New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 7570 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Last visit 27 days ago
Closed: Jul 2009
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 1
Type: ----
M-4

Restricted
  • Only users with EditIssue permission may comment.



Sign in to add a comment

Chromium: Crash Report - Stack Signature: WebCore::RenderBox::calcAbsoluteHorizontalReplaced()

Reported by patrick@chromium.org, Feb 10 2009

Issue description

This crash seems to have started with the WebKit merge in r9462.


The full crash report details can be found at: http://go/crash-staging/reportdetail?reportid=13a5f8182e747b53&product=Chromium&version=2.0.162.0-
9464&signature=WebCore%3A%3ARenderBox%3A%3AcalcAbsoluteHorizontalReplaced()-21C9D33

Meta information:
Report ID: 13a5f8182e747b53
Report Time: 2009/02/10 06:16:52, Tue
Uptime: 24 sec
Cumulative Uptime: 0 sec
User Email: 
User Comments: ChromeBot: build=buildbot_9464_ext, url=http://quran.muslim-web.com/, proxy=2, full_dump=http://go/chromebot/dump?build=buildbot_9464_ext&id=0e7324c9-db93-42e7-a2ce-d080ab4b6e40-full
Product Name: Chromium
Product Version: 2.0.162.0-9464
OS Name: Windows NT
OS Version: 5.1.2600 Service Pack 2
CPU Architecture: x86
CPU Info: GenuineIntel family 6 model 3 stepping 3
rept: crash svc
ptype: renderer
plat: Win32

Stack Trace:

Thread 0
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e31a [ntdll.dll] +0x0000e31a NtRemoveIoCompletion
0x7c80a745 [kernel32.dll] +0x0000a745 GetQueuedCompletionStatus
0x024022e5 [chrome.dll] - message_pump_win.cc:519 base::MessagePumpForIO::GetIOItem(unsigned long,base::MessagePumpForIO::IOItem *)
0x02402c67 [chrome.dll] - message_pump_win.cc:490 base::MessagePumpForIO::WaitForIOCompletion(unsigned long,base::MessagePumpForIO::IOHandler *)
0x02403015 [chrome.dll] - message_pump_win.cc:483 base::MessagePumpForIO::WaitForWork()
0x02403411 [chrome.dll] - message_pump_win.cc:468 base::MessagePumpForIO::DoRunLoop()
0x0240305f [chrome.dll] - message_pump_win.h:78 base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x026ac259 [chrome.dll] - renderer_main.cc:109 RendererMain(MainFunctionParams const &)
0x023e5601 [chrome.dll] - chrome_dll_main.cc:315 ChromeMain
0x004030cd [chrome.exe] - chrome_exe_main.cc:95 wWinMain
0x00431f17 [chrome.exe] - crt0.c:324 __tmainCRTStartup
0x7c816fd6 [kernel32.dll] +0x00016fd6 BaseProcessStart

