Bug 31664

Summary: [Qt] QWebInspector access its memory after being deleted
Product: WebKit Reporter: Jocelyn Turcotte <jturcotte>
Component: WebKit QtAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Major CC: commit-queue, florianlink
Priority: P2 Keywords: Qt
Version: 528+ (Nightly build)   
Hardware: PC   
OS: All   
Attachments:
Description Flags
Bug fix patch
none
Autotests patch none

Jocelyn Turcotte
Reported 2009-11-19 04:36:24 PST
If we have a QWebPage that created its own QWebInspector, it will delete it in destructor of QWebPage. The problem is that its deleted in QWebPagePrivate::setInspector, itself called by QWebPage::d->inspector->setPage(0). When setPage resumes, it tries to access its memory which can lead to a crash.
Attachments
Bug fix patch (1.19 KB, patch)
2009-11-19 04:39 PST, Jocelyn Turcotte 		no flags
DetailsFormatted DiffDiff
Autotests patch (4.14 KB, patch)
2009-11-19 04:43 PST, Jocelyn Turcotte 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Jocelyn Turcotte
Comment 1 2009-11-19 04:39:19 PST
Created attachment 43496 [details] Bug fix patch
Jocelyn Turcotte
Comment 2 2009-11-19 04:43:08 PST
Created attachment 43497 [details] Autotests patch Other Qt tests have a section in the .pro file specific to symbian that looks like: symbian { TARGET.UID3 = 0xA000E540 TARGET.CAPABILITY = ReadUserData WriteUserData NetworkServices } I'm not sure about what to put in the UID3 field so I omitted it from the patch. Please tell me if you have an idea.
WebKit Commit Bot
Comment 3 2009-11-19 06:04:40 PST
Comment on attachment 43496 [details] Bug fix patch Clearing flags on attachment: 43496 Committed r51185: <http://trac.webkit.org/changeset/51185>
WebKit Commit Bot
Comment 4 2009-11-19 06:12:20 PST
Comment on attachment 43497 [details] Autotests patch Clearing flags on attachment: 43497 Committed r51186: <http://trac.webkit.org/changeset/51186>
WebKit Commit Bot
Comment 5 2009-11-19 06:12:32 PST
All reviewed patches have been landed. Closing bug.
florianlink
Comment 6 2010-01-28 02:24:26 PST
*** Bug 34244 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.