[Webkit-unassigned] [Bug 56124] CSSSelector double frees
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 3 13:45:44 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=56124
--- Comment #13 from Antti Koivisto <koivisto at iki.fi> 2011-05-03 13:45:44 PST ---
(In reply to comment #12)
> As best as we can tell, the double frees are gone in the Chrome 12 branch (which is currently on the dev channel). I'll remove the checks/CRASH calls.
>
> Antti, you had said "At minimum it will move the crash to an earlier, more easily traceble point." Do you have a guess as to which point that would be (if we should be looking for another stack trace in the reports)/
Under Document::removedLastRef() perhaps, or maybe turn it into a null ptr crash on some of the fields I clear in this patch. But there is a pretty decent chance this really fixed the bug.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list