Thread 1 *CRASHED*
0x02a82204 [chrome.dll] - renderbox.cpp:2331 WebCore::RenderBox::calcAbsoluteHorizontalReplaced()
0x02a84533 [chrome.dll] - renderbox.cpp:1716 WebCore::RenderBox::calcAbsoluteHorizontal()
0x02a84b65 [chrome.dll] - renderbox.cpp:1205 WebCore::RenderBox::calcWidth()
0x02ac2ecc [chrome.dll] - renderpartobject.cpp:299 WebCore::RenderPartObject::layout()
0x02adbbcb [chrome.dll] - renderblock.cpp:1521 WebCore::RenderBlock::layoutPositionedObjects(bool)
0x02ae2137 [chrome.dll] - renderblock.cpp:827 WebCore::RenderBlock::layoutBlock(bool)
0x02ad6b9a [chrome.dll] - renderblock.cpp:704 WebCore::RenderBlock::layout()
0x02a63933 [chrome.dll] - renderview.cpp:120 WebCore::RenderView::layout()
0x02a37be7 [chrome.dll] - frameview.cpp:560 WebCore::FrameView::layout(bool)
0x02a37db6 [chrome.dll] - frameview.cpp:771 WebCore::FrameView::layoutTimerFired(WebCore::Timer<WebCore::FrameView> *)
0x02b8615d [chrome.dll] - timer.h:93 WebCore::Timer<WebCore::Document>::fired()
0x02ac20c3 [chrome.dll] - threadtimers.cpp:111 WebCore::ThreadTimers::fireTimers(double,WTF::Vector<WebCore::TimerBase *,0> const &)
0x02ac21be [chrome.dll] - threadtimers.cpp:141 WebCore::ThreadTimers::sharedTimerFiredInternal()
0x02778e72 [chrome.dll] - chromium_bridge_impl.cc:475 WebCore::SharedTimerTask::Run()
0x023f1a9f [chrome.dll] - message_loop.cc:308 MessageLoop::RunTask(Task *)
0x023f25f9 [chrome.dll] - message_loop.cc:408 MessageLoop::DoWork()
0x024070c0 [chrome.dll] - message_pump_default.cc:50 base::MessagePumpDefault::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x0295a039 [chrome.dll] - thread.cc:156 base::Thread::ThreadMain()
0x023fac7c [chrome.dll] - platform_thread_win.cc:26 `anonymous namespace'::ThreadFunc(void *)
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart

Thread 2
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e9aa [ntdll.dll] +0x0000e9aa ZwWaitForMultipleObjects
0x7c92a0d4 [ntdll.dll] +0x0002a0d4 RtlpWaitThread
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart
 

Comment 1 by jon@chromium.org, Feb 11 2009

Labels: stable
Status: Available
We appear to be failing hebrew and other right to left languages.  We need to check 
this against WebKit.  I bet this is something we picked up in a recent merge.  If so 
we need to upstream the bug.

It repros for me in the latest trunk build at http://www.tsetmc.com/dtod.aspx see http://chromebot/buildsummary?id=official_2.0.162.0 for a long list of failing sites 
and their stack traces.
This came in with this merge:

r9424 | darin@chromium.org | 2009-02-09 14:15:49 -0800 (Mon, 09 Feb 2009) | 6 lines

WebKit merge 40722:40785 (part 1)

The only interesting change here is in TransformationMatrixSkia.cpp and 
GraphicsContextSkia.cpp.  Now, WebCore has its own transformation matrix 
implementation, so we have to provide conversion functions between 
TransformationMatrix and SkMatrix.

R=brettw
Review URL: http://codereview.chromium.org/21184


Comment 3 by jon@chromium.org, Feb 11 2009

Status: Upstream
I was able to reproduce this in the nightly build of WebKit so I upstreamed this.  
See https://bugs.webkit.org/show_bug.cgi?id=23895
Labels: -Type-Bug -Pri-2 -OS-All Pri-1 Crash-2.0.162.0
This crash was found in 2.0.162.0 and is currently ranked #4 (based on the relative number of reports in the release).  There have been 66 reports from 24 clients.
This crash does not appear to have been in 2.0.160.0

Comment 5 by jon@chromium.org, Jun 5 2009

Labels: Mstone-4
Fix is stuck at WebKit waiting for a layout test.

Comment 6 by ojan@chromium.org, Jun 26 2009

Comment 7 by darin@chromium.org, Jul 13 2009

Labels: Fixit

Comment 8 by ojan@chromium.org, Jul 13 2009

Status: Fixed
The fix is already committed upstream. The bug is just being left open waiting for a 
layout test, which I think will probably never happen. In either case, we don't need to 
keep this bug open.
Labels: -Fixit bulkmove TaskForce-Fixit
This crash seems to have started with the WebKit merge in r9462.


