Created attachment 274908 [details] backtrace see stacktrace.
<rdar://problem/25359164>
related to bug 155109
Created attachment 274945 [details] Patch
Comment on attachment 274945 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=274945&action=review > Source/WebCore/rendering/RenderObject.cpp:716 > if (!is<RenderBlock>(parent)) This should just be a null check.
Created attachment 274948 [details] Patch
Created attachment 274949 [details] Patch
Comment on attachment 274949 [details] Patch Clearing flags on attachment: 274949 Committed r198701: <http://trac.webkit.org/changeset/198701>
All reviewed patches have been landed. Closing bug.
FYI I am backporting this to our 2.12.0 package in Fedora. We haven't received many crash reports because we don't have 2.12.0 in any stable release yet, but I've gotten several complaints on Bugzilla and IRC. (Thanks for fixing it so quickly, Zalan.)
Notable complaint is that this crash occurs on Google shortly after searching for anything (although I wasn't able to reproduce that myself).