Status: Untriaged Owner: [email protected] Labels: Type-Bug Pri-2 OS-Linux Area-BrowserBackend Size-Medium Valgrind
New issue 16972 by [email protected]: Invalid read in net::HostResolverImpl::CancelRequest() http://code.google.com/p/chromium/issues/detail?id=16972 In six runs of the ui tests on my home jaunty machine (over 8 hours), in RedirectTest.Client, valgrind complained once: Invalid read of size 4 at net::HostResolverImpl::CancelRequest(void*) (host_resolver_impl.cc:372) by net::SingleRequestHostResolver::~SingleRequestHostResolver() (host_resolver.cc:24) by net::TCPConnectJob::~TCPConnectJob() (tcp_client_socket_pool.cc:39) by net::ClientSocketPoolBase::RemoveConnectJob(net::ClientSocketHandle const*, net::ConnectJob*, net::ClientSocketPoolBase::Group*) (client_socket_pool_base.cc:379) by net::ClientSocketPoolBase::CancelRequest(std::string const&, net::ClientSocketHandle const*) (client_socket_pool_base.cc:162) by net::TCPClientSocketPool::CancelRequest(std::string const&, net::ClientSocketHandle const*) (tcp_client_socket_pool.cc:157) by net::ClientSocketHandle::ResetInternal(bool) (client_socket_handle.cc:57) by net::ClientSocketHandle::Reset() (client_socket_handle.cc:44) by net::ClientSocketHandle::~ClientSocketHandle() (client_socket_handle.cc:23) by net::HttpNetworkTransaction::~HttpNetworkTransaction() (http_network_transaction.cc:413) by net::HttpCache::Transaction::~Transaction() (scoped_ptr.h:72) by URLRequestHttpJob::DestroyTransaction() (scoped_ptr.h:81) by URLRequestHttpJob::Kill() (url_request_http_job.cc:153) by URLRequest::DoCancel(int, net::SSLInfo const&) (url_request.cc:311) by URLRequest::Cancel() (url_request.cc:280) by URLFetcher::Core::CancelURLRequest() (url_fetcher.cc:239) Address 0xe0c5a28 is 88 bytes inside a block of size 100 free'd at operator delete(void*) (vg_replace_malloc.c:344) by void STLDeleteContainerPointers<__gnu_cxx::__normal_iterator<net::HostResolverImpl::Reques by void STLDeleteElements<std::vector<net::HostResolverImpl::Request*, ...) (stl_util- by RunnableMethod<net::HostResolverImpl::Job, void (net::HostResolverImpl::Job::*)(), Tuple0>::~RunnableMethod() (host_resolver_impl.cc:136) The code in question is: 369 void HostResolverImpl::CancelRequest(RequestHandle req_handle) { 370 Request* req = reinterpret_cast<Request*>(req_handle); 371 DCHECK(req); 372 DCHECK(req->job()); Race between canceling and deleting a host resolution job? -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
