Bug 110275 - Moar hardening
Summary: Moar hardening
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Oliver Hunt
URL:
Keywords:
Depends on: 110290 110440
Blocks:
  Show dependency treegraph
 
Reported: 2013-02-19 16:00 PST by Oliver Hunt
Modified: 2013-02-25 22:19 PST (History)
9 users (show)

See Also:

Attachments
Patch (6.94 KB, patch)
2013-02-19 16:05 PST, Oliver Hunt 		no flags Details | Formatted Diff | Diff
Patch (8.44 KB, patch)
2013-02-20 12:24 PST, Oliver Hunt 		mhahnenberg: review+
Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Hunt 2013-02-19 16:00:50 PST 
Moar hardening
Comment 1 Oliver Hunt 2013-02-19 16:05:19 PST 
Created attachment 189192 [details]
Patch
Comment 2 WebKit Review Bot 2013-02-19 16:11:42 PST 
Attachment 189192 [details] did not pass style-queue:

Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/WTF/ChangeLog', u'Source/WTF/wtf/FastMalloc.cpp']" exit_code: 1
Source/WTF/wtf/FastMalloc.cpp:3110:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3111:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3189:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3190:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3191:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3192:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3193:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3194:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3198:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3199:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3201:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3202:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3204:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Total errors found: 13 in 2 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 3 Anders Carlsson 2013-02-19 16:13:59 PST 
Comment on attachment 189192 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=189192&action=review

> Source/WTF/wtf/FastMalloc.cpp:599
> +#define DEFINITELY_POISONED(allocation, allocationSize) (((allocationSize) < 4 * sizeof(uint32_t)) || ( \

Maybe IS_DEFINITELY_POISONED?
Comment 4 Oliver Hunt 2013-02-19 16:15:02 PST 
Committed r143400: <http://trac.webkit.org/changeset/143400>
Comment 5 WebKit Review Bot 2013-02-19 18:32:17 PST 
Re-opened since this is blocked by bug 110290
Comment 6 Oliver Hunt 2013-02-20 12:24:47 PST 
Created attachment 189356 [details]
Patch
Comment 7 WebKit Review Bot 2013-02-20 12:28:37 PST 
Attachment 189356 [details] did not pass style-queue:

Failed to run "['Tools/Scripts/check-webkit-style', '--diff-files', u'Source/WTF/ChangeLog', u'Source/WTF/wtf/FastMalloc.cpp']" exit_code: 1
Source/WTF/wtf/FastMalloc.cpp:3110:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3111:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3124:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3190:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3191:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3192:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3193:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3194:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3195:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3199:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3200:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3202:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3203:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3205:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3900:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3901:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3902:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3969:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Source/WTF/wtf/FastMalloc.cpp:3970:  Weird number of spaces at line-start.  Are you using a 4-space indent?  [whitespace/indent] [3]
Total errors found: 19 in 2 files


If any of these errors are false positives, please file a bug against check-webkit-style.
Comment 8 Mark Hahnenberg 2013-02-20 13:08:55 PST 
Comment on attachment 189356 [details]
Patch

r=me
Comment 9 Oliver Hunt 2013-02-20 13:10:53 PST 
Committed r143488: <http://trac.webkit.org/changeset/143488>
Comment 10 Csaba Osztrogonác 2013-02-20 16:28:46 PST 
(In reply to comment #9)
> Committed r143488: <http://trac.webkit.org/changeset/143488>

It made all inspector tests crash on Qt 64 bit release:
http://build.webkit.sed.hu/builders/x86-64%20Linux%20Qt%20Release/builds/48360

(tests pass on 32 bit and in debug mode)

cc Qt folks to invastigate this regression
Comment 11 Oliver Hunt 2013-02-20 16:32:46 PST 
(In reply to comment #10)
> (In reply to comment #9)
> > Committed r143488: <http://trac.webkit.org/changeset/143488>
> 
> It made all inspector tests crash on Qt 64 bit release:
> http://build.webkit.sed.hu/builders/x86-64%20Linux%20Qt%20Release/builds/48360
> 
> (tests pass on 32 bit and in debug mode)
> 
> cc Qt folks to invastigate this regression

hmmm, what compiler etc is 64bit qt using?
Comment 12 Csaba Osztrogonác 2013-02-20 16:33:59 PST 
gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) (Ubuntu 12.04's default compiler)
Comment 13 Oliver Hunt 2013-02-20 17:13:57 PST 
(In reply to comment #12)
> gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) (Ubuntu 12.04's default compiler)

