Summary: | REGRESSION: Crash in sendDeferredTimerEvents | ||
---|---|---|---|
Product: | WebKit | Reporter: | Jon <jon> |
Component: | New Bugs | Assignee: | Darin Adler <darin> |
Status: | RESOLVED FIXED | ||
Severity: | Critical | ||
Priority: | P1 | ||
Version: | 420+ | ||
Hardware: | Mac | ||
OS: | OS X 10.4 |
Description
Jon
2005-11-07 21:29:23 PST
Confirmed w/Nov 8 nightly. I guess I can just roll it out -- or if there was a reliable way to reproduce I could fix it quickly! Mitz said the steps to reproduce are: "just go to any form, click in one text field, wait, click in another. http://bugzilla.opendarwin.org/query.cgi will do". This is the errant function: WebCore/kwq/KWQObject.mm:250 static void sendDeferredTimerEvents(CFRunLoopTimerRef, void *) { CFRelease(sendDeferredTimerEventsTimer); sendDeferredTimerEventsTimer = 0; CFArrayRef timers = deferredTimers; deferredTimers = 0; CFArrayApplyFunction(timers, CFRangeMake(0, CFArrayGetCount(timers)), sendDeferredTimerEvent, 0); CFRelease(timers); } GDB says deferredTimers is null (probably never initialized). I notice that other parts of the code, like timerFired, check for a null deferredTimers -- maybe we should do the same here? If so, I'd suggest making a static getDeferredTimers() accessor method to do the work in one place. s/deferredTimers/timers/ *timers* is null, probably because deferredTimers was never initialized. I checked in nil check for timers in sendDeferredTimerEvents. |