63216 2011-06-22 18:45:05 -0700 [Chromium] Invalid write inside WebKit::FrameLoaderClientImpl::dispatchDidClearWindowObjectInWorld 2011-06-27 00:33:38 -0700 1 1 1 Unclassified WebKit Platform 528+ (Nightly build) Unspecified Unspecified RESOLVED FIXED P2 Normal --- 1 morrita morrita tkent tony oldest_to_newest 425857 0 morrita 2011-06-22 18:45:05 -0700 From http://code.google.com/p/chromium/issues/detail?id=84774. 426024 1 98324 morrita 2011-06-23 01:53:36 -0700 Created attachment 98324 Patch 426029 2 morrita 2011-06-23 01:56:30 -0700 This looks same. http://code.google.com/p/chromium/issues/detail?id=86808 I suspect this change might cause another ASAN error, but this looks obvious leak. So I'd like to see what happens with this change. 426040 3 98324 tkent 2011-06-23 02:12:52 -0700 Comment on attachment 98324 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=98324&action=review > Tools/DumpRenderTree/chromium/TestShell.cpp:153 > + delete m_webViewHost; Raw new&delete are not good. We had better make m_webViewHost OwnPtr<WebViewHost>, and TestShell::createNewWindow() should return PassOwnPtr<WebViewHost>. 426043 4 98324 tkent 2011-06-23 02:19:02 -0700 Comment on attachment 98324 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=98324&action=review >> Tools/DumpRenderTree/chromium/TestShell.cpp:153 >> + delete m_webViewHost; > > Raw new&delete are not good. > We had better make m_webViewHost OwnPtr<WebViewHost>, and TestShell::createNewWindow() should return PassOwnPtr<WebViewHost>. Changing createNewWindow() might be complex. So, just making m_webViewHost OwnPtr<WebViewHost> is enough. Note that we can't do closeWindow(m_webViewHost). 426770 5 98467 morrita 2011-06-24 00:32:11 -0700 Created attachment 98467 Patch 426771 6 morrita 2011-06-24 00:34:47 -0700 Kent-san, thank you for taking a look! > Changing createNewWindow() might be complex. So, just making m_webViewHost OwnPtr<WebViewHost> is enough. > Note that we can't do closeWindow(m_webViewHost). Sure. I did it on the updated patch. > Changing createNewWindow() might be complex. So, just making m_webViewHost OwnPtr<WebViewHost> is enough. > Note that we can't do closeWindow(m_webViewHost). Ah, I