What are the crash logs? The link doesn't seem to include them
Comment 14 Oliver Hunt 2013-02-20 17:18:15 PST 
(In reply to comment #13)
> (In reply to comment #12)
> > gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) (Ubuntu 12.04's default compiler)
> 
> What are the crash logs? The link doesn't seem to include them

Found them.  Can you turn off symbol stripping on your build bots (for release builds)?
Comment 15 Csaba Osztrogonác 2013-02-20 23:56:54 PST 
(In reply to comment #14)
> Found them.  Can you turn off symbol stripping on your build bots (for release builds)?

-g build on release bots would be I/O and build time overkiller and we don't
have resources to enable it on all release bots. Additionally backtrace()
wouldn't provide more detailed crash logs with -g.

But here is a gdb backtrace for you:

$ gdb WebKitBuild/Release/bin/DumpRenderTree

GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://bugs.launchpad.net/gdb-linaro/>...
Reading symbols from /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree...done.
(gdb) run -
Starting program: /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree -
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7fffe9c7a700 (LWP 10940)]
[New Thread 0x7fffe7650700 (LWP 10941)]
[New Thread 0x7fffe5fc1700 (LWP 10943)]
[Thread 0x7fffe5fc1700 (LWP 10943) exited]
[New Thread 0x7fffe5fc1700 (LWP 10946)]

LayoutTests/inspector/utilities.html
LayoutTests/inspector/version-controller.html

[New Thread 0x7fffe4b36700 (LWP 14906)]
[New Thread 0x7fff9f45e700 (LWP 14907)]
Content-Type: text/plain
This test checks Web Inspector utilities.


Running: binaryIndexOfTest

Running: qselectTest
Array: []
Reference: {}
Actual:    {}
Array: [0]
Reference: {"min":0,"median":0,"max":0}
Actual:    {"min":0,"median":0,"max":0}
Array: [0,0,0,0,0,0,0,0]
Reference: {"min":0,"median":0,"max":0}
Actual:    {"min":0,"median":0,"max":0}
Array: [4,3,2,1]
Reference: {"min":1,"median":3,"max":4}
Actual:    {"min":1,"median":3,"max":4}
Array: [1,2,3,4,5]
Reference: {"min":1,"median":3,"max":5}
Actual:    {"min":1,"median":3,"max":5}
Array: [-1,3,2,7,7,7,10,12,3,4,-1,2]
Reference: {"min":-1,"median":4,"max":12}
Actual:    {"min":-1,"median":4,"max":12}

Running: sortRangeTest

#EOF
#EOF
#EOF
1   0x7ffff6ee3502 /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(_ZN3WTF10fastMallocEm+0x512) [0x7ffff6ee3502]
2   0x7ffff58548e0 /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(+0x4a68e0) [0x7ffff58548e0]
3   0x7ffff5eb3b9e /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(+0xb05b9e) [0x7ffff5eb3b9e]
4   0x418841 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x418841]
5   0x418d91 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x418d91]
6   0x41a1f1 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x41a1f1]
7   0x427115 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x427115]
8   0x7ffff3c7473e /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN7QObject5eventEP6QEvent+0x34e) [0x7ffff3c7473e]
9   0x7ffff4cf01f4 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xb4) [0x7ffff4cf01f4]
10  0x7ffff4cf35d1 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x3d1) [0x7ffff4cf35d1]
11  0x7ffff3c4da24 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x84) [0x7ffff3c4da24]
12  0x7ffff3c4f961 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN23QCoreApplicationPrivate16sendPostedEventsEP7QObjectiP11QThreadData+0x271) [0x7ffff3c4f961]
13  0x7ffff3c951f3 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(+0x2691f3) [0x7ffff3c951f3]
14  0x7ffff0a6fd53 /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x133) [0x7ffff0a6fd53]
15  0x7ffff0a700a0 /lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x480a0) [0x7ffff0a700a0]
16  0x7ffff0a70164 /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x34) [0x7ffff0a70164]
17  0x7ffff3c95634 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x64) [0x7ffff3c95634]
18  0x7ffff3c4c8fb /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0xcb) [0x7ffff3c4c8fb]
19  0x7ffff3c4fe9e /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN16QCoreApplication4execEv+0x7e) [0x7ffff3c4fe9e]
20  0x412582 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x412582]
21  0x7ffff317176d /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7ffff317176d]
22  0x412781 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x412781]

