The last one looks similar to https://bugs.webkit.org/show_bug.cgi?id=23473 or https://bugs.webkit.org/show_bug.cgi?id=22834, which Brett Wilson and Dean McNamee appear to be working on. - James
On Tue, Jan 27, 2009 at 11:45 AM, Dan Kegel <[email protected]>wrote: > > Noticed in passing while looking for something else this morning > (though they may have been there a while). > These sound potentially nasty; is anybody looking at them already? > > $ valgrind --track-origins=yes Hammer/test_shell_tests > ... > [ RUN ] WebFrameTest.GetContentAsPlainText > UNIMPLEMENTED: > (/home/dank/chromium/src/webkit/port/bindings/v8/ScriptController.cpp:143 > updatePlatformScriptObjects) > Mismatched free() / delete / delete [] > at free (vg_replace_malloc.c:323) > by WTF::fastFree(void*) (FastMalloc.cpp:216) > by > WebCore::CSSSelectorList::adoptSelectorVector(WTF::Vector<WebCore::CSSSelector*, > 0u>&) (CSSSelectorList.cpp:57) > by > WebCore::CSSStyleRule::adoptSelectorVector(WTF::Vector<WebCore::CSSSelector*, > 0u>&) (CSSStyleRule.h:53) > by WebCore::CSSParser::createStyleRule(WTF::Vector<WebCore::CSSSelector*, > 0u>*) (CSSParser.cpp:4547) > by cssyyparse(void*) (CSSGrammar.y:792) > by WebCore::CSSParser::parseSheet(WebCore::CSSStyleSheet*, > WebCore::String const&) (CSSParser.cpp:224) > by WebCore::CSSStyleSheet::parseString(WebCore::String const&, > bool) (CSSStyleSheet.cpp:164) > by WebCore::parseUASheet(WebCore::String const&) > (CSSStyleSelector.cpp:486) > by WebCore::parseUASheet(char const*, unsigned int) > (CSSStyleSelector.cpp:492) > by WebCore::loadSimpleDefaultStyle() (CSSStyleSelector.cpp:531) > by WebCore::CSSStyleSelector::CSSStyleSelector(WebCore::Document*, > WebCore::String const&, WebCore::StyleSheetList*, > WebCore::CSSStyleSheet*, bool, bool) (CSSStyleSelector.cpp:406) > Address 0x127ac840 is 0 bytes inside a block of size 16 alloc'd > at operator new(unsigned int) (vg_replace_malloc.c:224) > by WebCore::CSSParser::createFloatingSelector() (CSSParser.cpp:4382) > by cssyyparse(void*) (CSSGrammar.y:883) > by WebCore::CSSParser::parseSheet(WebCore::CSSStyleSheet*, > WebCore::String const&) (CSSParser.cpp:224) > by WebCore::CSSStyleSheet::parseString(WebCore::String const&, > bool) (CSSStyleSheet.cpp:164) > by WebCore::parseUASheet(WebCore::String const&) > (CSSStyleSelector.cpp:486) > by WebCore::parseUASheet(char const*, unsigned int) > (CSSStyleSelector.cpp:492) > by WebCore::loadSimpleDefaultStyle() (CSSStyleSelector.cpp:531) > by WebCore::CSSStyleSelector::CSSStyleSelector(WebCore::Document*, > WebCore::String const&, WebCore::StyleSheetList*, > WebCore::CSSStyleSheet*, bool, bool) (CSSStyleSelector.cpp:406) > by WebCore::Document::attach() (Document.cpp:1383) > by WebCore::Frame::setDocument(WTF::PassRefPtr<WebCore::Document>) > (Frame.cpp:272) > by WebCore::FrameLoader::begin(WebCore::KURL const&, bool, > WebCore::SecurityOrigin*) (FrameLoader.cpp:949) > > Mismatched free() / delete / delete [] > at operator delete(void*) (vg_replace_malloc.c:342) > by WebCore::V8Proxy::InitContextIfNeeded() (v8_proxy.cpp:2318) > by WebCore::V8Proxy::GetContext(WebCore::Frame*) (v8_proxy.cpp:2473) > by WebCore::ScriptController::BindToWindowObject(WebCore::Frame*, > WebCore::String const&, NPObject*) (ScriptController.cpp:278) > by WebFrameImpl::BindToWindowObject(std::basic_string<wchar_t, > std::char_traits<wchar_t>, std::allocator<wchar_t> > const&, > NPObject*) (webframe_impl.cc:689) > by