crash log for renderer (pid 19059):
STDOUT: <empty>
STDERR: =================================================================
STDERR: ==4==ERROR: AddressSanitizer: container-overflow on address 0x2601aaec1048 at pc 0x000004d43d36 bp 0x7fffadcdc140 sp 0x7fffadcdc138
STDERR: READ of size 8 at 0x2601aaec1048 thread T0 (content_shell)
STDERR:     #0 0x4d43d35 in buffer third_party/WebKit/Source/wtf/Vector.h:341:30
STDERR:     #1 0x4d43d35 in finalize third_party/WebKit/Source/wtf/Vector.h:668:0
STDERR:     #2 0x4d43d35 in ~ConditionalDestructor third_party/WebKit/Source/wtf/ConditionalDestructor.h:20:0
STDERR:     #3 0x4d43d35 in ~ParentStackFrame third_party/WebKit/Source/core/css/SelectorFilter.h:43:0
STDERR:     #4 0x4d43d35 in blink::HeapVectorBacking<blink::SelectorFilter::ParentStackFrame, WTF::VectorTraits<blink::SelectorFilter::ParentStackFrame> >::finalize(void*) third_party/WebKit/Source/platform/heap/Heap.h:2189:0
STDERR:     #5 0x1d8a1de in blink::HeapObjectHeader::finalize(unsigned char*, unsigned long) third_party/WebKit/Source/platform/heap/Heap.cpp:421:9
STDERR:     #6 0x1d8e43e in blink::LargeObjectHeap::freeLargeObjectPage(blink::LargeObjectPage*) third_party/WebKit/Source/platform/heap/Heap.cpp:1153:5
STDERR:     #7 0x1d8b2c8 in sweepUnsweptPage third_party/WebKit/Source/platform/heap/Heap.cpp:619:9
STDERR:     #8 0x1d8b2c8 in blink::BaseHeap::completeSweep() third_party/WebKit/Source/platform/heap/Heap.cpp:662:0
STDERR:     #9 0x1d97d7d in blink::ThreadState::completeSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:836:13
STDERR:     #10 0x1d9d22d in blink::ThreadState::preSweep() third_party/WebKit/Source/platform/heap/ThreadState.cpp:1088:9
STDERR:     #11 0x1d91ac2 in ~SafePointScope third_party/WebKit/Source/platform/heap/SafePoint.h:37:13
STDERR:     #12 0x1d91ac2 in ~GCScope third_party/WebKit/Source/platform/heap/Heap.cpp:400:0
STDERR:     #13 0x1d91ac2 in blink::Heap::collectGarbage(blink::ThreadState::StackState, blink::ThreadState::GCType, blink::Heap::GCReason) third_party/WebKit/Source/platform/heap/Heap.cpp:2302:0
STDERR:     #14 0x56b5ef9 in blink::V8GCController::gcEpilogue(v8::GCType, v8::GCCallbackFlags) third_party/WebKit/Source/bindings/core/v8/V8GCController.cpp:414:9
STDERR:     #15 0x2129a79 in CallGCEpilogueCallbacks v8/src/heap/heap.cc:1243:9
STDERR:     #16 0x2129a79 in v8::internal::Heap::PerformGarbageCollection(v8::internal::GarbageCollector, v8::GCCallbackFlags) v8/src/heap/heap.cc:1204:0
STDERR:     #17 0x21284ff in v8::internal::Heap::CollectGarbage(v8::internal::GarbageCollector, char const*, char const*, v8::GCCallbackFlags) v8/src/heap/heap.cc:885:11
STDERR:     #18 0x21269d5 in CollectGarbage v8/src/heap/heap-inl.h:512:10
STDERR:     #19 0x21269d5 in v8::internal::Heap::CollectAllGarbage(int, char const*, v8::GCCallbackFlags) v8/src/heap/heap.cc:770:0
STDERR:     #20 0x1ed4890 in v8::Isolate::RequestGarbageCollectionForTesting(v8::Isolate::GarbageCollectionType) v8/src/api.cc:6730:5
STDERR:     #21 0x5596d1 in Run base/callback.h:396:12
STDERR:     #22 0x5596d1 in DispatchToCallback gin/function_template.h:180:0
STDERR:     #23 0x5596d1 in gin::internal::Dispatcher<void (content::GCController*, gin::Arguments const&)>::DispatchToCallback(v8::FunctionCallbackInfo<v8::Value> const&) gin/function_template.h:214:0
STDERR:     #24 0x2961ab5 in v8::internal::FunctionCallbackArguments::Call(void (*)(v8::FunctionCallbackInfo<v8::Value> const&)) v8/src/arguments.cc:33:3
