23470 – Crash when page load occurs while processing scroll event with mallocscribble enabled

RESOLVED FIXED 23470

Crash when page load occurs while processing scroll event with mallocscribble enabled

https://bugs.webkit.org/show_bug.cgi?id=23470

Summary Crash when page load occurs while processing scroll event with mallocscribble...

Oliver Hunt

Reported 2009-01-21 20:52:17 PST

I spotted a crash that occurs when a page load occurs in the middle of processing a scroll event that has been propagated to a subframe that is destroyed by the page load. Alas reproducing requires malloc scribble, and a timer driven load independent of webcore.

Attachments
Add a protector (1.55 KB, patch) 2009-01-21 21:01 PST, Oliver Hunt	hyatt: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

Oliver Hunt

Comment 1 2009-01-21 21:01:32 PST

Created attachment 26922 [details] Add a protector Simple fix

Dave Hyatt

Comment 2 2009-01-21 21:12:26 PST

Comment on attachment 26922 [details] Add a protector r=me

Oliver Hunt

Comment 3 2009-01-22 08:59:44 PST

Committing to http://svn.webkit.org/repository/webkit/trunk ... M WebCore/ChangeLog M WebCore/page/EventHandler.cpp Committed r40112

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware Mac

OS OS X 10.5

Product WebKit

Component WebCore Misc.

Assignee

Oliver Hunt

Reported

2009-01-21 20:52 PST

Modified

2009-01-22 08:59 PST History

CC List

0 users

URL

Keywords

Depends on

Blocks