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff6ee3509 in Allocate (this=<optimized out>, size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3193
3193      RELEASE_ASSERT(IS_DEFINITELY_POISONED(result, allocationSize));
(gdb) bt
#0  0x00007ffff6ee3509 in Allocate (this=<optimized out>, size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3193
#1  do_malloc<true> (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3935
#2  fastMalloc<true> (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:4147
#3  WTF::fastMalloc (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:4120
#4  0x00007ffff58548e0 in operator new (size=120) at /home/oszi/WebKit/Source/WebCore/inspector/InspectorFrontendClientLocal.h:48
#5  WebCore::InspectorClientQt::openInspectorFrontend (this=0x6710d0, inspectorController=<optimized out>)
    at /home/oszi/WebKit/Source/WebKit/qt/WebCoreSupport/InspectorClientQt.cpp:198
#6  0x00007ffff5eb3b9e in WebCore::InspectorController::show (this=0x7ffff7ec6dc0) at /home/oszi/WebKit/Source/WebCore/inspector/InspectorController.cpp:279
#7  0x0000000000418841 in WebCore::DumpRenderTree::open (this=0x7fffffffe0e0, url=...) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:605
#8  0x0000000000418d91 in WebCore::DumpRenderTree::processLine (this=0x7fffffffe0e0, input=...)
    at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:719
#9  0x000000000041a1f1 in WebCore::DumpRenderTree::readLine (this=0x7fffffffe0e0) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:652
#10 0x0000000000427115 in WebCore::DumpRenderTree::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
    at .moc/release-shared/moc_DumpRenderTreeQt.cpp:142
#11 0x00007ffff3c7473e in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#12 0x00007ffff4cf01f4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
#13 0x00007ffff4cf35d1 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
#14 0x00007ffff3c4da24 in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#15 0x00007ffff3c4f961 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#16 0x00007ffff3c951f3 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#17 0x00007ffff0a6fd53 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#18 0x00007ffff0a700a0 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#19 0x00007ffff0a70164 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
#20 0x00007ffff3c95634 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
   from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#21 0x00007ffff3c4c8fb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#22 0x00007ffff3c4fe9e in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
#23 0x0000000000412582 in main (argc=2, argv=<optimized out>) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeMain.cpp:203
(gdb)
Comment 16 Csaba Osztrogonác 2013-02-21 02:39:24 PST 
New bug report for this serious regression: https://bugs.webkit.org/show_bug.cgi?id=110440
Comment 17 Oliver Hunt 2013-02-21 10:52:53 PST 
(In reply to comment #16)
> New bug report for this serious regression: https://bugs.webkit.org/show_bug.cgi?id=110440

Can you try disabling FastMalloc and running with guardmalloc or some such? I'm not sure why you would be seeing a failure here unless there's a real bug in DRT or the inspector.  But then I'd expect other platforms to be equally unhappy.
Comment 18 Nico Weber 2013-02-24 14:10:58 PST 
We are seeing uninit reads after this patch on our valgrind bots too: https://code.google.com/p/chromium/issues/detail?id=177540 (maybe a tooling issue, maybe useful data. Up to you to decide.)
Comment 19 Oliver Hunt 2013-02-24 14:11:57 PST 
(In reply to comment #18)
> We are seeing uninit reads after this patch on our valgrind bots too: https://code.google.com/p/chromium/issues/detail?id=177540 (maybe a tooling issue, maybe useful data. Up to you to decide.)

