46480 2010-09-24 10:30:16 -0700 [chromium] Platform layers should not be able to hold a stale compositor pointer 2010-10-08 09:56:22 -0700 1 1 1 Unclassified WebKit WebCore Misc. 528+ (Nightly build) All All RESOLVED FIXED P2 Normal --- 1 vangelis vangelis oldest_to_newest 284504 0 vangelis 2010-09-24 10:30:16 -0700 Composited layers (the ones derived from LayerChromium) hold a raw pointer to the compositor (LayerRendererChromium) which means that if the compositor gets destroyed before the layers do they could be accessing uninitialized memory. One possible solution would be to make LayerChromium hold a reference to LayerRendererChromium instead of a raw pointer to ensure a proper destruction order. 291725 1 vangelis 2010-10-08 09:56:22 -0700 Fixed in r68442: <http://trac.webkit.org/changeset/68442>