[Webkit-unassigned] [Bug 48634] A number of tests has suspicious "shadow" after r70846
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Nov 11 20:32:37 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=48634
--- Comment #12 from Mihai Parparita <mihaip at chromium.org> 2010-11-11 20:32:36 PST ---
(In reply to comment #11)
> Can we get a backtrace of the failed allocation? It would be interesting to see purported width and height of image we're trying to allocate.
As it turns out, the malloc failure happens on Snow Leopard with test_shell, so this is easier to reproduce:
#0 0x976ead12 in malloc_error_break ()
#1 0x976ebeb8 in szone_error ()
#2 0x975f6ec0 in allocate_pages ()
#3 0x976077b2 in large_malloc ()
#4 0x975f8f90 in szone_malloc_should_clear ()
#5 0x975fa08b in malloc_zone_calloc ()
#6 0x9974fe48 in __CFDataAllocate ()
#7 0x997523f5 in __CFDataGrow ()
#8 0x99796c29 in CFDataSetLength ()
#9 0x010515b8 in WebCore::RGBA32Buffer::setSize (this=0x6824600, newWidth=14489, newHeight=34615) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/cg/ImageDecoderCG.cpp:64
#10 0x01051be2 in WebCore::GIFImageDecoder::initFrameBuffer (this=0x5e17c30, frameIndex=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageDecoder.cpp:343
#11 0x01052593 in WebCore::GIFImageDecoder::haveDecodedRow (this=0x5e17c30, frameIndex=0, rowBuffer=0x681a600 "\313\314\313\314\320\314\314\314\332\314\314\314\314\314\314\314\314#\314\314\314##\351#\321\324\b\b\325\b\325\325\3308\3308\3308\330l88l", rowEnd=0x681a699 "", rowNumber=0, repeatCount=1, writeTransparentPixels=false) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageDecoder.cpp:223
#12 0x01053aff in GIFImageReader::output_row (this=0x5e20930) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageReader.cpp:161
#13 0x010540a0 in GIFImageReader::do_lzw (this=0x5e20930, q=0x6841b21 "") at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageReader.cpp:356
#14 0x01054396 in GIFImageReader::read (this=0x5e20930, buf=0x6841c20 "\377V\275\235v^\2335\367\"\320\255\363\341\303\351a\a\023>\234t\370\323\342\215{\215O\316u9\346\257\316A\a\235t\264\035dPg\026a\207\035i\v\266\365\253\203\342}w\027m\tRd\323\205\236\261\027\3155\351/\243\020BB\t5\224Q\210\325\307\324}\214Q\265\037\177\375Q6\220\210!\372\246\315`\003%5\320\215c\351d\221^\025\365h\351i\032\241\024$J\336M(\223\205z]\230\336z\032\246\343\244O\004\306'\242a$\036\325\214}\3675\346\330\212,b\265\234? .\363\314P1\n\365\"\2158\342h\226g<\266\351#m8T\223\321Ek\305V\333D\350\211ySn\032r\332\016Y1\212)fpI"..., len=33476, query=WebCore::GIFImageDecoder::GIFFullQuery, haltAtFrame=1) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageReader.cpp:446
#15 0x0105202d in WebCore::GIFImageDecoder::decode (this=0x5e17c30, haltAtFrame=1, query=WebCore::GIFImageDecoder::GIFFullQuery) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageDecoder.cpp:318
#16 0x010520e7 in WebCore::GIFImageDecoder::frameBufferAtIndex (this=0x5e17c30, index=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/image-decoders/gif/GIFImageDecoder.cpp:127
#17 0x0103f13e in WebCore::ImageSource::createFrameAtIndex (this=0x5e17924, index=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/ImageSource.cpp:132
#18 0x00fe4183 in WebCore::BitmapImage::cacheFrame (this=0x5e17910, index=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/BitmapImage.cpp:121
#19 0x00fe4960 in WebCore::BitmapImage::frameAtIndex (this=0x5e17910, index=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/BitmapImage.cpp:213
#20 0x00f921f6 in WebCore::BitmapImage::draw (this=0x5e17910, ctxt=0xbfffbf48, destRect=@0xbfffad1c, srcRect=@0xbfffad0c, styleColorSpace=WebCore::ColorSpaceDeviceRGB, compositeOp=WebCore::CompositeSourceOver) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/cg/ImageCG.cpp:162
#21 0x01001231 in WebCore::GraphicsContext::drawImage (this=0xbfffbf48, image=0x5e17910, styleColorSpace=WebCore::ColorSpaceDeviceRGB, dest=@0xbfffadf0, src=@0xbfffade0, op=WebCore::CompositeSourceOver, useLowQualityScale=false) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/GraphicsContext.cpp:413
