[Webkit-unassigned] [Bug 30839] REGRESSION: crashes in WebCore::RedirectScheduler::timerFired(WebCore::Timer<WebCore::RedirectScheduler>*)
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Oct 27 17:28:11 PDT 2009
https://bugs.webkit.org/show_bug.cgi?id=30839
Darin Adler <darin at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |darin at apple.com
--- Comment #6 from Darin Adler <darin at apple.com> 2009-10-27 17:28:11 PDT ---
The invalid address at 0x92 indicates we’re dereferencing a null pointer with
an offset of 0x92. And defersLoading is at an offset of 0x92. So I’m pretty
sure this crash means that RedirectScheduler::timerFired is being called when
m_frame->page() is 0.
One thing we can do about this right away is to add a return statement for
cases where page is 0 after the assertion. Then we can still look for this bug
in debug builds, but possible render it harmless in release builds.
Another thing we can do is do the thought experiment about how m_frame->page()
could become zero without telling the RedirectScheduler to stop its timer.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list