didn't notice that... Fortunately, there is no such call at this time. 426804 7 98467 tkent 2011-06-24 03:35:11 -0700 Comment on attachment 98467 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=98467&action=review > Tools/DumpRenderTree/chromium/TestShell.cpp:153 > + m_webViewHost.clear(); No need to call clear() explicitly. ~OwnPtr() is called automatically. 427170 8 tony 2011-06-24 14:56:22 -0700 Committed http://trac.webkit.org/changeset/89663 . 427729 9 morrita 2011-06-27 00:33:38 -0700 Thanks you for updating this, Tony. It looks I forgot to do it. 98324 2011-06-23 01:53:36 -0700 2011-06-24 00:32:06 -0700 Patch bug-63216-20110623175334.patch text/plain 1253 morrita U3VidmVyc2lvbiBSZXZpc2lvbjogODk1NDMKZGlmZiAtLWdpdCBhL1Rvb2xzL0NoYW5nZUxvZyBi L1Rvb2xzL0NoYW5nZUxvZwppbmRleCBjZTIyYjdjNWE1ZTFjY2NiMTVkZjQ0OTg2OTE4NmUwNGIw NzE1ZWFlLi4zMDhjZTBmNDBiOGMyYzEzNTI4ODdiNmI2MWIwMzFkMmIyNDNlMmMwIDEwMDY0NAot LS0gYS9Ub29scy9DaGFuZ2VMb2cKKysrIGIvVG9vbHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTUg QEAKKzIwMTEtMDYtMjMgIE1PUklUQSBIYWppbWUgIDxtb3JyaXRhQGdvb2dsZS5jb20+CisKKyAg ICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgW0Nocm9taXVtXSBJ bnZhbGlkIHdyaXRlIGluc2lkZSBXZWJLaXQ6OkZyYW1lTG9hZGVyQ2xpZW50SW1wbDo6ZGlzcGF0 Y2hEaWRDbGVhcldpbmRvd09iamVjdEluV29ybGQKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtp dC5vcmcvc2hvd19idWcuY2dpP2lkPTYzMjE2CisKKyAgICAgICAgRGVsZXRlZCBtX3dlYlZpZXdI b3N0IHdoaWNoIGxvb2tzIGxlYWtlZC4KKyAgICAgICAgCisgICAgICAgICogRHVtcFJlbmRlclRy ZWUvY2hyb21pdW0vVGVzdFNoZWxsLmNwcDoKKyAgICAgICAgKFRlc3RTaGVsbDo6flRlc3RTaGVs bCk6CisKIDIwMTEtMDYtMjMgIERpcmsgUHJhbmtlICA8ZHByYW5rZUBjaHJvbWl1bS5vcmc+CiAK ICAgICAgICAgUmV2aWV3ZWQgYnkgRXJpYyBTZWlkZWwuCmRpZmYgLS1naXQgYS9Ub29scy9EdW1w UmVuZGVyVHJlZS9jaHJvbWl1bS9UZXN0U2hlbGwuY3BwIGIvVG9vbHMvRHVtcFJlbmRlclRyZWUv Y2hyb21pdW0vVGVzdFNoZWxsLmNwcAppbmRleCAwYTM2NjcxZDYyY2UwNjRjNzAwMWU5MTVmNGE3 MmQ2MmY5ZDVkZDc0Li5mYjExNDIyNWI1OTU1MjIzNzIxMGU4MGY0YjhjNWY4ZDA5YTkxNzAzIDEw MDY0NAotLS0gYS9Ub29scy9EdW1wUmVuZGVyVHJlZS9jaHJvbWl1bS9UZXN0U2hlbGwuY3BwCisr KyBiL1Rvb2xzL0R1bXBSZW5kZXJUcmVlL2Nocm9taXVtL1Rlc3RTaGVsbC5jcHAKQEAgLTE1MCw2 ICsxNTAsNyBAQCBUZXN0U2hlbGw6On5UZXN0U2hlbGwoKQogCiAgICAgLy8gRGVzdHJveSB0aGUg