[Webkit-unassigned] [Bug 197985] New: [GTK] Segfault with pure virtual method called in animations comparison

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri May 17 08:14:21 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=197985

            Bug ID: 197985
           Summary: [GTK] Segfault with pure virtual method called in
                    animations comparison
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Animations
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: tsaunier at gnome.org
                CC: dino at apple.com

Appr.tc randomly segfaults with the following stack trace during video calls:

Thread 1 (Thread 0x7faf2683fac0 (LWP 28173)):
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007faf27de4895 in __GI_abort () at abort.c:79
#2  0x00007faf281856da in _ZN9__gnu_cxx27__verbose_terminate_handlerEv () at ../../../../libstdc++-v3/libsupc++/vterminate.cc:95
#3  0x00007faf2819161c in _ZN10__cxxabiv111__terminateEPFvvE (handler=<optimized out>) at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:47
#4  0x00007faf28191677 in _ZSt9terminatev () at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:57
#5  0x00007faf28192415 in __cxxabiv1::__cxa_pure_virtual () at ../../../../libstdc++-v3/libsupc++/pure.cc:50
#6  0x00007faf30e59db8 in _ZNK7WebCore9Animation15animationsMatchERKS0_b (this=0x7fae482c0000, other=..., matchProperties=matchProperties at entry=true) at DerivedSources/ForwardingHeaders/wtf/RefPtr.h:71
#7  0x00007faf30e5a889 in _ZNK7WebCore9AnimationeqERKS0_ (o=..., this=<optimized out>) at ../../Source/WebCore/platform/animation/Animation.h:152
#8  _ZNK7WebCore9AnimationneERKS0_ (o=..., this=<optimized out>) at ../../Source/WebCore/platform/animation/Animation.h:152
#9  _ZNK7WebCore13AnimationListeqERKS0_ (this=0x7faf25ed1280, other=...) at ../../Source/WebCore/platform/animation/AnimationList.cpp:60
#10 0x00007faf313079e5 in _ZN3WTF22arePointingToEqualDataISt10unique_ptrIN7WebCore13AnimationListESt14default_deleteIS3_EEEEbRKT_S9_ (a=std::unique_ptr<class WebCore::AnimationList> = {...}, b=std::unique_ptr<class WebCore::AnimationList> = {...}) at /usr/include/c++/9/bits/unique_ptr.h:357
#11 0x00007faf313071cb in _ZNK7WebCore25StyleRareNonInheritedDataeqERKS0_ (this=0x7fae482bf720, o=...) at DerivedSources/ForwardingHeaders/wtf/RefPtr.h:71
#12 0x00007faf312f9923 in _ZNK7WebCore7DataRefINS_25StyleRareNonInheritedDataEEeqERKS2_ (other=..., this=0x7faea8601eb0) at DerivedSources/ForwardingHeaders/wtf/Ref.h:121
#13 _ZNK7WebCore11RenderStyleeqERKS0_ (other=..., this=0x7faea8601e90) at ../../Source/WebCore/rendering/style/RenderStyle.cpp:364
#14 _ZNK7WebCore11RenderStyleeqERKS0_ (this=0x7faea8601e90, other=...) at ../../Source/WebCore/rendering/style/RenderStyle.cpp:355
#15 0x00007faf3139bf64 in _ZNK7WebCore11RenderStyleneERKS0_ (other=..., this=0x7faea8601e90) at ../../Source/WebCore/rendering/style/RenderStyle.h:165
#16 _ZN7WebCore5Style15determineChangeERKNS_11RenderStyleES3_ (s1=..., s2=...) at ../../Source/WebCore/style/StyleChange.cpp:52
#17 0x00007faf313a3a66 in _ZN7WebCore5Style12TreeResolver27createAnimatedElementUpdateESt10unique_ptrINS_11RenderStyleESt14default_deleteIS3_EERNS_7ElementENS0_6ChangeE (this=this at entry=0x7fff85a55680, newStyle=std::unique_ptr<class WebCore::RenderStyle> = {...}, element=warning: can't find linker symbol for virtual table for `WebCore::Element' value
warning:   found `_ZTVN7WebCore13SVGSVGElementE' instead
..., parentChange=WebCore::Style::NoChange) at ../../Source/WebCore/style/StyleTreeResolver.cpp:326
#18 0x00007faf313ae6b5 in _ZN7WebCore5Style12TreeResolver14resolveElementERNS_7ElementE (this=this at entry=0x7fff85a55680, element=warning: can't find linker symbol for virtual table for `WebCore::Element' value
warning:   found `_ZTVN7WebCore13SVGSVGElementE' instead
...) at /usr/include/c++/9/bits/move.h:74
#19 0x00007faf313b0164 in _ZN7WebCore5Style12TreeResolver19resolveComposedTreeEv (this=this at entry=0x7fff85a55680) at ../../Source/WebCore/style/StyleTreeResolver.cpp:500
#20 0x00007faf313b12ab in _ZN7WebCore5Style12TreeResolver7resolveEv (this=this at entry=0x7fff85a55680) at ../../Source/WebCore/style/StyleTreeResolver.cpp:558
#21 0x00007faf306cfccf in _ZN7WebCore8Document12resolveStyleENS0_16ResolveStyleTypeE (this=this at entry=0x7faed0601ca0, type=<optimized out>, type at entry=WebCore::Document::ResolveStyleType::Normal) at ../../Source/WebCore/dom/Document.cpp:1904
#22 0x00007faf306d0881 in _ZN7WebCore8Document19updateStyleIfNeededEv (this=0x7faed0601ca0) at ../../Source/WebCore/dom/Document.cpp:2023
#23 0x00007faf30e517b8 in _ZN7WebCore12ThreadTimers24sharedTimerFiredInternalEv (this=0x7faf25e9dde8) at ../../Source/WebCore/platform/ThreadTimers.h:101
#24 _ZN7WebCore12ThreadTimers24sharedTimerFiredInternalEv (this=0x7faf25e9dde8) at ../../Source/WebCore/platform/ThreadTimers.cpp:101
#25 0x00007faf2c9ae624 in WTF::RunLoop::TimerBase::<lambda(gpointer)>::operator() (__closure=0x0, userData=0x7faf34170fd0 <_ZZN7WebCore21MainThreadSharedTimer9singletonEvE8instance+16>) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:171
#26 WTF::RunLoop::TimerBase::<lambda(gpointer)>::_FUN(gpointer) () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:177
#27 0x00007faf285ff9c8 in g_main_dispatch () at ../../Source/glib-2.58.1/glib/gmain.c:3182
#28 g_main_context_dispatch () at ../../Source/glib-2.58.1/glib/gmain.c:3847
#29 0x00007faf285ffd88 in g_main_context_iterate () at ../../Source/glib-2.58.1/glib/gmain.c:3920
#30 0x00007faf28600072 in g_main_loop_run () at ../../Source/glib-2.58.1/glib/gmain.c:4116
#31 0x00007faf2c9aece8 in _ZN3WTF7RunLoop3runEv () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:96
#32 0x00007faf2f7f188a in _ZN6WebKit20AuxiliaryProcessMainINS_10WebProcessENS_14WebProcessMainEEEiiPPc (argc=3, argv=<optimized out>) at ../../Source/WebKit/Shared/unix/AuxiliaryProcessMain.h:47
#33 0x00007faf27de5f33 in __libc_start_main (main=0x400b90 <main(int, char**)>, argc=3, argv=0x7fff85a55e58, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff85a55e48) at ../csu/libc-start.c:308
#34 0x0000000000400c1e in _start ()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190517/3fca97c9/attachment-0001.html>

More information about the webkit-unassigned mailing list