STDERR:     #25 0x1f43ec1 in v8::internal::MaybeHandle<v8::internal::Object> v8::internal::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::(anonymous namespace)::BuiltinArguments<(v8::internal::BuiltinExtraArguments)1>&) v8/src/builtins.cc:1109:35
STDERR:     #26 0x1f4c884 in Builtin_implHandleApiCall v8/src/builtins.cc:1132:3
STDERR:     #27 0x1f4c884 in v8::internal::Builtin_HandleApiCall(int, v8::internal::Object**, v8::internal::Isolate*) v8/src/builtins.cc:1128:0
STDERR:     #16 0x7f1914408a9a  (<unknown module>)
STDERR:     #17 0x7f191473b93e  (<unknown module>)
STDERR:     #18 0x7f1914736f1a  (<unknown module>)
STDERR:     #19 0x7f191473b362  (<unknown module>)
STDERR:     #20 0x7f191442e03c  (<unknown module>)
STDERR:     #21 0x7f191441dfa1  (<unknown module>)
STDERR:     #28 0x206e569 in v8::internal::Invoke(bool, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) v8/src/execution.cc:128:9
STDERR:     #29 0x1ec3fb1 in v8::Function::Call(v8::Local<v8::Context>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*) v8/src/api.cc:4342:11
STDERR:     #30 0x56e19e7 in blink::V8ScriptRunner::callFunction(v8::Local<v8::Function>, blink::ExecutionContext*, v8::Local<v8::Value>, int, v8::Local<v8::Value>*, v8::Isolate*) third_party/WebKit/Source/bindings/core/v8/V8ScriptRunner.cpp:486:40
STDERR:     #31 0x563ee8f in blink::ScriptController::callFunction(blink::ExecutionContext*, v8::Local<v8::Function>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*, v8::Isolate*) third_party/WebKit/Source/bindings/core/v8/ScriptController.cpp:155:40
STDERR:     #32 0x56c5b81 in blink::V8LazyEventListener::callListenerFunction(blink::ScriptState*, v8::Local<v8::Value>, blink::Event*) third_party/WebKit/Source/bindings/core/v8/V8LazyEventListener.cpp:99:10
STDERR:     #33 0x569f0a7 in blink::V8AbstractEventListener::invokeEventHandler(blink::ScriptState*, blink::Event*, v8::Local<v8::Value>) third_party/WebKit/Source/bindings/core/v8/V8AbstractEventListener.cpp:125:23
STDERR:     #34 0x569eb19 in blink::V8AbstractEventListener::handleEvent(blink::ScriptState*, blink::Event*) third_party/WebKit/Source/bindings/core/v8/V8AbstractEventListener.cpp:100:5
STDERR:     #35 0x569e7f9 in blink::V8AbstractEventListener::handleEvent(blink::ExecutionContext*, blink::Event*) third_party/WebKit/Source/bindings/core/v8/V8AbstractEventListener.cpp:85:5
STDERR:     #36 0x3bbc1e6 in blink::EventTarget::fireEventListeners(blink::Event*, blink::EventTargetData*, WTF::Vector<blink::RegisteredEventListener, 1ul, WTF::DefaultAllocator>&) third_party/WebKit/Source/core/events/EventTarget.cpp:356:9
STDERR:     #37 0x3bbafb9 in blink::EventTarget::fireEventListeners(blink::Event*) third_party/WebKit/Source/core/events/EventTarget.cpp:292:9
STDERR:     #38 0x3bd0abe in blink::NodeEventContext::handleLocalEvents(blink::Event&) const third_party/WebKit/Source/core/events/NodeEventContext.cpp:67:5
STDERR:     #39 0x3ba2c9b in dispatchEventAtTarget third_party/WebKit/Source/core/events/EventDispatcher.cpp:171:5
STDERR:     #40 0x3ba2c9b in blink::EventDispatcher::dispatch() third_party/WebKit/Source/core/events/EventDispatcher.cpp:126:0
STDERR:     #41 0x3ba106f in blink::EventDispatcher::dispatchEvent(blink::Node&, WTF::RawPtr<blink::EventDispatchMediator>) third_party/WebKit/Source/core/events/EventDispatcher.cpp:50:12
STDERR:     #42 0x3ab5925 in blink::Node::dispatchEvent(WTF::RawPtr<blink::Event>) third_party/WebKit/Source/core/dom/Node.cpp:2120:12
