RESOLVED FIXED188935
Check for null renderer in canBeScrolledIntoView 
https://bugs.webkit.org/show_bug.cgi?id=188935
Summary Check for null renderer in canBeScrolledIntoView
Don Olmstead
Reported 2018-08-24 15:46:06 PDT
There's no check on parentNode->renderer() before its used within canBeScrolledIntoView. Associated Chromium fix with layout test https://chromium-review.googlesource.com/c/chromium/src/+/550255
Attachments
Patch (3.23 KB, patch)
2018-08-28 17:09 PDT, Don Olmstead 		simon.fraser: review+
DetailsFormatted DiffDiff
Patch (3.22 KB, patch)
2018-08-28 18:15 PDT, Don Olmstead 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Don Olmstead
Comment 1 2018-08-24 15:47:50 PDT
Adding the following in the for loop fixes the problem. + if (UNLIKELY(!parentNode->renderer())) + continue; Its EOD here so if nobody gets to this by Monday I'll just throw together a patch with the layout test in it.
Don Olmstead
Comment 2 2018-08-28 17:09:42 PDT
Created attachment 348361 [details] Patch Port of the chromium fix
Simon Fraser (smfr)
Comment 3 2018-08-28 17:29:10 PDT
Comment on attachment 348361 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=348361&action=review > Source/WebCore/page/SpatialNavigation.cpp:708 > + if (UNLIKELY(!parentNode->renderer())) The UNLIKELY() seems unnecessary.
Don Olmstead
Comment 4 2018-08-28 18:15:39 PDT
Created attachment 348371 [details] Patch Address review comments
WebKit Commit Bot
Comment 5 2018-08-28 22:05:32 PDT
Comment on attachment 348371 [details] Patch Clearing flags on attachment: 348371 Committed r235457: <https://trac.webkit.org/changeset/235457>
WebKit Commit Bot
Comment 6 2018-08-28 22:05:34 PDT
All reviewed patches have been landed. Closing bug.
Radar WebKit Bug Importer
Comment 7 2018-08-28 22:06:14 PDT
<rdar://problem/43829010>
Note You need to log in before you can comment on or make changes to this bug.