It's possible to be latched to a DOM element, then attempt a new scroll event where the hit test for the mouse event returns NULL for the target element. When this happens, the NULL element is dereferenced without a NULL check resulting in a crash. This patch corrects this mistake.
<rdar://problem/16761067>
Created attachment 231676 [details] Patch
Wow, Simon. That was fast!
Committed r169037: <http://trac.webkit.org/changeset/169037>