Bug 23470

Summary: Crash when page load occurs while processing scroll event with mallocscribble enabled
Product: WebKit Reporter: Oliver Hunt <oliver>
Component: WebCore Misc.Assignee: Oliver Hunt <oliver>
Status: RESOLVED FIXED    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Mac   
OS: OS X 10.5   
Attachments:
Description Flags
Add a protector hyatt: review+

Oliver Hunt
Reported 2009-01-21 20:52:17 PST
I spotted a crash that occurs when a page load occurs in the middle of processing a scroll event that has been propagated to a subframe that is destroyed by the page load. Alas reproducing requires malloc scribble, and a timer driven load independent of webcore.
Attachments
Add a protector (1.55 KB, patch)
2009-01-21 21:01 PST, Oliver Hunt 		hyatt: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Oliver Hunt
Comment 1 2009-01-21 21:01:32 PST
Created attachment 26922 [details] Add a protector Simple fix
Dave Hyatt
Comment 2 2009-01-21 21:12:26 PST
Comment on attachment 26922 [details] Add a protector r=me
Oliver Hunt
Comment 3 2009-01-22 08:59:44 PST
Committing to http://svn.webkit.org/repository/webkit/trunk ... M WebCore/ChangeLog M WebCore/page/EventHandler.cpp Committed r40112
Note You need to log in before you can comment on or make changes to this bug.