[Webkit-unassigned] [Bug 93199] Crash in FrameView::scrollContentsFastPath when scrolling Facebook and Google image search
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Aug 5 03:14:00 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=93199
--- Comment #1 from Tim Horton <timothy_horton at apple.com> 2012-08-05 03:13:59 PST ---
It looks to me like this is us trying to scroll a fixed-position renderer where style() is null in this part of scrollContentsFastPath:
for (FixedObjectSet::const_iterator it = m_fixedObjects->begin(); it != end; ++it) {
RenderObject* renderer = *it;
if (renderer->style()->position() != FixedPosition)
continue;
It seems likely that this regressed in http://trac.webkit.org/changeset/121443, but I have not confirmed.
This crash is extremely easy to reproduce on release builds on pages with fixed position elements.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list