Summary: | Crash from null pointer dereference below WebCore::StorageAreaImpl::setItem() | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | David Kilzer (:ddkilzer) <ddkilzer> | ||||||||
Component: | WebCore JavaScript | Assignee: | Julien Chaffraix <jchaffraix> | ||||||||
Status: | RESOLVED FIXED | ||||||||||
Severity: | Normal | CC: | ademar, beidson, bthomas, cevans, dglazkov, jchaffraix, jorlow, jschuh, webkit.review.bot | ||||||||
Priority: | P2 | Keywords: | HasReduction, InRadar | ||||||||
Version: | 528+ (Nightly build) | ||||||||||
Hardware: | All | ||||||||||
OS: | All | ||||||||||
Bug Depends on: | |||||||||||
Bug Blocks: | 42959 | ||||||||||
Attachments: |
|
Description
David Kilzer (:ddkilzer)
2011-03-25 22:24:01 PDT
FWIW, this doesn't crash even the renderer in Chrome. I'm a little surprised there's a difference though. Created attachment 94469 [details]
Proposed fix: NULL-check for page like the rest of the code
Comment on attachment 94469 [details] Proposed fix: NULL-check for page like the rest of the code View in context: https://bugs.webkit.org/attachment.cgi?id=94469&action=review > Source/WebCore/storage/StorageAreaImpl.cpp:106 > - return frame->page()->settings()->privateBrowsingEnabled(); > + return frame->page() ? frame->page()->settings()->privateBrowsingEnabled() : false; I like writing these with && instead of ? : like this: return frame->page() && frame->page()->settings()->privateBrowsingEnabled(); Comment on attachment 94469 [details] Proposed fix: NULL-check for page like the rest of the code Attachment 94469 [details] did not pass chromium-ews (chromium-xvfb): Output: http://queues.webkit.org/results/8726482 New failing tests: fast/storage/storage-detached-iframe.html Created attachment 94484 [details]
Archive of layout-test-results from ec2-cr-linux-01
The attached test failures were seen while running run-webkit-tests on the chromium-ews.
Bot: ec2-cr-linux-01 Port: Chromium Platform: Linux-2.6.35-28-virtual-x86_64-with-Ubuntu-10.10-maverick
The failure is a crash on Chromium-Linux. However the stack-trace is not helpful so I will proceed to land the patch updating test_expectations.txt as I think it is unrelated. Filed bug 61326 to cover the crash. Committed r87114: <http://trac.webkit.org/changeset/87114> Revision r87114 cherry-picked into qtwebkit-2.2 with commit 6d4125a <http://gitorious.org/webkit/qtwebkit/commit/6d4125a> |