave\chromium-rel- xp\build\src\base\message_loop.cc @ 435] chrome_23a0000!base::MessagePumpDefault::Run+0x111 [c:\b\slave\chromium- rel-xp\build\src\base\message_pump_default.cc @ 50] chrome_23a0000!MessageLoop::RunInternal+0xb7 [c:\b\slave\chromium-rel- xp\build\src\base\message_loop.cc @ 198] chrome_23a0000!MessageLoop::RunHandler+0xa0 [c:\b\slave\chromium-rel- xp\build\src\base\message_loop.cc @ 182] chrome_23a0000!MessageLoop::Run+0x3d [c:\b\slave\chromium-rel- xp\build\src\base\message_loop.cc @ 156] chrome_23a0000!base::Thread::ThreadMain+0x8a [c:\b\slave\chromium-rel- xp\build\src\base\thread.cc @ 159] chrome_23a0000!`anonymous namespace'::ThreadFunc+0xd [c:\b\slave\chromium- rel-xp\build\src\base\platform_thread_win.cc @ 27] WARNING: Stack unwind information not available. Following frames may be wrong. kernel32!GetModuleFileNameA+0x1b4 -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