What's the backtrace for the uninitialized read?
Comment 20 Nico Weber 2013-02-24 14:33:32 PST 
I only know about the one that's on the bug report linked in comment 18.
Comment 21 Oliver Hunt 2013-02-25 15:19:01 PST 
Did you see my question re: guardmalloc/valgrind?
(In reply to comment #15)
> (In reply to comment #14)
> > Found them.  Can you turn off symbol stripping on your build bots (for release builds)?
> 
> -g build on release bots would be I/O and build time overkiller and we don't
> have resources to enable it on all release bots. Additionally backtrace()
> wouldn't provide more detailed crash logs with -g.
> 
> But here is a gdb backtrace for you:
> 
> $ gdb WebKitBuild/Release/bin/DumpRenderTree
> 
> GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
> Copyright (C) 2012 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> For bug reporting instructions, please see:
> <http://bugs.launchpad.net/gdb-linaro/>...
> Reading symbols from /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree...done.
> (gdb) run -
> Starting program: /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree -
> [Thread debugging using libthread_db enabled]
> Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
> [New Thread 0x7fffe9c7a700 (LWP 10940)]
> [New Thread 0x7fffe7650700 (LWP 10941)]
> [New Thread 0x7fffe5fc1700 (LWP 10943)]
> [Thread 0x7fffe5fc1700 (LWP 10943) exited]
> [New Thread 0x7fffe5fc1700 (LWP 10946)]
> 
> LayoutTests/inspector/utilities.html
> LayoutTests/inspector/version-controller.html
> 
> [New Thread 0x7fffe4b36700 (LWP 14906)]
> [New Thread 0x7fff9f45e700 (LWP 14907)]
> Content-Type: text/plain
> This test checks Web Inspector utilities.
> 
> 
> Running: binaryIndexOfTest
> 
> Running: qselectTest
> Array: []
> Reference: {}
> Actual:    {}
> Array: [0]
> Reference: {"min":0,"median":0,"max":0}
> Actual:    {"min":0,"median":0,"max":0}
> Array: [0,0,0,0,0,0,0,0]
> Reference: {"min":0,"median":0,"max":0}
> Actual:    {"min":0,"median":0,"max":0}
> Array: [4,3,2,1]
> Reference: {"min":1,"median":3,"max":4}
> Actual:    {"min":1,"median":3,"max":4}
> Array: [1,2,3,4,5]
> Reference: {"min":1,"median":3,"max":5}
> Actual:    {"min":1,"median":3,"max":5}
> Array: [-1,3,2,7,7,7,10,12,3,4,-1,2]
> Reference: {"min":-1,"median":4,"max":12}
> Actual:    {"min":-1,"median":4,"max":12}
> 
> Running: sortRangeTest
> 
> #EOF
> #EOF
> #EOF
> 1   0x7ffff6ee3502 /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(_ZN3WTF10fastMallocEm+0x512) [0x7ffff6ee3502]
> 2   0x7ffff58548e0 /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(+0x4a68e0) [0x7ffff58548e0]
> 3   0x7ffff5eb3b9e /home/oszi/WebKit/WebKitBuild/Release/lib/libQt5WebKit.so.5(+0xb05b9e) [0x7ffff5eb3b9e]
> 4   0x418841 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x418841]
> 5   0x418d91 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x418d91]
> 6   0x41a1f1 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x41a1f1]
> 7   0x427115 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x427115]
> 8   0x7ffff3c7473e /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN7QObject5eventEP6QEvent+0x34e) [0x7ffff3c7473e]
> 9   0x7ffff4cf01f4 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5(_ZN19QApplicationPrivate13notify_helperEP7QObjectP6QEvent+0xb4) [0x7ffff4cf01f4]
> 10  0x7ffff4cf35d1 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5(_ZN12QApplication6notifyEP7QObjectP6QEvent+0x3d1) [0x7ffff4cf35d1]
> 11  0x7ffff3c4da24 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN16QCoreApplication14notifyInternalEP7QObjectP6QEvent+0x84) [0x7ffff3c4da24]
> 12  0x7ffff3c4f961 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN23QCoreApplicationPrivate16sendPostedEventsEP7QObjectiP11QThreadData+0x271) [0x7ffff3c4f961]
> 13  0x7ffff3c951f3 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(+0x2691f3) [0x7ffff3c951f3]
> 14  0x7ffff0a6fd53 /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x133) [0x7ffff0a6fd53]
> 15  0x7ffff0a700a0 /lib/x86_64-linux-gnu/libglib-2.0.so.0(+0x480a0) [0x7ffff0a700a0]
> 16  0x7ffff0a70164 /lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x34) [0x7ffff0a70164]
