Merge https://chromium.googlesource.com/chromium/blink/+/6b6887bf53068f8537908e501fdc7317ad2c6d86 In some cases, m_currentFrame may be bigger than m_frames.size(). Should limit the upper bound of the loop to m_frames.size().
Created attachment 216031 [details] Patch
Comment on attachment 216031 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=216031&action=review > Source/WebCore/ChangeLog:3 > + > + Please remove an extra newline.
Created attachment 216046 [details] Patch
Comment on attachment 216046 [details] Patch LGTM, r=me.
Comment on attachment 216046 [details] Patch Clearing flags on attachment: 216046 Committed r158840: <http://trac.webkit.org/changeset/158840>
All reviewed patches have been landed. Closing bug.