V2ViVmlldyBiZWZvcmUgaXRzIFdlYlZpZXdIb3N0LgogICAgIG1fZHJ0RGV2VG9vbHNBZ2VudC0+ c2V0V2ViVmlldygwKTsKKyAgICBkZWxldGUgbV93ZWJWaWV3SG9zdDsKIH0KIAogdm9pZCBUZXN0 U2hlbGw6OmNyZWF0ZURSVERldlRvb2xzQ2xpZW50KERSVERldlRvb2xzQWdlbnQqIGFnZW50KQo= 98467 2011-06-24 00:32:11 -0700 2011-06-24 03:35:11 -0700 Patch bug-63216-20110624163210.patch text/plain 2950 morrita U3VidmVyc2lvbiBSZXZpc2lvbjogODk1NDMKZGlmZiAtLWdpdCBhL1Rvb2xzL0NoYW5nZUxvZyBi L1Rvb2xzL0NoYW5nZUxvZwppbmRleCBjZTIyYjdjNWE1ZTFjY2NiMTVkZjQ0OTg2OTE4NmUwNGIw NzE1ZWFlLi4xMDc4NjIwYmQ2MjI4NWMzOTMxMGVkNDgyMjcxNDE5OTQ2OWM0OTliIDEwMDY0NAot LS0gYS9Ub29scy9DaGFuZ2VMb2cKKysrIGIvVG9vbHMvQ2hhbmdlTG9nCkBAIC0xLDMgKzEsMTYg QEAKKzIwMTEtMDYtMjMgIE1PUklUQSBIYWppbWUgIDxtb3JyaXRhQGdvb2dsZS5jb20+CisKKyAg ICAgICAgUmV2aWV3ZWQgYnkgTk9CT0RZIChPT1BTISkuCisKKyAgICAgICAgW0Nocm9taXVtXSBJ bnZhbGlkIHdyaXRlIGluc2lkZSBXZWJLaXQ6OkZyYW1lTG9hZGVyQ2xpZW50SW1wbDo6ZGlzcGF0 Y2hEaWRDbGVhcldpbmRvd09iamVjdEluV29ybGQKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtp dC5vcmcvc2hvd19idWcuY2dpP2lkPTYzMjE2CisKKyAgICAgICAgRGVsZXRlZCBtX3dlYlZpZXdI b3N0IHdoaWNoIGxvb2tzIGxlYWtlZC4KKyAgICAgICAgCisgICAgICAgICogRHVtcFJlbmRlclRy ZWUvY2hyb21pdW0vVGVzdFNoZWxsLmg6CisgICAgICAgICogRHVtcFJlbmRlclRyZWUvY2hyb21p dW0vVGVzdFNoZWxsLmNwcDoKKyAgICAgICAgKFRlc3RTaGVsbDo6flRlc3RTaGVsbCk6CisKIDIw MTEtMDYtMjMgIERpcmsgUHJhbmtlICA8ZHByYW5rZUBjaHJvbWl1bS5vcmc+CiAKICAgICAgICAg UmV2aWV3ZWQgYnkgRXJpYyBTZWlkZWwuCmRpZmYgLS1naXQgYS9Ub29scy9EdW1wUmVuZGVyVHJl ZS9jaHJvbWl1bS9UZXN0U2hlbGwuY3BwIGIvVG9vbHMvRHVtcFJlbmRlclRyZWUvY2hyb21pdW0v VGVzdFNoZWxsLmNwcAppbmRleCAwYTM2NjcxZDYyY2UwNjRjNzAwMWU5MTVmNGE3MmQ2MmY5ZDVk ZDc0Li4xNjcxYTMzMTljMjk1Yjk4NmQ3YmFmNDQwZGFjMDJhODE4MDY1NTRkIDEwMDY0NAotLS0g YS9Ub29scy9EdW1wUmVuZGVyVHJlZS9jaHJvbWl1bS9UZXN0U2hlbGwuY3BwCisrKyBiL1Rvb2xz L0R1bXBSZW5kZXJUcmVlL2Nocm9taXVtL1Rlc3RTaGVsbC5jcHAKQEAgLTEzOCw3ICsxMzgsNyBA QCBUZXN0U2hlbGw6OlRlc3RTaGVsbChib29sIHRlc3RTaGVsbE1vZGUpCiB2b2lkIFRlc3RTaGVs bDo6Y3JlYXRlTWFpbldpbmRvdygpCiB7CiAgICAgbV9kcnREZXZUb29sc0FnZW50ID0gYWRvcHRQ dHIobmV3IERSVERldlRvb2xzQWdlbnQpOwotICAgIG1fd2ViVmlld0hvc3QgPSBjcmVhdGVOZXdX aW5kb3coV2ViVVJMKCksIG1fZHJ0RGV2VG9vbHNBZ2VudC5nZXQoKSk7CisgICAgbV93ZWJWaWV3 