The full crash report details can be found at: http://go/crash-staging/reportdetail?reportid=13a5f8182e747b53&amp;product=Chromium&amp;version=2.0.162.0-
9464&amp;signature=WebCore%3A%3ARenderBox%3A%3AcalcAbsoluteHorizontalReplaced()-21C9D33

Meta information:
Report ID: 13a5f8182e747b53
Report Time: 2009/02/10 06:16:52, Tue
Uptime: 24 sec
Cumulative Uptime: 0 sec
User Email: 
User Comments: ChromeBot: build=buildbot_9464_ext, url=http://quran.muslim-web.com/, proxy=2, full_dump=http://go/chromebot/dump?build=buildbot_9464_ext&amp;id=0e7324c9-db93-42e7-a2ce-d080ab4b6e40-full
Product Name: Chromium
Product Version: 2.0.162.0-9464
OS Name: Windows NT
OS Version: 5.1.2600 Service Pack 2
CPU Architecture: x86
CPU Info: GenuineIntel family 6 model 3 stepping 3
rept: crash svc
ptype: renderer
plat: Win32

Stack Trace:

Thread 0
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e31a [ntdll.dll] +0x0000e31a NtRemoveIoCompletion
0x7c80a745 [kernel32.dll] +0x0000a745 GetQueuedCompletionStatus
0x024022e5 [chrome.dll] - message_pump_win.cc:519 base::MessagePumpForIO::GetIOItem(unsigned long,base::MessagePumpForIO::IOItem *)
0x02402c67 [chrome.dll] - message_pump_win.cc:490 base::MessagePumpForIO::WaitForIOCompletion(unsigned long,base::MessagePumpForIO::IOHandler *)
0x02403015 [chrome.dll] - message_pump_win.cc:483 base::MessagePumpForIO::WaitForWork()
0x02403411 [chrome.dll] - message_pump_win.cc:468 base::MessagePumpForIO::DoRunLoop()
0x0240305f [chrome.dll] - message_pump_win.h:78 base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x026ac259 [chrome.dll] - renderer_main.cc:109 RendererMain(MainFunctionParams const &amp;)
0x023e5601 [chrome.dll] - chrome_dll_main.cc:315 ChromeMain
0x004030cd [chrome.exe] - chrome_exe_main.cc:95 wWinMain
0x00431f17 [chrome.exe] - crt0.c:324 __tmainCRTStartup
0x7c816fd6 [kernel32.dll] +0x00016fd6 BaseProcessStart

Thread 1 *CRASHED*
0x02a82204 [chrome.dll] - renderbox.cpp:2331 WebCore::RenderBox::calcAbsoluteHorizontalReplaced()
0x02a84533 [chrome.dll] - renderbox.cpp:1716 WebCore::RenderBox::calcAbsoluteHorizontal()
0x02a84b65 [chrome.dll] - renderbox.cpp:1205 WebCore::RenderBox::calcWidth()
0x02ac2ecc [chrome.dll] - renderpartobject.cpp:299 WebCore::RenderPartObject::layout()
0x02adbbcb [chrome.dll] - renderblock.cpp:1521 WebCore::RenderBlock::layoutPositionedObjects(bool)
0x02ae2137 [chrome.dll] - renderblock.cpp:827 WebCore::RenderBlock::layoutBlock(bool)
0x02ad6b9a [chrome.dll] - renderblock.cpp:704 WebCore::RenderBlock::layout()
0x02a63933 [chrome.dll] - renderview.cpp:120 WebCore::RenderView::layout()
0x02a37be7 [chrome.dll] - frameview.cpp:560 WebCore::FrameView::layout(bool)
0x02a37db6 [chrome.dll] - frameview.cpp:771 WebCore::FrameView::layoutTimerFired(WebCore::Timer&lt;WebCore::FrameView&gt; *)
0x02b8615d [chrome.dll] - timer.h:93 WebCore::Timer&lt;WebCore::Document&gt;::fired()
0x02ac20c3 [chrome.dll] - threadtimers.cpp:111 WebCore::ThreadTimers::fireTimers(double,WTF::Vector&lt;WebCore::TimerBase *,0&gt; const &amp;)
0x02ac21be [chrome.dll] - threadtimers.cpp:141 WebCore::ThreadTimers::sharedTimerFiredInternal()
0x02778e72 [chrome.dll] - chromium_bridge_impl.cc:475 WebCore::SharedTimerTask::Run()
0x023f1a9f [chrome.dll] - message_loop.cc:308 MessageLoop::RunTask(Task *)
0x023f25f9 [chrome.dll] - message_loop.cc:408 MessageLoop::DoWork()
0x024070c0 [chrome.dll] - message_pump_default.cc:50 base::MessagePumpDefault::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x0295a039 [chrome.dll] - thread.cc:156 base::Thread::ThreadMain()
0x023fac7c [chrome.dll] - platform_thread_win.cc:26 `anonymous namespace'::ThreadFunc(void *)
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart

