[Webkit-unassigned] [Bug 25394] CRASH in DocumentLoader::addResponse due to bad |this| pointer
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Apr 26 00:19:42 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=25394
------- Comment #2 from fishd at chromium.org 2009-04-26 00:19 PDT -------
This turns out to be a variant of another crash I recently patched. See bug
25136.
If a subresource like an IMG is requested after 'unload' but before the next
page load completes, it can result in this crash. The IMG load has to complete
very quickly, which can be synthesized by loading a data URL.
Test case coming up.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list