> 17  0x7ffff3c95634 /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN20QEventDispatcherGlib13processEventsE6QFlagsIN10QEventLoop17ProcessEventsFlagEE+0x64) [0x7ffff3c95634]
> 18  0x7ffff3c4c8fb /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN10QEventLoop4execE6QFlagsINS_17ProcessEventsFlagEE+0xcb) [0x7ffff3c4c8fb]
> 19  0x7ffff3c4fe9e /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5(_ZN16QCoreApplication4execEv+0x7e) [0x7ffff3c4fe9e]
> 20  0x412582 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x412582]
> 21  0x7ffff317176d /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed) [0x7ffff317176d]
> 22  0x412781 /home/oszi/WebKit/WebKitBuild/Release/bin/DumpRenderTree() [0x412781]
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x00007ffff6ee3509 in Allocate (this=<optimized out>, size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3193
> 3193      RELEASE_ASSERT(IS_DEFINITELY_POISONED(result, allocationSize));
> (gdb) bt
> #0  0x00007ffff6ee3509 in Allocate (this=<optimized out>, size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3193
> #1  do_malloc<true> (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:3935
> #2  fastMalloc<true> (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:4147
> #3  WTF::fastMalloc (size=<optimized out>) at /home/oszi/WebKit/Source/WTF/wtf/FastMalloc.cpp:4120
> #4  0x00007ffff58548e0 in operator new (size=120) at /home/oszi/WebKit/Source/WebCore/inspector/InspectorFrontendClientLocal.h:48
> #5  WebCore::InspectorClientQt::openInspectorFrontend (this=0x6710d0, inspectorController=<optimized out>)
>     at /home/oszi/WebKit/Source/WebKit/qt/WebCoreSupport/InspectorClientQt.cpp:198
> #6  0x00007ffff5eb3b9e in WebCore::InspectorController::show (this=0x7ffff7ec6dc0) at /home/oszi/WebKit/Source/WebCore/inspector/InspectorController.cpp:279
> #7  0x0000000000418841 in WebCore::DumpRenderTree::open (this=0x7fffffffe0e0, url=...) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:605
> #8  0x0000000000418d91 in WebCore::DumpRenderTree::processLine (this=0x7fffffffe0e0, input=...)
>     at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:719
> #9  0x000000000041a1f1 in WebCore::DumpRenderTree::readLine (this=0x7fffffffe0e0) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeQt.cpp:652
> #10 0x0000000000427115 in WebCore::DumpRenderTree::qt_static_metacall (_o=<optimized out>, _c=<optimized out>, _id=<optimized out>, _a=<optimized out>)
>     at .moc/release-shared/moc_DumpRenderTreeQt.cpp:142
> #11 0x00007ffff3c7473e in QObject::event(QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #12 0x00007ffff4cf01f4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
> #13 0x00007ffff4cf35d1 in QApplication::notify(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Widgets.so.5
> #14 0x00007ffff3c4da24 in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #15 0x00007ffff3c4f961 in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) ()
>    from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #16 0x00007ffff3c951f3 in ?? () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #17 0x00007ffff0a6fd53 in g_main_context_dispatch () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
> #18 0x00007ffff0a700a0 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
> #19 0x00007ffff0a70164 in g_main_context_iteration () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
> #20 0x00007ffff3c95634 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
>    from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #21 0x00007ffff3c4c8fb in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #22 0x00007ffff3c4fe9e in QCoreApplication::exec() () from /usr/local/Trolltech/Qt5/Qt-5.0.1/lib/libQt5Core.so.5
> #23 0x0000000000412582 in main (argc=2, argv=<optimized out>) at /home/oszi/WebKit/Tools/DumpRenderTree/qt/DumpRenderTreeMain.cpp:203
> (gdb)
Comment 22 Csaba Osztrogonác 2013-02-25 22:19:07 PST 
(In reply to comment #21)
> Did you see my question re: guardmalloc/valgrind?

I saw, but unfortunately I can't help you, I don't have any time for Qt related
tasks nowadays. But I copy/pasted your ask to the other bug, maybe somebody is
interested in fixing broken inspector.