[v8-dev] Issue 1720 in v8: NewGC: Assertion in WebKit WebCore::freeV8NPObject hit.

Fri, 23 Sep 2011 03:49:37 -0700 

Status: Accepted
Owner: [email protected]
Labels: Type-Bug Priority-High NewGC
New issue 1720 by [email protected]: NewGC: Assertion in WebKit WebCore::freeV8NPObject hit. 
http://code.google.com/p/v8/issues/detail?id=1720
This assertion triggers with Chromium and recent bleeding edge in debug mode on some pages (e.g. http://spor.mynet.com). 

0x00007ffff38dc82d in WebCore::freeV8NPObject (npObject=0x7fffd53211b0)
    at third_party/WebKit/Source/WebCore/bindings/v8/NPV8Object.cpp:77
77              ASSERT(staticV8NPObjectMap()->contains(v8ObjectHash));
(gdb) bt
#0  0x00007ffff38dc82d in WebCore::freeV8NPObject (npObject=0x7fffd53211b0)
    at third_party/WebKit/Source/WebCore/bindings/v8/NPV8Object.cpp:77
#1  0x00007ffff393b5bc in _NPN_DeallocateObject (npObject=0x7fffd53211b0)
    at third_party/WebKit/Source/WebCore/bindings/v8/npruntime.cpp:310
#2 0x00007ffff38e3d71 in WebCore::ScriptController::clearScriptObjects (this=0x7fffce3091c0) at third_party/WebKit/Source/WebCore/bindings/v8/ScriptController.cpp:139 #3 0x00007ffff3bb7d55 in WebCore::Frame::pageDestroyed (this=0x7fffce308c00) 
    at third_party/WebKit/Source/WebCore/page/Frame.cpp:708
#4 0x00007ffff3b240cc in WebCore::FrameLoader::closeAndRemoveChild (this=0x7fffcdbb04b8, child=0x7fffce308c00) 
    at third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:2390
#5 0x00007ffff3b2450e in WebCore::FrameLoader::detachFromParent (this=0x7fffce308cb8) 
    at third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:2464
#6 0x00007ffff3b24004 in WebCore::FrameLoader::detachChildren (this=0x7fffcdbb04b8) 
    at third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:2379
#7 0x00007ffff3b2449d in WebCore::FrameLoader::detachFromParent (this=0x7fffcdbb04b8) 
    at third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:2453
#8 0x00007ffff3b24432 in WebCore::FrameLoader::frameDetached (this=0x7fffcdbb04b8) 
    at third_party/WebKit/Source/WebCore/loader/FrameLoader.cpp:2444
#9  0x00007ffff34146b0 in WebKit::WebViewImpl::close (this=0x7fffca70b000)
    at third_party/WebKit/Source/WebKit/chromium/src/WebViewImpl.cpp:981
#10 0x00007ffff4b97fac in RenderWidget::Close (this=0x7fffcdbaf800) at content/renderer/render_widget.cc:1022 #11 0x00007ffff4b801f2 in RenderView::Close (this=0x7fffcdbaf800) at content/renderer/render_view.cc:4187 #12 0x00007ffff4b9b763 in DispatchToMethod<RenderWidget, void (RenderWidget::*)()> (obj=0x7fffcdbaf800, 
    method=&virtual RenderWidget::Close(), arg=...) at ./base/tuple.h:541
#13 0x00007ffff4b9b6a6 in RunnableMethod<RenderWidget, void (RenderWidget::*)(), Tuple0>::Run (this=0x7fffcfbfd7b0) 
    at ./base/task.h:348
#14 0x00007ffff26cea17 in base::subtle::TaskClosureAdapter::Run (this=0x7fffceebd180) at base/task.cc:56 #15 0x00007ffff268af2a in base::internal::Invoker1<false, base::internal::InvokerStorage1<void (base::subtle::TaskClosureAdapter::*)(), base::subtle::TaskClosureAdapter*>, void (base::subtle::TaskClosureAdapter::*)()>::DoInvoke ( 
    base=0x7fffcd324c60) at ./base/bind_internal.h:595
#16 0x00007ffff2068e2b in base::Callback<void()>::Run(void) const (this=0x7fffd96ba550) at ./base/callback.h:269 #17 0x00007ffff2688005 in MessageLoop::RunTask (this=0x7fffd96bab80, pending_task=...) at base/message_loop.cc:476 #18 0x00007ffff268810d in MessageLoop::DeferOrRunPendingTask (this=0x7fffd96bab80, pending_task=...) 
    at base/message_loop.cc:492
#19 0x00007ffff2688923 in MessageLoop::DoWork (this=0x7fffd96bab80) at base/message_loop.cc:682 #20 0x00007ffff2690378 in base::MessagePumpDefault::Run (this=0x7fffddaf2780, delegate=0x7fffd96bab80) 
    at base/message_pump_default.cc:23
#21 0x00007ffff2687df9 in MessageLoop::RunInternal (this=0x7fffd96bab80) at base/message_loop.cc:443 #22 0x00007ffff2687cac in MessageLoop::RunHandler (this=0x7fffd96bab80) at base/message_loop.cc:416 #23 0x00007ffff26876c7 in MessageLoop::Run (this=0x7fffd96bab80) at base/message_loop.cc:340 #24 0x00007ffff26d0e4a in base::Thread::Run (this=0x7fffddae14b0, message_loop=0x7fffd96bab80) 
    at base/threading/thread.cc:128
#25 0x00007ffff26d0fca in base::Thread::ThreadMain (this=0x7fffddae14b0) at base/threading/thread.cc:163 #26 0x00007ffff26d02fb in base::(anonymous namespace)::ThreadFunc (params=0x7fffddaf3ca0) 
    at base/threading/platform_thread_posix.cc:58
#27 0x00007fffec4989ca in start_thread (arg=<value optimized out>) at pthread_create.c:300 #28 0x00007fffe9c8670d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112 
#29 0x0000000000000000 in ?? ()


--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

Reply via email to