#22 0x010012a3 in WebCore::GraphicsContext::drawImage (this=0xbfffbf48, image=0x5e17910, styleColorSpace=WebCore::ColorSpaceDeviceRGB, dest=@0xbfffaf24, srcRect=@0xbfffae40, op=WebCore::CompositeSourceOver, useLowQualityScale=false) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/GraphicsContext.cpp:329
#23 0x010013e2 in WebCore::GraphicsContext::drawImage (this=0xbfffbf48, image=0x5e17910, styleColorSpace=WebCore::ColorSpaceDeviceRGB, r=@0xbfffaf24, op=WebCore::CompositeSourceOver, useLowQualityScale=false) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/graphics/GraphicsContext.cpp:319
#24 0x015c6e38 in WebCore::RenderImage::paintIntoRect (this=0x5e1c78c, context=0xbfffbf48, rect=@0xbfffaf24) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderImage.cpp:355
#25 0x015c787f in WebCore::RenderImage::paintReplaced (this=0x5e1c78c, paintInfo=@0xbfffb0fc, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderImage.cpp:291
#26 0x01620030 in WebCore::RenderReplaced::paint (this=0x5e1c78c, paintInfo=@0xbfffb0fc, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderReplaced.cpp:146
#27 0x015c70b8 in WebCore::RenderImage::paint (this=0x5e1c78c, paintInfo=@0xbfffb0fc, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderImage.cpp:297
#28 0x01541d1d in WebCore::InlineBox::paint (this=0x5e1d62c, paintInfo=@0xbfffb164, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/InlineBox.cpp:184
#29 0x01544545 in WebCore::InlineFlowBox::paint (this=0x5e172dc, paintInfo=@0xbfffb224, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/InlineFlowBox.cpp:749
#30 0x0166cd3a in WebCore::RootInlineBox::paint (this=0x5e172dc, paintInfo=@0xbfffb224, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RootInlineBox.cpp:178
#31 0x015f3e31 in WebCore::RenderLineBoxList::paint (this=0x5e1c088, renderer=0x5e1c01c, paintInfo=@0xbfffb420, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderLineBoxList.cpp:256
#32 0x015690a3 in WebCore::RenderBlock::paintContents (this=0x5e1c01c, paintInfo=@0xbfffb420, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2224
#33 0x01569891 in WebCore::RenderBlock::paintObject (this=0x5e1c01c, paintInfo=@0xbfffb420, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2334
#34 0x01569cff in WebCore::RenderBlock::paint (this=0x5e1c01c, paintInfo=@0xbfffb420, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2115
#35 0x01568ebd in WebCore::RenderBlock::paintChildren (this=0x5e1c90c, paintInfo=@0xbfffb5b0, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2267
#36 0x015690c5 in WebCore::RenderBlock::paintContents (this=0x5e1c90c, paintInfo=@0xbfffb5b0, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2226
#37 0x01569891 in WebCore::RenderBlock::paintObject (this=0x5e1c90c, paintInfo=@0xbfffb5b0, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2334
#38 0x01569cff in WebCore::RenderBlock::paint (this=0x5e1c90c, paintInfo=@0xbfffb5b0, tx=8, ty=8) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2115
#39 0x01568ebd in WebCore::RenderBlock::paintChildren (this=0x5e1a23c, paintInfo=@0xbfffb934, tx=0, ty=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2267
#40 0x015690c5 in WebCore::RenderBlock::paintContents (this=0x5e1a23c, paintInfo=@0xbfffb934, tx=0, ty=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2226
#41 0x01569891 in WebCore::RenderBlock::paintObject (this=0x5e1a23c, paintInfo=@0xbfffb934, tx=0, ty=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2334
#42 0x01569cff in WebCore::RenderBlock::paint (this=0x5e1a23c, paintInfo=@0xbfffb934, tx=0, ty=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderBlock.cpp:2115
#43 0x015d8fe4 in WebCore::RenderLayer::paintLayer (this=0x5e1b3dc, rootLayer=0x5e0fbec, p=0xbfffbf48, paintDirtyRect=@0xbfffbea0, paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffbd48, paintFlags=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderLayer.cpp:2489
#44 0x015d9aad in WebCore::RenderLayer::paintList (this=0x5e0fbec, list=0x5c00130, rootLayer=0x5e0fbec, p=0xbfffbf48, paintDirtyRect=@0xbfffbea0, paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffbd48, paintFlags=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderLayer.cpp:2542
