Comment #21 on issue 28749 by craig.schlen...@chromium.org: gcc 4.4-specific renderer crash in malloc, memory corruption while loading plugins (?) http://code.google.com/p/chromium/issues/detail?id=28749
Here's the first error from running valgrind on the renderer btw.: ==24618== ==24618== ==24618== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- N ==24618== Thread 1: ==24618== Conditional jump or move depends on uninitialised value(s) ==24618== at 0x6FA346F: PluginChannelBase::OnMessageReceived(IPC::Message const&) (ref_counted.h:237) ==24618== by 0x552542D: IPC::SyncChannel::WaitForReply(IPC::SyncChannel::SyncContext*, base::WaitableEvent*) (in /home/craig/chromium/src/out/Release/lib.target/libipc.so) ==24618== by 0x55259F9: IPC::SyncChannel::SendWithTimeout(IPC::Message*, int) (in /home/craig/chromium/src/out/Release/lib.target/libipc.so) ==24618== by 0x5523A91: IPC::SyncChannel::Send(IPC::Message*) (in /home/craig/chromium/src/out/Release/lib.target/libipc.so) ==24618== by 0x6FA311B: PluginChannelBase::Send(IPC::Message*) (plugin_channel_base.cc:118) ==24618== by 0x6F4F139: WebPluginDelegateProxy::Initialize(GURL const&, std::vector<std::string, std::allocator<std::string> > const&, std::vector<std::string, std::allocator<std::string> > const&, webkit_glue::WebPlugin*, bool) (in /home/craig/chromium/src/out/Release/lib.target/librenderer.so) ==24618== by 0x64C03C0: webkit_glue::WebPluginImpl::initialize(WebKit::WebPluginContainer*) (in /home/craig/chromium/src/out/Release/lib.target/libglue.so) ==24618== by 0x57447BE: WebKit::FrameLoaderClientImpl::createPlugin(WebCore::IntSize const&, WebCore::HTMLPlugInElement*, WebCore::KURL const&, WTF::Vector<WebCore::String, 0u> const&, WTF::Vector<WebCore::String, 0u> const&, WebCore::String const&, bool) (in /home/craig/chromium/src/out/Release/lib.target/libappcache.so) ==24618== by 0x5D4532C: WebCore::FrameLoader::loadPlugin(WebCore::RenderPart*, WebCore::KURL const&, WebCore::String const&, WTF::Vector<WebCore::String, 0u> const&, WTF::Vector<WebCore::String, 0u> const&, bool) (in /home/craig/chromium/src/out/Release/lib.target/libwebcore.so) ==24618== by 0x5D45DA4: WebCore::FrameLoader::requestObject(WebCore::RenderPart*, WebCore::String const&, WebCore::AtomicString const&, WebCore::String const&, WTF::Vector<WebCore::String, 0u> const&, WTF::Vector<WebCore::String, 0u> const&) (in /home/craig/chromium/src/out/Release/lib.target/libwebcore.so) ==24618== by 0x5EC8D66: WebCore::RenderPartObject::updateWidget(bool) (in /home/craig/chromium/src/out/Release/lib.target/libwebcore.so) ==24618== by 0x5DA9A3E: WebCore::FrameView::updateWidgets() (in /home/craig/chromium/src/out/Release/lib.target/libwebcore.so) I'll follow up with some more debugging later ... -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings -- Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs
