[Webkit-unassigned] [Bug 199403] [GTK] Crash in WebCore::ScrollView::paint
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jul 18 00:54:19 PDT 2019
https://bugs.webkit.org/show_bug.cgi?id=199403
--- Comment #6 from Carlos Garcia Campos <cgarcia at igalia.com> ---
(In reply to Michael Catanzaro from comment #3)
> I assume ScrollView itself is already freed, perhaps?
I would expect it to crash earlier then, in WebKit::WebPage::drawRect()
m_mainFrame->coreFrame()->view()->paint(graphicsContext, rect);
FrameView is owned by Frame, so if it's freed view() should return nullptr and the crash would happen here.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190718/b037b148/attachment.html>
More information about the webkit-unassigned
mailing list