STDERR:     #43 0x5489451 in blink::SVGElement::sendSVGLoadEventIfPossible() third_party/WebKit/Source/core/svg/SVGElement.cpp:807:9
STDERR:     #44 0x5470857 in blink::SVGDocumentExtensions::dispatchSVGLoadEventToOutermostSVGElements() third_party/WebKit/Source/core/svg/SVGDocumentExtensions.cpp:132:13
STDERR:     #45 0x39b1385 in blink::Document::implicitClose() third_party/WebKit/Source/core/dom/Document.cpp:2488:9
STDERR:     #46 0x49d46b0 in blink::FrameLoader::checkCompleted() third_party/WebKit/Source/core/loader/FrameLoader.cpp:492:9
STDERR:     #47 0x49d446c in blink::FrameLoader::finishedParsing() third_party/WebKit/Source/core/loader/FrameLoader.cpp:408:5
STDERR:     #48 0x39d0049 in blink::Document::finishedParsing() third_party/WebKit/Source/core/dom/Document.cpp:4540:9
STDERR:     #49 0x4bd7078 in blink::XMLDocumentParser::end() third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:438:5
STDERR:     #50 0x49ba107 in blink::DocumentWriter::end() third_party/WebKit/Source/core/loader/DocumentWriter.cpp:117:5
STDERR:     #51 0x499fb39 in endWriting third_party/WebKit/Source/core/loader/DocumentLoader.cpp:743:5
STDERR:     #52 0x499fb39 in blink::DocumentLoader::finishedLoading(double) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:244:0
STDERR:     #53 0x499f7d5 in blink::DocumentLoader::notifyFinished(blink::Resource*) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:213:9
STDERR:     #54 0x4659154 in blink::Resource::checkNotify() third_party/WebKit/Source/core/fetch/Resource.cpp:248:9
STDERR:     #55 0x4659ecd in blink::Resource::finish() third_party/WebKit/Source/core/fetch/Resource.cpp:307:5
STDERR:     #56 0x4685bb1 in blink::ResourceLoader::didFinishLoading(blink::WebURLLoader*, double, long) third_party/WebKit/Source/core/fetch/ResourceLoader.cpp:453:5
STDERR:     #57 0x70ba782 in content::WebURLLoaderImpl::Context::OnCompletedRequest(int, bool, bool, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, base::TimeTicks const&, long) content/child/web_url_loader_impl.cc:757:9
STDERR:     #58 0x709ea06 in content::ResourceDispatcher::OnRequestComplete(int, ResourceMsg_RequestCompleteData const&) content/child/resource_dispatcher.cc:368:3
STDERR:     #59 0x70997c0 in DispatchToMethodImpl<content::ResourceDispatcher, void (content::ResourceDispatcher::*)(int, const ResourceMsg_RequestCompleteData &), int, ResourceMsg_RequestCompleteData, 0, 1> base/tuple.h:252:3
STDERR:     #60 0x70997c0 in DispatchToMethod<content::ResourceDispatcher, void (content::ResourceDispatcher::*)(int, const ResourceMsg_RequestCompleteData &), int, ResourceMsg_RequestCompleteData> base/tuple.h:259:0
STDERR:     #61 0x70997c0 in Dispatch<content::ResourceDispatcher, content::ResourceDispatcher, void, void (content::ResourceDispatcher::*)(int, const ResourceMsg_RequestCompleteData &)> content/common/resource_messages.h:349:0
STDERR:     #62 0x70997c0 in content::ResourceDispatcher::DispatchMessage(IPC::Message const&) content/child/resource_dispatcher.cc:514:0
STDERR:     #63 0x7098108 in content::ResourceDispatcher::OnMessageReceived(IPC::Message const&) content/child/resource_dispatcher.cc:117:3
STDERR:     #64 0x7300a0 in Run base/callback.h:396:12
STDERR:     #65 0x7300a0 in base::debug::TaskAnnotator::RunTask(char const*, char const*, base::PendingTask const&) base/debug/task_annotator.cc:63:0
STDERR:     #66 0x71504ed in scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(unsigned long, bool, base::PendingTask*) components/scheduler/child/task_queue_manager.cc:653:5
