[webkit-reviews] review canceled: [Bug 96863] REGRESSION(r124168): Null crash in RenderLayer::createScrollbar : [Attachment 165688] Proposed fix: avoid triggering a style change if we only need a temporary style.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Sep 26 20:01:11 PDT 2012
Abhishek Arya <inferno at chromium.org> has canceled review:
Bug 96863: REGRESSION(r124168): Null crash in RenderLayer::createScrollbar
https://bugs.webkit.org/show_bug.cgi?id=96863
Attachment 165688: Proposed fix: avoid triggering a style change if we only
need a temporary style.
https://bugs.webkit.org/attachment.cgi?id=165688&action=review
------- Additional Comments from Abhishek Arya <inferno at chromium.org>
Actually I found a more cleaner approach and i think the bug is in
RenderImage::imageChanged called by CachedImage::didAddClient. We should just
bail out if we don't have a parent. See similar
[http://code.google.com/codesearch#OAMlx_jo-ck/src/third_party/WebKit/Source/We
bCore/rendering/RenderBox.cpp&exact_package=chromium&q=RenderBox::imageChanged%
20file:webcore&l=989]
So, the fix should be to get rid of setStyle which is in the wrong place here.
And bail out on no parent in imageChanged, since it is later called when the
real setAnimatableStyle is called.
RenderObject* NodeRendererFactory::createRenderer()
{
Node* node = m_context.node();
RenderObject* newRenderer =
node->createRenderer(node->document()->renderArena(), m_context.style());
if (!newRenderer)
.....
node->setRenderer(newRenderer);
newRenderer->setAnimatableStyle(m_context.releaseStyle());
More information about the webkit-reviews
mailing list