[Webkit-unassigned] [Bug 16855] Multiple correctness issues with javascript URLs
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Jun 5 08:51:06 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=16855
------- Comment #8 from michaeln at google.com 2009-06-05 08:51 PDT -------
(In reply to comment #7)
> This really feels like it should be two patches:
Ok.
> crasher fix
I'm not real happy with this change. Any loader gurus out there see a more
appropriate answer?
A symptom of the problem is that after calling stopAllLoaders(), the existing
docs DocLoader->m_requestCount field has not gone to zero. The code that
follows the stop call causes the existing doc to get blown away. The assertion
in DocLoader's dtor fires at this point (ASSERT(m_requestCount == 0). At some
later point, when those still active requests make progress of some kind,
chrome crashes.
Should stopAllLoaders() also be responsible for terminating these requests too
or not? If the intent was that it should terminate these requests too... i can
make a change in there to ensure that it does so. Its just not clear to me if
that is the intent of this method?
The crash is specific to chrome (perhaps browsers employing v8 more
specifically). With safari (jsc), the sequence of events is different. I
haven't drilled into where things are different just yet. I do know that if the
pending requests are killed... crash fixed.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list