[webkit-changes] [140732] trunk/Source/WebCore

[jamesr]

Title: [140732] trunk/Source/WebCore

Revision

140732

Author

jam...@google.com

Date

2013-01-24 15:14:42 -0800 (Thu, 24 Jan 2013)

Log Message

REGRESSION(140571): Crash in ScrollingCoordinator::mainThreadScrollingReasons during Frame::createView
https://bugs.webkit.org/show_bug.cgi?id=107868

Reviewed by Beth Dakin.

When using fixed layout mode, it's possible to update the scrollbar state of the main FrameView before
it's set on the main frame, which can lead to calling in to ScrollingCoordinator to compute main thread
scrolling regions when m_page->mainFrame()->view() is 0. In this case, we don't have any main
thread scrolling reasons and should just return 0.

* page/scrolling/ScrollingCoordinator.cpp:
(WebCore::ScrollingCoordinator::mainThreadScrollingReasons):

Modified Paths

• trunk/Source/WebCore/ChangeLog
• trunk/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp

Diff

Modified: trunk/Source/WebCore/ChangeLog (140731 => 140732)

--- trunk/Source/WebCore/ChangeLog	2013-01-24 23:01:06 UTC (rev 140731)
+++ trunk/Source/WebCore/ChangeLog	2013-01-24 23:14:42 UTC (rev 140732)
@@ -1,3 +1,18 @@
+2013-01-24  James Robinson  <jam...@chromium.org>
+
+        REGRESSION(140571): Crash in ScrollingCoordinator::mainThreadScrollingReasons during Frame::createView
+        https://bugs.webkit.org/show_bug.cgi?id=107868
+
+        Reviewed by Beth Dakin.
+
+        When using fixed layout mode, it's possible to update the scrollbar state of the main FrameView before
+        it's set on the main frame, which can lead to calling in to ScrollingCoordinator to compute main thread
+        scrolling regions when m_page->mainFrame()->view() is 0. In this case, we don't have any main
+        thread scrolling reasons and should just return 0.
+
+        * page/scrolling/ScrollingCoordinator.cpp:
+        (WebCore::ScrollingCoordinator::mainThreadScrollingReasons):
+
 2013-01-24  Martin Robinson  <mrobin...@igalia.com>
 
         Abstract the logic for appending a UChar32 onto StringBuilder

Modified: trunk/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp (140731 => 140732)

--- trunk/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp	2013-01-24 23:01:06 UTC (rev 140731)
+++ trunk/Source/WebCore/page/scrolling/ScrollingCoordinator.cpp	2013-01-24 23:14:42 UTC (rev 140732)
@@ -449,6 +449,8 @@
 MainThreadScrollingReasons ScrollingCoordinator::mainThreadScrollingReasons() const
 {
     FrameView* frameView = m_page->mainFrame()->view();
+    if (!frameView)
+        return static_cast<MainThreadScrollingReasons>(0);
 
     MainThreadScrollingReasons mainThreadScrollingReasons = (MainThreadScrollingReasons)0;
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes