Comment #5 on issue 6423 by w...@chromium.org: Chrome: Crash Report - Stack Signature: URLRequestHttpJob::ContinueDespiteLastError()-87EC89 http://code.google.com/p/chromium/issues/detail?id=6423
It always bothers me to fix a crash by adding a null pointer check without knowing why we get the null pointer. It's also strange that we only get this crash in the Dev channel 2.0.x.y builds but not in the Stable channel 1.0.154.x builds. I didn't find any difference in the relevant source code between 1.0.154.x and 2.0.x.y (the trunk). A possible scenario for this crash is that we ignore a certificate error, so the requests for the subresources on that page are automatically continued despite the certificate error, and we close the tab while we're still loading the subresources. What I found is that a URLRequest is cancelled and deleted in two tasks. So it is possible for the ContinueDespiteLastError task to sneak in between those two tasks, finding a URLRequestJob in the cancelled-but-not-deleted state. In addition, if the info->resource_handler->OnResponseCompleted call in ResourceDispatcherHost::OnResponseCompleted returns false (which could happen for CrossSiteResourceHandler::OnResponseCompleted), the deletion of the URLRequest is further delayed. In URLRequestHttpJob, I found null pointer checks for transaction_ in the Kill and OnStartedCompleted methods. The null pointer check in Kill was added to allow us to call Kill more than once, so it's for a different purpose. But the null pointer check in OnStartedCompleted may have been added to fix a similar crash. This is all I can find now. I'm going to proceed with a null pointer check. -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