STDERR:     #67 0x714ea85 in scheduler::TaskQueueManager::DoWork(bool) components/scheduler/child/task_queue_manager.cc:608:9
STDERR:     #68 0x7300a0 in Run base/callback.h:396:12
STDERR:     #69 0x7300a0 in base::debug::TaskAnnotator::RunTask(char const*, char const*, base::PendingTask const&) base/debug/task_annotator.cc:63:0
STDERR:     #70 0x680497 in base::MessageLoop::RunTask(base::PendingTask const&) base/message_loop/message_loop.cc:444:3
STDERR:     #71 0x68149d in DeferOrRunPendingTask base/message_loop/message_loop.cc:454:5
STDERR:     #72 0x68149d in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:566:0
STDERR:     #73 0x686080 in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:32:21
STDERR:     #74 0x6a0b48 in base::RunLoop::Run() base/run_loop.cc:55:3
STDERR:     #75 0x67ee6e in base::MessageLoop::Run() base/message_loop/message_loop.cc:303:3
STDERR:     #76 0x724a173 in content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:220:7
STDERR:     #77 0x62b9c9 in content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:308:14
STDERR:     #78 0x62d93f in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:783:12
STDERR:     #79 0x62af5a in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:19:15
STDERR:     #80 0x4e0495 in main content/shell/app/shell_main.cc:49:10
STDERR:     #81 0x7f1944c7876c in __libc_start_main /build/buildd/eglibc-2.15/csu/libc-start.c:226:0
STDERR: 
STDERR: AddressSanitizer can not describe address in more detail (wild memory access suspected).
STDERR: SUMMARY: AddressSanitizer: container-overflow (/mnt/data/b/build/slave/WebKit_Linux_Oilpan_ASAN/build/src/out/Release/content_shell+0x4d43d35)
STDERR: Shadow bytes around the buggy address:
STDERR:   0x04c0b55d01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
STDERR:   0x04c0b55d01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
STDERR:   0x04c0b55d01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
STDERR:   0x04c0b55d01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
STDERR:   0x04c0b55d01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
STDERR: =>0x04c0b55d0200: 00 00 00 00 00 00 00 f7 fc[fc]fc fc fc fc fc fc
STDERR:   0x04c0b55d0210: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
STDERR:   0x04c0b55d0220: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
STDERR:   0x04c0b55d0230: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
STDERR:   0x04c0b55d0240: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
STDERR:   0x04c0b55d0250: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
STDERR: Shadow byte legend (one shadow byte represents 8 application bytes):
STDERR:   Addressable:           00
STDERR:   Partially addressable: 01 02 03 04 05 06 07
STDERR:   Heap left redzone:       fa
STDERR:   Heap right redzone:      fb
STDERR:   Freed heap region:       fd
STDERR:   Stack left redzone:      f1
STDERR:   Stack mid redzone:       f2
STDERR:   Stack right redzone:     f3
STDERR:   Stack partial redzone:   f4
STDERR:   Stack after return:      f5
STDERR:   Stack use after scope:   f8
STDERR:   Global redzone:          f9
STDERR:   Global init order:       f6
STDERR:   Poisoned by user:        f7
STDERR:   Container overflow:      fc
STDERR:   Array cookie:            ac
STDERR:   Intra object redzone:    bb
STDERR:   ASan internal:           fe
STDERR:   Left alloca redzone:     ca
STDERR:   Right alloca redzone:    cb
STDERR: ==4==ABORTING