Bug 130777 - Fix a crash caused by track insertion after load()
Summary: Fix a crash caused by track insertion after load()
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Media (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Brent Fulgham
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-26 09:25 PDT by Brent Fulgham
Modified: 2014-03-27 10:51 PDT (History)
9 users (show)

See Also:

Attachments
Patch (3.76 KB, patch)
2014-03-26 09:41 PDT, Brent Fulgham 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Brent Fulgham 2014-03-26 09:25:39 PDT 
Merge the following Blink change:

Fix a crash caused by track insertion after load().

This patch fixes a crash caused by stale LoadMediaResource flag in
m_pendingActionFlags when load() is explicitly called on a media
element. The insertion of a <track> element triggers the crash by
triggering the scheduling of the m_loadTimer, which ends up using the
stale flag data when the timer fires. The fix is to clear the
LoadMediaResource flag from m_pendingActionFlags when a new load is
initiated.

BUG=356352
TEST=LayoutTests/media/track/track-insert-after-load-crash.html

Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=170003
Comment 1 Brent Fulgham 2014-03-26 09:41:07 PDT 
Created attachment 227853 [details]
Patch
Comment 2 WebKit Commit Bot 2014-03-27 10:51:20 PDT 
Comment on attachment 227853 [details]
Patch

Clearing flags on attachment: 227853

Committed r166362: <http://trac.webkit.org/changeset/166362>
Comment 3 WebKit Commit Bot 2014-03-27 10:51:25 PDT 
All reviewed patches have been landed.  Closing bug.