[Webkit-unassigned] [Bug 34153] Crash in WebCore while processing the fast scrolling code path.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jan 26 17:18:01 PST 2010
https://bugs.webkit.org/show_bug.cgi?id=34153
Simon Fraser (smfr) <simon.fraser at apple.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #47403|review?, commit-queue? |review-
Flag| |
--- Comment #7 from Simon Fraser (smfr) <simon.fraser at apple.com> 2010-01-26 17:17:58 PST ---
(From update of attachment 47403)
> diff --git a/WebCore/ChangeLog b/WebCore/ChangeLog
> + The code to unregister the object with fixed positionning must
> + be copied to RenderWidget.
"positionning"
> + Unregistering must also be done when a render widget get a
> + transformation.
Not just a RenderWidget, but any RenderObject. "gets", not "get".
> diff --git a/WebCore/rendering/RenderWidget.cpp b/WebCore/rendering/RenderWidget.cpp
> animation()->cancelAnimations(this);
>
> - if (RenderView* v = view())
> + if (RenderView* v = view()) {
> v->removeWidget(this);
> + FrameView* frameView = view()->frameView();
> + if (frameView)
> + frameView->unregisterFixedPositionedObject(this);
> + }
Why doesn't this have the "m_style->position() == FixedPosition" check that
RenderObject does? Is one of them wrong?
This also needs a layout test. r- for that.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list