Reviewed by Maciej.
authoraroben <aroben@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 9 Oct 2006 23:57:55 +0000 (23:57 +0000)
committeraroben <aroben@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 9 Oct 2006 23:57:55 +0000 (23:57 +0000)
        Fix a possible recursive destructor call.

        * page/Frame.cpp:
        (WebCore::Frame::~Frame): Add a FIXME about cleaning up the destructor.
        (WebCore::Frame::finishedParsing): Don't create a protector RefPtr if
        we're already being destroyed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@16948 268f45cc-cd09-0410-ab3c-d52691b4dbfc

WebCore/ChangeLog
WebCore/page/Frame.cpp

index 5e00006ca58c620feed3180ee51015dedf050be4..d21280dec6f49ebeb3bae8198d7726011f49f11e 100644 (file)
@@ -1,3 +1,14 @@
+2006-10-09  Adam Roben  <aroben@apple.com>
+
+        Reviewed by Maciej.
+
+        Fix a possible recursive destructor call.
+
+        * page/Frame.cpp:
+        (WebCore::Frame::~Frame): Add a FIXME about cleaning up the destructor.
+        (WebCore::Frame::finishedParsing): Don't create a protector RefPtr if
+        we're already being destroyed.
+
 2006-10-09  Sam Weinig  <sam.weinig@gmail.com>
 
         Reviewed by Tim H.
index 4eab0ef5990bd630aa8c69fcfb0520eecc3667b9..eda76afaa4a843fa4002fe879ff5da2ec7be7d2c 100644 (file)
@@ -185,6 +185,8 @@ Frame::Frame(Page* page, Element* ownerElement)
 
 Frame::~Frame()
 {
+    // FIXME: We should not be doing all this work inside the destructor
+
     ASSERT(!d->m_lifeSupportTimer.isActive());
 
 #ifndef NDEBUG
@@ -847,7 +849,9 @@ void Frame::gotoAnchor()
 
 void Frame::finishedParsing()
 {
-  RefPtr<Frame> protector(this);
+  // This method can be called from our destructor, in which case we shouldn't protect ourselves
+  // because doing so will cause us to re-enter our destructor when protector goes out of scope.
+  RefPtr<Frame> protector = refCount() > 0 ? this : 0;
   checkCompleted();
 
   if (!d->m_view)