CppBoundClass::BindToJavascript(WebFrame*, > std::basic_string<wchar_t, std::char_traits<wchar_t>, > std::allocator<wchar_t> > const&) (cpp_bound_class.cc:255) > by TestShell::BindJSObjectsToWindow(WebFrame*) (test_shell.cc:409) > by TestWebViewDelegate::WindowObjectCleared(WebFrame*) > (test_webview_delegate.cc:122) > by WebFrameLoaderClient::windowObjectCleared() > (webframeloaderclient_impl.cc:100) > by WebCore::FrameLoader::dispatchWindowObjectAvailable() > (FrameLoader.cpp:5180) > by WebCore::FrameLoader::receivedFirstData() (FrameLoader.cpp:878) > by WebCore::FrameLoader::setEncoding(WebCore::String const&, bool) > (FrameLoader.cpp:1899) > Address 0x11c66678 is 0 bytes inside a block of size 4 alloc'd > at operator new[](unsigned int) (vg_replace_malloc.c:268) > by WebCore::V8Proxy::InitContextIfNeeded() (v8_proxy.cpp:2309) > by WebCore::V8Proxy::GetContext(WebCore::Frame*) (v8_proxy.cpp:2473) > by WebCore::ScriptController::BindToWindowObject(WebCore::Frame*, > WebCore::String const&, NPObject*) (ScriptController.cpp:278) > by WebFrameImpl::BindToWindowObject(std::basic_string<wchar_t, > std::char_traits<wchar_t>, std::allocator<wchar_t> > const&, > NPObject*) (webframe_impl.cc:689) > by CppBoundClass::BindToJavascript(WebFrame*, > std::basic_string<wchar_t, std::char_traits<wchar_t>, > std::allocator<wchar_t> > const&) (cpp_bound_class.cc:255) > by TestShell::BindJSObjectsToWindow(WebFrame*) (test_shell.cc:409) > by TestWebViewDelegate::WindowObjectCleared(WebFrame*) > (test_webview_delegate.cc:122) > by WebFrameLoaderClient::windowObjectCleared() > (webframeloaderclient_impl.cc:100) > by WebCore::FrameLoader::dispatchWindowObjectAvailable() > (FrameLoader.cpp:5180) > by WebCore::FrameLoader::receivedFirstData() (FrameLoader.cpp:878) > by WebCore::FrameLoader::setEncoding(WebCore::String const&, bool) > (FrameLoader.cpp:1899) > UNIMPLEMENTED: > > (/home/dank/chromium/src/third_party/WebKit/WebCore/inspector/InspectorController.cpp:873 > inspectedWindowScriptObjectCleared) > > Mismatched free() / delete / delete [] > at operator delete(void*) (vg_replace_malloc.c:342) > by WebCore::V8Proxy::InitContextIfNeeded() (v8_proxy.cpp:2318) > by WebCore::V8Proxy::clearForNavigation() (v8_proxy.cpp:2057) > by WebCore::ScriptController::clearWindowShell() > (ScriptController.cpp:438) > by WebCore::FrameLoader::clear(bool, bool) (FrameLoader.cpp:840) > by WebCore::FrameLoader::begin(WebCore::KURL const&, bool, > WebCore::SecurityOrigin*) (FrameLoader.cpp:924) > by WebCore::FrameLoader::receivedFirstData() (FrameLoader.cpp:875) > by WebCore::FrameLoader::setEncoding(WebCore::String const&, bool) > (FrameLoader.cpp:1899) > by WebFrameImpl::DidReceiveData(WebCore::DocumentLoader*, char > const*, int) (webframe_impl.cc:1506) > by WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, > char const*, int) (webframeloaderclient_impl.cc:1078) > by WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, > char const*, int) (FrameLoader.cpp:3686) > by WebCore::DocumentLoader::commitLoad(char const*, int) > (DocumentLoader.cpp:357) > Address 0x121d3dd8 is 0 bytes inside a block of size 4 alloc'd > at operator new[](unsigned int) (vg_replace_malloc.c:268) > by WebCore::V8Proxy::InitContextIfNeeded() (v8_proxy.cpp:2309) > by WebCore::V8Proxy::clearForNavigation() (v8_proxy.cpp:2057) > by