[Webkit-unassigned] [Bug 69403] New: [WK2] [GTK] WebKitTestRunner crashes with heap corruption

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Oct 5 00:26:28 PDT 2011 

https://bugs.webkit.org/show_bug.cgi?id=69403

           Summary: [WK2] [GTK] WebKitTestRunner crashes with heap
                    corruption
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: alex at igalia.com
                CC: mrobinson at webkit.org, pnormand at igalia.com


WebKitTestRunner is crashing randomly due to heap memory corruption. The stacks of the crash does not give much information about the issue. The valgrind log shows we have problems with Mutex size in some situations:


==962== Invalid write of size 8
==962==    at 0x37FC808963: pthread_mutex_init (pthread_mutex_init.c:83)
==962==    by 0x8EC5C53: WTF::Mutex::Mutex() (ThreadingPthreads.cpp:228)
==962==    by 0xD8BC1B0: WTF::HashTable<unsigned int, std::pair<unsigned int, WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*> >, WTF::PairFirstExtractor<std::pair<unsigned int, WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*> > >, WTF::IntHash<unsigned int>, $
==962==    by 0xD8BC061: WTF::HashMap<unsigned int, WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*>, WTF::IntHash<unsigned int>, WTF::HashTraits<unsigned int>, WTF::HashTraits<WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*> > >::HashMap() (HashMap.h:32)
==962==    by 0xD8BBB97: WTR::worldMap() (LayoutTestController.cpp:461)
==962==    by 0xD8BBBD5: WTR::LayoutTestController::worldIDForWorld(OpaqueWKBundleScriptWorld const*) (LayoutTestController.cpp:467)
==962==    by 0xD8B4E6F: WTR::InjectedBundlePage::didClearWindowForFrame(OpaqueWKBundleFrame const*, OpaqueWKBundleScriptWorld const*) (InjectedBundlePage.cpp:639)
==962==    by 0xD8B3F16: WTR::InjectedBundlePage::didClearWindowForFrame(OpaqueWKBundlePage const*, OpaqueWKBundleFrame const*, OpaqueWKBundleScriptWorld const*, void const*) (InjectedBundlePage.cpp:358)
...
==962==  Address 0xdc76b48 is 0 bytes after a block of size 40 alloc'd
==962==    at 0x4A05E46: malloc (vg_replace_malloc.c:195)
==962==    by 0x8EA9E22: WTF::fastMalloc(unsigned long) (FastMalloc.cpp:264)
==962==    by 0xD8BC135: WTF::HashMap<unsigned int, WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*>, WTF::IntHash<unsigned int>, WTF::HashTraits<unsigned int>, WTF::HashTraits<WebKit::WKRetainPtr<OpaqueWKBundleScriptWorld const*> > >::operator new(unsigned long) ($
==962==    by 0xD8BBB89: WTR::worldMap() (LayoutTestController.cpp:461)
==962==    by 0xD8BBBD5: WTR::LayoutTestController::worldIDForWorld(OpaqueWKBundleScriptWorld const*) (LayoutTestController.cpp:467)
...

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list