Thread 2
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e9aa [ntdll.dll] +0x0000e9aa ZwWaitForMultipleObjects
0x7c92a0d4 [ntdll.dll] +0x0002a0d4 RtlpWaitThread
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart
Labels: -Crash Stability-Crash
This crash seems to have started with the WebKit merge in r9462.


The full crash report details can be found at: http://go/crash-staging/reportdetail?reportid=13a5f8182e747b53&amp;product=Chromium&amp;version=2.0.162.0-
9464&amp;signature=WebCore%3A%3ARenderBox%3A%3AcalcAbsoluteHorizontalReplaced()-21C9D33

Meta information:
Report ID: 13a5f8182e747b53
Report Time: 2009/02/10 06:16:52, Tue
Uptime: 24 sec
Cumulative Uptime: 0 sec
User Email: 
User Comments: ChromeBot: build=buildbot_9464_ext, url=http://quran.muslim-web.com/, proxy=2, full_dump=http://go/chromebot/dump?build=buildbot_9464_ext&amp;id=0e7324c9-db93-42e7-a2ce-d080ab4b6e40-full
Product Name: Chromium
Product Version: 2.0.162.0-9464
OS Name: Windows NT
OS Version: 5.1.2600 Service Pack 2
CPU Architecture: x86
CPU Info: GenuineIntel family 6 model 3 stepping 3
rept: crash svc
ptype: renderer
plat: Win32

Stack Trace:

Thread 0
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e31a [ntdll.dll] +0x0000e31a NtRemoveIoCompletion
0x7c80a745 [kernel32.dll] +0x0000a745 GetQueuedCompletionStatus
0x024022e5 [chrome.dll] - message_pump_win.cc:519 base::MessagePumpForIO::GetIOItem(unsigned long,base::MessagePumpForIO::IOItem *)
0x02402c67 [chrome.dll] - message_pump_win.cc:490 base::MessagePumpForIO::WaitForIOCompletion(unsigned long,base::MessagePumpForIO::IOHandler *)
0x02403015 [chrome.dll] - message_pump_win.cc:483 base::MessagePumpForIO::WaitForWork()
0x02403411 [chrome.dll] - message_pump_win.cc:468 base::MessagePumpForIO::DoRunLoop()
0x0240305f [chrome.dll] - message_pump_win.h:78 base::MessagePumpWin::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x026ac259 [chrome.dll] - renderer_main.cc:109 RendererMain(MainFunctionParams const &amp;)
0x023e5601 [chrome.dll] - chrome_dll_main.cc:315 ChromeMain
0x004030cd [chrome.exe] - chrome_exe_main.cc:95 wWinMain
0x00431f17 [chrome.exe] - crt0.c:324 __tmainCRTStartup
0x7c816fd6 [kernel32.dll] +0x00016fd6 BaseProcessStart

