[Webkit-unassigned] [Bug 22398] New: Crash when clearing webkitTransitionDuration in webkitTransitionEnd event handler

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Nov 21 02:56:23 PST 2008 

https://bugs.webkit.org/show_bug.cgi?id=22398

           Summary: Crash when clearing webkitTransitionDuration in
                    webkitTransitionEnd event handler
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Macintosh
        OS/Version: Mac OS X 10.5
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: CSS
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: thomas at fesch.at


I've an event handler on document that is fired on 'webkitTransitionEnd'. If I
try to set the affected element style.webkitTransitionDuration property to an
empty string, WebKit nightly crashes.

I'll try to provide a reduced testcase.

Here's the crash log:

Version:         r38654 (38654)

Exception Type:  EXC_BAD_INSTRUCTION (SIGILL)
Exception Codes: 0x0000000000000001, 0x0000000000000000
Crashed Thread:  0

Thread 0 Crashed:
0   ???                                 0x01d7c42d 0 + 30917677
1   com.apple.WebCore                   0x014485c2
WebCore::AnimationTimerCallback::timerFired(WebCore::Timer<WebCore::AnimationTimerBase>*)
+ 34
2   com.apple.WebCore                   0x0144b49b
WebCore::Timer<WebCore::AnimationTimerBase>::fired() + 43
3   com.apple.WebCore                   0x01317635
WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, 0ul>
const&) + 133
4   com.apple.WebCore                   0x01317902
WebCore::TimerBase::sharedTimerFired() + 162
5   com.apple.WebCore                   0x012fd674
__ZN7WebCoreL10timerFiredEP16__CFRunLoopTimerPv + 68
6   com.apple.CoreFoundation            0x93b01b45 CFRunLoopRunSpecific + 4469
7   com.apple.CoreFoundation            0x93b01cf8 CFRunLoopRunInMode + 88
8   com.apple.HIToolbox                 0x904aa480 RunCurrentEventLoopInMode +
283
9   com.apple.HIToolbox                 0x904aa299 ReceiveNextEventCommon + 374
10  com.apple.HIToolbox                 0x904aa10d
BlockUntilNextEventMatchingListInMode + 106
11  com.apple.AppKit                    0x90fe03ed _DPSNextEvent + 657
12  com.apple.AppKit                    0x90fdfca0 -[NSApplication
nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
13  com.apple.Safari                    0x000080be 0x1000 + 28862
14  com.apple.AppKit                    0x90fd8cdb -[NSApplication run] + 795
15  com.apple.AppKit                    0x90fa5f14 NSApplicationMain + 574
16  com.apple.Safari                    0x000b9b46 0x1000 + 756550


-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the webkit-unassigned mailing list