WebCore::ScriptController::clearWindowShell() > (ScriptController.cpp:438) > by WebCore::FrameLoader::clear(bool, bool) (FrameLoader.cpp:840) > by WebCore::FrameLoader::begin(WebCore::KURL const&, bool, > WebCore::SecurityOrigin*) (FrameLoader.cpp:924) > by WebCore::FrameLoader::receivedFirstData() (FrameLoader.cpp:875) > by WebCore::FrameLoader::setEncoding(WebCore::String const&, bool) > (FrameLoader.cpp:1899) > by WebFrameImpl::DidReceiveData(WebCore::DocumentLoader*, char > const*, int) (webframe_impl.cc:1506) > by WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, > char const*, int) (webframeloaderclient_impl.cc:1078) > by WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, > char const*, int) (FrameLoader.cpp:3686) > by WebCore::DocumentLoader::commitLoad(char const*, int) > (DocumentLoader.cpp:357) > UNIMPLEMENTED: > > (/home/dank/chromium/src/third_party/WebKit/WebCore/platform/graphics/chromium/FontCacheLinux.cpp:175 > getGenericFontForScript) > UNIMPLEMENTED: > > (/home/dank/chromium/src/third_party/WebKit/WebCore/platform/graphics/chromium/FontPlatformDataLinux.cpp:135 > isFixedPitch) > > Mismatched free() / delete / delete [] > at free (vg_replace_malloc.c:323) > by WTF::fastFree(void*) (FastMalloc.cpp:216) > by WebCore::CSSSelectorList::deleteSelectors() (CSSSelectorList.cpp:76) > by WebCore::CSSSelectorList::~CSSSelectorList() (CSSSelectorList.cpp:33) > by WebCore::CSSStyleRule::~CSSStyleRule() (CSSStyleRule.cpp:39) > by WTF::RefCounted<WebCore::StyleBase>::deref() (RefCounted.h:96) > by WTF::RefPtr<WebCore::StyleBase>::~RefPtr() (RefPtr.h:50) > by WTF::VectorDestructor<true, WTF::RefPtr<WebCore::StyleBase> > >::destruct(WTF::RefPtr<WebCore::StyleBase>*, > WTF::RefPtr<WebCore::StyleBase>*) (Vector.h:80) > by WTF::VectorTypeOperations<WTF::RefPtr<WebCore::StyleBase> > >::destruct(WTF::RefPtr<WebCore::StyleBase>*, > WTF::RefPtr<WebCore::StyleBase>*) (Vector.h:235) > by WTF::Vector<WTF::RefPtr<WebCore::StyleBase>, > 0u>::shrink(unsigned int) (Vector.h:707) > by WTF::Vector<WTF::RefPtr<WebCore::StyleBase>, 0u>::~Vector() > (Vector.h:457) > by WebCore::StyleList::~StyleList() (StyleList.h:33) > Address 0x127ad958 is 0 bytes inside a block of size 16 alloc'd > at operator new(unsigned int) (vg_replace_malloc.c:224) > by WebCore::CSSParser::createFloatingSelector() (CSSParser.cpp:4382) > by cssyyparse(void*) (CSSGrammar.y:883) > by WebCore::CSSParser::parseSheet(WebCore::CSSStyleSheet*, > WebCore::String const&) (CSSParser.cpp:224) > by WebCore::CSSStyleSheet::parseString(WebCore::String const&, > bool) (CSSStyleSheet.cpp:164) > by WebCore::parseUASheet(WebCore::String const&) > (CSSStyleSelector.cpp:486) > by WebCore::parseUASheet(char const*, unsigned int) > (CSSStyleSelector.cpp:492) > by WebCore::loadSimpleDefaultStyle() (CSSStyleSelector.cpp:531) > by WebCore::CSSStyleSelector::CSSStyleSelector(WebCore::Document*, > WebCore::String const&, WebCore::StyleSheetList*, > WebCore::CSSStyleSheet*, bool, bool) (CSSStyleSelector.cpp:406) > by WebCore::Document::attach() (Document.cpp:1383) > by WebCore::Frame::setDocument(WTF::PassRefPtr<WebCore::Document>) > (Frame.cpp:272) > by WebCore::FrameLoader::begin(WebCore::KURL const&, bool, > WebCore::SecurityOrigin*) (FrameLoader.cpp:949) > #TEST_TIMED_OUT > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: [email protected] View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
