Bug 23470

Summary:

Crash when page load occurs while processing scroll event with mallocscribble enabled

Product:

WebKit

Reporter:

Oliver Hunt <oliver>

Component:

WebCore Misc.

Assignee:

Oliver Hunt <oliver>

Status:

RESOLVED FIXED

Severity:

Normal

Priority:

Version:

528+ (Nightly build)

Hardware:

Mac

OS:

OS X 10.5

Attachments:

Description	Flags
Add a protector	hyatt: review+

Description Oliver Hunt 2009-01-21 20:52:17 PST

I spotted a crash that occurs when a page load occurs in the middle of processing a scroll event that has been propagated to a subframe that is destroyed by the page load.

Alas reproducing requires malloc scribble, and a timer driven load independent of webcore.

Comment 1 Oliver Hunt 2009-01-21 21:01:32 PST

Created attachment 26922 [details]
Add a protector

Simple fix

Comment 2 Dave Hyatt 2009-01-21 21:12:26 PST

Comment on attachment 26922 [details]
Add a protector

r=me

Comment 3 Oliver Hunt 2009-01-22 08:59:44 PST

Committing to http://svn.webkit.org/repository/webkit/trunk ...
	M	WebCore/ChangeLog
	M	WebCore/page/EventHandler.cpp
Committed r40112