[Webkit-unassigned] [Bug 186031] New: [Web Animations] Test webanimations/css-animations.html is crashing

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon May 28 02:27:52 PDT 2018 

https://bugs.webkit.org/show_bug.cgi?id=186031

            Bug ID: 186031
           Summary: [Web Animations] Test
                    webanimations/css-animations.html is crashing
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Animations
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: cgarcia at igalia.com
                CC: dino at apple.com, graouts at apple.com, jonlee at apple.com

I don't know since when this is crashing because it's not happening in the bots. This is another case of std::optional value being used while it's nullopt. I guess different compiler have different behaviors for that, see also bug #185819 for another example. So, I guess this started to fail when we stopped using the WTF implementation of std::optional. This is very easy to reproduce with the 404 page of github, by moving the focus outside the web view. The problem is that we try to get the current iteration of a declarative animation when the active time is unresolved.

Program terminated with signal SIGABRT, Aborted.
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51      ../sysdeps/unix/sysv/linux/raise.c: No existe el fichero o el directorio.
[Current thread is 1 (Thread 0x7f52348bd9c0 (LWP 16058))]
(gdb) bt
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007f52259d5231 in __GI_abort () at abort.c:79
#2  0x00007f52338d80cc in WebCore::DeclarativeAnimation::invalidateDOMEvents(WTF::Seconds) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#3  0x00007f52338da5e4 in WebCore::DeclarativeAnimation::cancel() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#4  0x00007f52338da618 in WebCore::AnimationTimeline::cancelOrRemoveDeclarativeAnimation(WTF::RefPtr<WebCore::DeclarativeAnimation, WTF::DumbPtrTraits<WebCore::DeclarativeAnimation> >) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#5  0x00007f52338dba3d in WebCore::AnimationTimeline::updateCSSAnimationsForElement(WebCore::Element&, WebCore::RenderStyle const&, WebCore::RenderStyle const*) ()
   from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#6  0x00007f52335e1e19 in WebCore::Style::TreeResolver::createAnimatedElementUpdate(std::unique_ptr<WebCore::RenderStyle, std::default_delete<WebCore::RenderStyle> >, WebCore::Element&, WebCore::Style::Change) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#7  0x00007f52335e5f0b in WebCore::Style::TreeResolver::resolveElement(WebCore::Element&) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#8  0x00007f52335e858e in WebCore::Style::TreeResolver::resolveComposedTree() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#9  0x00007f52335e920e in WebCore::Style::TreeResolver::resolve() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#10 0x00007f5232ca453e in WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#11 0x00007f5232ca4ba2 in WebCore::Document::updateStyleIfNeeded() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#12 0x00007f5232cd7acb in WebCore::Element::getAnimations() () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#13 0x00007f5232562da9 in WebCore::jsElementPrototypeFunctionGetAnimations(JSC::ExecState*) () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libwebkit2gtk-4.0.so.37
#14 0x00007f51dcc33177 in ?? ()
#15 0x00007ffd452ae210 in ?? ()
#16 0x00007f522fb326c5 in llint_entry () from /home/cgarcia/src/git/gnome/WebKit/WebKitBuild/Release/lib/libjavascriptcoregtk-4.0.so.18
Backtrace stopped: frame did not save the PC

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180528/fe731e80/attachment-0001.html>

More information about the webkit-unassigned mailing list