#45 0x015d91b7 in WebCore::RenderLayer::paintLayer (this=0x5e0fbec, rootLayer=0x5e0fbec, p=0xbfffbf48, paintDirtyRect=@0xbfffbea0, paintBehavior=0, paintingRoot=0x0, overlapTestRequests=0xbfffbd48, paintFlags=0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderLayer.cpp:2510
#46 0x015d9b9b in WebCore::RenderLayer::paint (this=0x5e0fbec, p=0xbfffbf48, damageRect=@0xbfffbea0, paintBehavior=0, paintingRoot=0x0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../rendering/RenderLayer.cpp:2295
#47 0x014dfed5 in WebCore::FrameView::paintContents (this=0x7009c00, p=0xbfffbf48, rect=@0xbfffbea0) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../page/FrameView.cpp:2122
#48 0x01099cf5 in WebCore::ScrollView::paint (this=0x7009c00, context=0xbfffbf48, rect=@0xbfffbf08) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebCore/WebCore.gyp/../platform/ScrollView.cpp:851
#49 0x00aba103 in WebKit::WebFrameImpl::paintWithContext (this=0x5c11670, gc=@0xbfffbf48, rect=@0xbfffc16c) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebKit/chromium/src/WebFrameImpl.cpp:1891
#50 0x00aba1d4 in WebKit::WebFrameImpl::paint (this=0x5c11670, canvas=0x15815bc0, rect=@0xbfffc16c) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebKit/chromium/src/WebFrameImpl.cpp:1913
#51 0x00af5084 in WebKit::WebViewImpl::paint (this=0x5c101f0, canvas=0x15815bc0, rect=@0xbfffc16c) at /Users/mihaip/Developer/source/chromium1/src/third_party/WebKit/WebKit/chromium/src/WebViewImpl.cpp:1027
#52 0x000211d8 in WebWidgetHost::PaintRect (this=0x5c0f220, rect=@0xbfffc284) at /Users/mihaip/Developer/source/chromium1/src/webkit/tools/test_shell/mac/webwidget_host.mm:281
#53 0x00021ac7 in WebWidgetHost::Paint (this=0x5c0f220) at /Users/mihaip/Developer/source/chromium1/src/webkit/tools/test_shell/mac/webwidget_host.mm:207
#54 0x0001ed57 in -[TestShellWebView drawRect:] (self=0x5c0f280, _cmd=0x92c589e8, rect={origin = {x = 0, y = 0}, size = {width = 800, height = 600}}) at /Users/mihaip/Developer/source/chromium1/src/webkit/tools/test_shell/mac/test_shell_webview.mm:59
#55 0x92598a36 in -[NSView _drawRect:clip:] ()
#56 0x925976d4 in -[NSView _recursiveDisplayAllDirtyWithLockFocus:visRect:] ()
#57 0x92595bf3 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#58 0x92596b68 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#59 0x92596b68 in -[NSView _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#60 0x92595767 in -[NSThemeFrame _recursiveDisplayRectIfNeededIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:topView:] ()
#61 0x925920ae in -[NSView _displayRectIgnoringOpacity:isVisibleRect:rectIsVisibleRectForView:] ()
#62 0x924f2d3f in -[NSView displayIfNeeded] ()
#63 0x924bc050 in -[NSWindow displayIfNeeded] ()
#64 0x924ed572 in _handleWindowNeedsDisplay ()
#65 0x97968968 in __NSFireTimer ()
#66 0x9976870b in __CFRunLoopRun ()
#67 0x99766094 in CFRunLoopRunSpecific ()
#68 0x99765ec1 in CFRunLoopRunInMode ()
#69 0x906d3f9c in RunCurrentEventLoopInMode ()
#70 0x906d3d51 in ReceiveNextEventCommon ()
#71 0x906d3bd6 in BlockUntilNextEventMatchingListInMode ()
#72 0x924c3a89 in _DPSNextEvent ()
#73 0x924c32ca in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] ()
#74 0x9248555b in -[NSApplication run] ()
#75 0x001a66ba in base::MessagePumpNSApplication::DoRun (this=0x8f08a00, delegate=0xbffff4d0) at /Users/mihaip/Developer/source/chromium1/src/base/message_pump_mac.mm:683
#76 0x001a6ca9 in base::MessagePumpCFRunLoopBase::Run (this=0x8f08a00, delegate=0xbffff4d0) at /Users/mihaip/Developer/source/chromium1/src/base/message_pump_mac.mm:213
#77 0x0013893b in MessageLoop::RunInternal (this=0xbffff4d0) at /Users/mihaip/Developer/source/chromium1/src/base/message_loop.cc:266
#78 0x00138955 in MessageLoop::RunHandler (this=0xbffff4d0) at /Users/mihaip/Developer/source/chromium1/src/base/message_loop.cc:238
#79 0x001389b9 in MessageLoop::Run (this=0xbffff4d0) at /Users/mihaip/Developer/source/chromium1/src/base/message_loop.cc:216
#80 0x0001d3f1 in main (argc=1, argv=0xbffff684) at /Users/mihaip/Developer/source/chromium1/src/webkit/tools/test_shell/test_shell_main.cc:442
In theory, based on http://trac.webkit.org/changeset/52833 and http://trac.webkit.org/changeset/52102 we should be rejecting invalid sizes and malloc failures, but I'm not seeing that here.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list