Crash logs indicate an infrequent crash in RenderLayer::updateLayerPosition(). Code inspection reveals that we might dereference a nullptr for elements with enclosing parents with a layer. The search for this parent might end without finding anything, resulting in the ancestor being set to nullptr. This patch adds the missing nullptr check to avoid this possibility.
<rdar://problem/30023019>
Created attachment 298810 [details] Patch
Comment on attachment 298810 [details] Patch Test case?
Comment on attachment 298810 [details] Patch Clearing flags on attachment: 298810 Committed r210760: <http://trac.webkit.org/changeset/210760>
All reviewed patches have been landed. Closing bug.