SG9zdCA9IGFkb3B0UHRyKGNyZWF0ZU5ld1dpbmRvdyhXZWJVUkwoKSwgbV9kcnREZXZUb29sc0Fn ZW50LmdldCgpKSk7CiAgICAgbV93ZWJWaWV3ID0gbV93ZWJWaWV3SG9zdC0+d2ViVmlldygpOwog ICAgIG1fZHJ0RGV2VG9vbHNBZ2VudC0+c2V0V2ViVmlldyhtX3dlYlZpZXcpOwogfQpAQCAtMTUw LDYgKzE1MCw3IEBAIFRlc3RTaGVsbDo6flRlc3RTaGVsbCgpCiAKICAgICAvLyBEZXN0cm95IHRo ZSBXZWJWaWV3IGJlZm9yZSBpdHMgV2ViVmlld0hvc3QuCiAgICAgbV9kcnREZXZUb29sc0FnZW50 LT5zZXRXZWJWaWV3KDApOworICAgIG1fd2ViVmlld0hvc3QuY2xlYXIoKTsKIH0KIAogdm9pZCBU ZXN0U2hlbGw6OmNyZWF0ZURSVERldlRvb2xzQ2xpZW50KERSVERldlRvb2xzQWdlbnQqIGFnZW50 KQpkaWZmIC0tZ2l0IGEvVG9vbHMvRHVtcFJlbmRlclRyZWUvY2hyb21pdW0vVGVzdFNoZWxsLmgg Yi9Ub29scy9EdW1wUmVuZGVyVHJlZS9jaHJvbWl1bS9UZXN0U2hlbGwuaAppbmRleCAzMzc2NTdm NDU5YjcyOTJmZTFmNWFhMmRjY2YzMjEyZmY0YTlmMzRmLi45YTFmYzE5MzcyMjYyYjg0MmMxZDRl NWQ5MmM3N2EzZDc5YzgzMzcwIDEwMDY0NAotLS0gYS9Ub29scy9EdW1wUmVuZGVyVHJlZS9jaHJv bWl1bS9UZXN0U2hlbGwuaAorKysgYi9Ub29scy9EdW1wUmVuZGVyVHJlZS9jaHJvbWl1bS9UZXN0 U2hlbGwuaApAQCAtODcsNyArODcsNyBAQCBwdWJsaWM6CiAgICAgLy8gVGhlIG1haW4gV2ViVmll dy4KICAgICBXZWJLaXQ6OldlYlZpZXcqIHdlYlZpZXcoKSBjb25zdCB7IHJldHVybiBtX3dlYlZp ZXc7IH0KICAgICAvLyBSZXR1cm5zIHRoZSBob3N0IGZvciB0aGUgbWFpbiBXZWJWaWV3LgotICAg IFdlYlZpZXdIb3N0KiB3ZWJWaWV3SG9zdCgpIGNvbnN0IHsgcmV0dXJuIG1fd2ViVmlld0hvc3Q7 IH0KKyAgICBXZWJWaWV3SG9zdCogd2ViVmlld0hvc3QoKSBjb25zdCB7IHJldHVybiBtX3dlYlZp ZXdIb3N0LmdldCgpOyB9CiAgICAgTGF5b3V0VGVzdENvbnRyb2xsZXIqIGxheW91dFRlc3RDb250 cm9sbGVyKCkgY29uc3QgeyByZXR1cm4gbV9sYXlvdXRUZXN0Q29udHJvbGxlci5nZXQoKTsgfQog ICAgIEV2ZW50U2VuZGVyKiBldmVudFNlbmRlcigpIGNvbnN0IHsgcmV0dXJuIG1fZXZlbnRTZW5k ZXIuZ2V0KCk7IH0KICAgICBBY2Nlc3NpYmlsaXR5Q29udHJvbGxlciogYWNjZXNzaWJpbGl0eUNv bnRyb2xsZXIoKSBjb25zdCB7IHJldHVybiBtX2FjY2Vzc2liaWxpdHlDb250cm9sbGVyLmdldCgp OyB9CkBAIC0xOTIsOCArMTkyLDggQEAgcHJpdmF0ZToKICAgICBXZWJLaXQ6OldlYlZpZXcqIG1f d2ViVmlldzsKICAgICBXZWJLaXQ6OldlYldpZGdldCogbV9mb2N1c2VkV2lkZ2V0OwogICAgIGJv b2wgbV90ZXN0U2hlbGxNb2RlOwotICAgIFdlYlZpZXdIb3N0KiBtX3dlYlZpZXdIb3N0OwogICAg IFdlYlZpZXdIb3N0KiBtX2RldlRvb2xzOworICAgIE93blB0cjxXZWJWaWV3SG9zdD4gbV93ZWJW aWV3SG9zdDsKICAgICBPd25QdHI8V2ViUGVybWlzc2lvbnM+IG1fd2ViUGVybWlzc2lvbnM7CiAg ICAgT3duUHRyPERSVERldlRvb2xzQWdlbnQ+IG1fZHJ0RGV2VG9vbHNBZ2VudDsKICAgICBPd25Q dHI8RFJURGV2VG9vbHNDbGllbnQ+IG1fZHJ0RGV2VG9vbHNDbGllbnQ7Cg==