[Webkit-unassigned] [Bug 61451] New: Fix crash in Chromium memory test.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed May 25 11:30:13 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=61451

           Summary: Fix crash in Chromium memory test.
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: New Bugs
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: shishir at chromium.org


Chromium stack trace:
InvalidRead
Invalid read of size 4
  WebKit::WebViewImpl::WebViewImpl(WebKit::WebViewClient*) (third_party/WebKit/Source/WebKit/chromium/src/WebViewImpl.cpp:371)
  WebKit::WebView::create(WebKit::WebViewClient*) (third_party/WebKit/Source/WebKit/chromium/src/WebViewImpl.cpp:225)
  WebKit::WebWorkerBase::initializeLoader(WebKit::WebURL const&) (third_party/WebKit/Source/WebKit/chromium/src/WebWorkerBase.cpp:240)
  WebKit::WebWorkerImpl::startWorkerContext(WebKit::WebURL const&, WebKit::WebString const&, WebKit::WebString const&) (third_party/WebKit/Source/WebKit/chromium/src/WebWorkerImpl.cpp:105)
  void DispatchToMethod<WebKit::WebWorker, void (WebKit::WebWorker::*)(WebKit::WebURL const&, WebKit::WebString const&, WebKit::WebString const&), GURL, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> >, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> > >(WebKit::WebWorker*, void (WebKit::WebWorker::*)(WebKit::WebURL const&, WebKit::WebString const&, WebKit::WebString const&), Tuple3<GURL, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> >, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> > > const&) (./base/tuple.h:564)
  bool IPC::MessageWithTuple<Tuple3<GURL, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> >, std::basic_string<unsigned short, base::string16_char_traits, std::allocator<unsigned short> > > >::Dispatch<WebKit::WebWorker, WebWorkerStub, void (WebKit::WebWorker::*)(WebKit::WebURL const&, WebKit::WebString const&, WebKit::WebString const&)>(IPC::Message const*, WebKit::WebWorker*, WebWorkerStub*, void (WebKit::WebWorker::*)(WebKit::WebURL const&, WebKit::WebString const&, WebKit::WebString const&)) (./ipc/ipc_message_utils.h:963)
  WebWorkerStub::OnMessageReceived(IPC::Message const&) (content/worker/webworker_stub.cc:43)
  MessageRouter::RouteMessage(IPC::Message const&) (content/common/message_router.cc:46)
  MessageRouter::OnMessageReceived(IPC::Message const&) (content/common/message_router.cc:38)
  ChildThread::OnMessageReceived(IPC::Message const&) (content/common/child_thread.cc:175)
  IPC::ChannelProxy::Context::OnDispatchMessage(IPC::Message const&) (ipc/ipc_channel_proxy.cc:256)
  void DispatchToMethod<IPC::ChannelProxy::Context, void (IPC::ChannelProxy::Context::*)(IPC::Message const&), IPC::Message>(IPC::ChannelProxy::Context*, void (IPC::ChannelProxy::Context::*)(IPC::Message const&), Tuple1<IPC::Message> const&) (./base/tuple.h:551)
  RunnableMethod<IPC::ChannelProxy::Context, void (IPC::ChannelProxy::Context::*)(IPC::Message const&), Tuple1<IPC::Message> >::Run() (./base/task.h:338)
  (anonymous namespace)::TaskClosureAdapter::Run() (base/message_loop.cc:102)
  base::internal::Invoker1<false, base::internal::InvokerStorage1<void ((anonymous namespace)::TaskClosureAdapter::*)(), (anonymous namespace)::TaskClosureAdapter*>, void ((anonymous namespace)::TaskClosureAdapter::*)()>::DoInvoke(base::internal::InvokerStorageBase*) (./base/bind_internal.h:547)
  base::Callback<void ()()>::Run() const (./base/callback.h:261)
  MessageLoop::RunTask(MessageLoop::PendingTask const&) (base/message_loop.cc:482)
  MessageLoop::DeferOrRunPendingTask(MessageLoop::PendingTask const&) (base/message_loop.cc:500)
  MessageLoop::DoWork() (base/message_loop.cc:691)
  base::MessagePumpDefault::Run(base::MessagePump::Delegate*) (base/message_pump_default.cc:23)
  MessageLoop::RunInternal() (base/message_loop.cc:449)
  MessageLoop::RunHandler() (base/message_loop.cc:422)
  MessageLoop::Run() (base/message_loop.cc:346)
  WorkerMain(MainFunctionParams const&) (content/worker/worker_main.cc:52)
  (anonymous namespace)::RunZygote(MainFunctionParams const&) (chrome/app/chrome_main.cc:448)
  (anonymous namespace)::RunNamedProcessTypeMain(std::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, MainFunctionParams const&) (chrome/app/chrome_main.cc:494)
  ChromeMain (chrome/app/chrome_main.cc:815)
  main (chrome/app/chrome_exe_main_gtk.cc:46)

This is likely due to the client being null at the WebViewImpl constructor.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list