Summary: | FrameLoader::checkCompleted can hit the "ref'ing while destroyed" assertion | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Darin Adler <darin> | ||||
Component: | Page Loading | Assignee: | Darin Adler <darin> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | beidson, commit-queue, japhet, mark.lam | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | All | ||||||
OS: | All | ||||||
Attachments: |
|
Description
Darin Adler
2014-04-24 19:03:01 PDT
Created attachment 230129 [details]
Patch
Comment on attachment 230129 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=230129&action=review > Source/WebCore/loader/FrameLoader.cpp:819 > + // of this function can be called the frame's destructor, and it's not legal ...can be called *in* the frame's destructor.. Committed r167790: <http://trac.webkit.org/changeset/167790> |