[Webkit-unassigned] [Bug 43776] [Chromium] 51670 WebCore::GeolocationService::positionChanged memory corruption
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Aug 11 03:34:36 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=43776
Marcus Bulach <bulach at chromium.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |steveblock at google.com
--- Comment #2 from Marcus Bulach <bulach at chromium.org> 2010-08-11 03:34:36 PST ---
Hi,
Thanks for the report!
I think this may be related to:
https://bugs.webkit.org/show_bug.cgi?id=39288 and its follow up at https://bugs.webkit.org/show_bug.cgi?id=39879
If I understood correctly (Steve, please, clarify if I'm missing something), this was fixed by http://trac.webkit.org/changeset/59859, but later rolled out http://trac.webkit.org/changeset/60441,
so that FrameLoader::stopLoading() does not call Geolocation::stop(), and hence GeolocationDispatcher::bridges_map_ has the dangling pointer mentioned above.
Steve, any update on 39879?
Please, let me know if there's anything I could do to help.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list