Bug 18237 - wrong unref of m_frame causes segfault
Summary: wrong unref of m_frame causes segfault
Status: UNCONFIRMED
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKitGTK (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC Linux
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks: 20403
  Show dependency treegraph
 
Reported: 2008-03-31 10:26 PDT by Salvatore De Paolis
Modified: 2017-03-11 10:55 PST (History)
1 user (show)

See Also:

Attachments
m_frame unref (1.07 KB, patch)
2008-03-31 10:27 PDT, Salvatore De Paolis 		mrowe: review-
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Salvatore De Paolis 2008-03-31 10:26:28 PDT 
m_frame is unref without checking if it's null and it causes a segfault
Comment 1 Salvatore De Paolis 2008-03-31 10:27:33 PDT 
Created attachment 20237 [details]
m_frame unref
Comment 2 Darin Adler 2008-03-31 10:48:48 PDT 
Comment on attachment 20237 [details]
m_frame unref

This looks wrong to me. I don't think this should be done in these detachedFromParent calls, and certainly not in both the (1) and (2) versions!
Comment 3 Salvatore De Paolis 2008-03-31 11:07:08 PDT 
(In reply to comment #2)
> (From update of attachment 20237 [details] [edit])
> This looks wrong to me. I don't think this should be done in these
> detachedFromParent calls, and certainly not in both the (1) and (2) versions!
> 
Actually the only one was the (4) and it segfaulted. Adding the check on m_frame fixed it. I thought it would work similar with the others but I did not find anybody to explain to me how it works with frames.
So keep it as WORKSFORME and feel free to update the patch.
Comment 4 Mark Rowe (bdash) 2008-04-10 17:47:47 PDT 
Comment on attachment 20237 [details]
m_frame unref

r- based on Darin's comment.