Thread 1 *CRASHED*
0x02a82204 [chrome.dll] - renderbox.cpp:2331 WebCore::RenderBox::calcAbsoluteHorizontalReplaced()
0x02a84533 [chrome.dll] - renderbox.cpp:1716 WebCore::RenderBox::calcAbsoluteHorizontal()
0x02a84b65 [chrome.dll] - renderbox.cpp:1205 WebCore::RenderBox::calcWidth()
0x02ac2ecc [chrome.dll] - renderpartobject.cpp:299 WebCore::RenderPartObject::layout()
0x02adbbcb [chrome.dll] - renderblock.cpp:1521 WebCore::RenderBlock::layoutPositionedObjects(bool)
0x02ae2137 [chrome.dll] - renderblock.cpp:827 WebCore::RenderBlock::layoutBlock(bool)
0x02ad6b9a [chrome.dll] - renderblock.cpp:704 WebCore::RenderBlock::layout()
0x02a63933 [chrome.dll] - renderview.cpp:120 WebCore::RenderView::layout()
0x02a37be7 [chrome.dll] - frameview.cpp:560 WebCore::FrameView::layout(bool)
0x02a37db6 [chrome.dll] - frameview.cpp:771 WebCore::FrameView::layoutTimerFired(WebCore::Timer&lt;WebCore::FrameView&gt; *)
0x02b8615d [chrome.dll] - timer.h:93 WebCore::Timer&lt;WebCore::Document&gt;::fired()
0x02ac20c3 [chrome.dll] - threadtimers.cpp:111 WebCore::ThreadTimers::fireTimers(double,WTF::Vector&lt;WebCore::TimerBase *,0&gt; const &amp;)
0x02ac21be [chrome.dll] - threadtimers.cpp:141 WebCore::ThreadTimers::sharedTimerFiredInternal()
0x02778e72 [chrome.dll] - chromium_bridge_impl.cc:475 WebCore::SharedTimerTask::Run()
0x023f1a9f [chrome.dll] - message_loop.cc:308 MessageLoop::RunTask(Task *)
0x023f25f9 [chrome.dll] - message_loop.cc:408 MessageLoop::DoWork()
0x024070c0 [chrome.dll] - message_pump_default.cc:50 base::MessagePumpDefault::Run(base::MessagePump::Delegate *)
0x023f2176 [chrome.dll] - message_loop.cc:197 MessageLoop::RunInternal()
0x023f230f [chrome.dll] - message_loop.cc:180 MessageLoop::RunHandler()
0x023f2bac [chrome.dll] - message_loop.cc:154 MessageLoop::Run()
0x0295a039 [chrome.dll] - thread.cc:156 base::Thread::ThreadMain()
0x023fac7c [chrome.dll] - platform_thread_win.cc:26 `anonymous namespace'::ThreadFunc(void *)
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart

Thread 2
0x7c90eb94 [ntdll.dll] +0x0000eb94 KiFastSystemCallRet
0x7c90e9aa [ntdll.dll] +0x0000e9aa ZwWaitForMultipleObjects
0x7c92a0d4 [ntdll.dll] +0x0002a0d4 RtlpWaitThread
0x7c80b682 [kernel32.dll] +0x0000b682 BaseThreadStart
Project Member

Comment 11 by bugdroid1@chromium.org, Oct 13 2012

Labels: Restrict-AddIssueComment-Commit
This issue has been closed for some time. No one will pay attention to new comments.
If you are seeing this bug or have new data, please click New Issue to start a new bug.
Project Member

Comment 12 by bugdroid1@chromium.org, Mar 10 2013

Labels: -Area-WebKit -Mstone-4 Cr-Content M-4
Project Member

Comment 13 by bugdroid1@chromium.org, Mar 13 2013

Labels: -Restrict-AddIssueComment-Commit Restrict-AddIssueComment-EditIssue
Project Member

Comment 14 by bugdroid1@chromium.org, Apr 6 2013

Labels: -Cr-Content Cr-Blink

Sign in to add a comment