[Webkit-unassigned] [Bug 113616] New: Crash when "willSendRequest" causes the ResourceLoader to be cancelled.

Fri Mar 29 15:49:23 PDT 2013

https://bugs.webkit.org/show_bug.cgi?id=113616

           Summary: Crash when "willSendRequest" causes the ResourceLoader
                    to be cancelled.
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Keywords: InRadar
          Severity: Normal
          Priority: P2
         Component: WebKit2
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: beidson at apple.com
                CC: ap at webkit.org

Crash when "willSendRequest" causes the ResourceLoader to be cancelled.

This can happen a lot of ways.  One example is with the url http://www.rackspace.com/blog/mathematics-cannot-be-patented-case-dismissed/ where an XHR fails a redirect check and therefore the loader is cancelled.

When the WebCore loader is cancelled, the WebResourceLoader is destroyed but then it tries to access freed objects.

This was only introduced with the asynchronous ResourceHandleClient model so it's very new.

By adding a RefPtr<> protector we avoid the crash completely.  By adding a "detachFromCoreLoader" to call when the WebCore loader is aborting we can avoid unnecessary messaging back to the NetworkProcess.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.