Updates:
Status: Assigned
Owner: [email protected]
Cc: [email protected] [email protected]
Comment #18 on issue 11492 by [email protected]: Crash -
tcmalloc::ThreadCache::Allocate(unsigned int)
http://code.google.com/p/chromium/issues/detail?id=11492
Saying the stack isn't useful isn't necessarily the best reason to close a
bug this
way. I just ran into the bug on my machine on 3.0.193.0. It happened more
than an
hour after I had launched the browser.
Mike Belshe and I did some digging and got a bit more info on the crash.
It appears
that a node in tcmalloc's FreeList has become corrupt. This can happen by
a caller
continuing to use memory after it's been freed (tcmalloc uses the first 4
bytes of
the buffer itself to hold the linked list pointer). The 4 bytes were
8B93C000 if
that means anything to anyone. I have a full memory dump for in ~/Public
for this
bug.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
Automated mail from issue updates at http://crbug.com/
Subscription options: http://groups.google.com/group/chromium-bugs
-~----------~----~----~----~------~----~------~--~---
