[Webkit-unassigned] [Bug 187530] [ MacOS WK2 ]Layout Test imported/blink/compositing/squashing/squash-above-fixed-subpixel-1.html is a Flaky Crash

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Jul 11 09:36:34 PDT 2018 

https://bugs.webkit.org/show_bug.cgi?id=187530

--- Comment #1 from Truitt Savell <tsavell at apple.com> ---
Created attachment 344765

  --> https://bugs.webkit.org/attachment.cgi?id=344765&action=review

Crash Log:

Crash Log Excerpt:

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore                   0x000000011457415c WTF::DumbPtrTraits<WebCore::AnimationEffectReadOnly>::unwrap(WebCore::AnimationEffectReadOnly* const&) + 12 (DumbPtrTraits.h:41)
1   com.apple.WebCore                   0x00000001152ff925 WTF::RefPtr<WebCore::AnimationEffectReadOnly, WTF::DumbPtrTraits<WebCore::AnimationEffectReadOnly> >::get() const + 21 (RefPtr.h:72)
2   com.apple.WebCore                   0x00000001152ff70c WebCore::WebAnimation::effect() const + 28 (WebAnimation.h:64)
3   com.apple.WebCore                   0x0000000115a99038 WebCore::AnimationTimeline::cancelOrRemoveDeclarativeAnimation(WTF::RefPtr<WebCore::DeclarativeAnimation, WTF::DumbPtrTraits<WebCore::DeclarativeAnimation> >) + 40 (AnimationTimeline.cpp:452)
4   com.apple.WebCore                   0x0000000115a98bf0 WebCore::AnimationTimeline::updateCSSAnimationsForElement(WebCore::Element&, WebCore::RenderStyle const*, WebCore::RenderStyle const&) + 1728 (AnimationTimeline.cpp:251)
5   com.apple.WebCore                   0x00000001174c5902 WebCore::Style::TreeResolver::createAnimatedElementUpdate(std::__1::unique_ptr<WebCore::RenderStyle, std::__1::default_delete<WebCore::RenderStyle> >, WebCore::Element&, WebCore::Style::Change) + 578 (StyleTreeResolver.cpp:300)
6   com.apple.WebCore                   0x00000001174c4bc5 WebCore::Style::TreeResolver::resolveElement(WebCore::Element&) + 1285 (StyleTreeResolver.cpp:213)
7   com.apple.WebCore                   0x00000001174c7619 WebCore::Style::TreeResolver::resolveComposedTree() + 1561 (StyleTreeResolver.cpp:504)
8   com.apple.WebCore                   0x00000001174c8d8d WebCore::Style::TreeResolver::resolve() + 1885 (StyleTreeResolver.cpp:562)
9   com.apple.WebCore                   0x0000000115fedc38 WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType) + 1224 (Document.cpp:1850)
10  com.apple.WebCore                   0x0000000115fef7a9 WebCore::Document::updateStyleIfNeeded() + 425 (Document.cpp:1969)
11  com.apple.WebCore                   0x0000000115fe9fc5 WebCore::Document::updateLayout() + 325 (Document.cpp:1989)
12  com.apple.WebCore                   0x0000000115fef97e WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) + 94 (Document.cpp:2011)
13  com.apple.WebCore                   0x00000001160930c9 WebCore::Element::offsetTop() + 41 (Element.cpp:824)
14  com.apple.WebCore                   0x0000000114b3207d WebCore::jsHTMLElementOffsetTopGetter(JSC::ExecState&, WebCore::JSHTMLElement&, JSC::ThrowScope&) + 61 (JSHTMLElement.cpp:946)
15  com.apple.WebCore                   0x0000000114ae85f0 long long WebCore::IDLAttribute<WebCore::JSHTMLElement>::get<&(WebCore::jsHTMLElementOffsetTopGetter(JSC::ExecState&, WebCore::JSHTMLElement&, JSC::ThrowScope&)), (WebCore::CastedThisErrorBehavior)3>(JSC::ExecState&, long long, char const*) + 224 (JSDOMAttribute.h:69)
16  com.apple.WebCore                   0x0000000114ae84fb WebCore::jsHTMLElementOffsetTop(JSC::ExecState*, long long, JSC::PropertyName) + 43 (JSHTMLElement.cpp:952)
17  com.apple.JavaScriptCore            0x000000010fc5bcad JSC::PropertySlot::customGetter(JSC::ExecState*, JSC::PropertyName) const + 461 (PropertySlot.cpp:50)
18  com.apple.JavaScriptCore            0x000000010e9a1cc2 JSC::PropertySlot::getValue(JSC::ExecState*, JSC::PropertyName) const + 178 (PropertySlot.h:410)
19  com.apple.JavaScriptCore            0x000000010f1cf1ff JSC::JSValue::get(JSC::ExecState*, JSC::PropertyName, JSC::PropertySlot&) const + 319 (JSCJSValueInlines.h:825)
20  com.apple.JavaScriptCore            0x000000010f8b12c4 llint_slow_path_get_by_id + 372 (LLIntSlowPaths.cpp:752)
21  com.apple.JavaScriptCore            0x000000010e96f768 llint_entry + 13719

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180711/4ae62fc0/attachment.html>

More information about the webkit-unassigned mailing list