[Webkit-unassigned] [Bug 197985] [GTK] Segfault with pure virtual method called in animations comparison

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri May 17 08:18:08 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=197985

--- Comment #1 from Thibault Saunier <tsaunier at gnome.org> ---
Unmangled trace fwiw:

(gdb) bt
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1  0x00007faf27de4895 in __GI_abort () at abort.c:79
#2  0x00007faf281856da in __gnu_cxx::__verbose_terminate_handler () at ../../../../libstdc++-v3/libsupc++/vterminate.cc:95
#3  0x00007faf2819161c in __cxxabiv1::__terminate (handler=<optimized out>) at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:47
#4  0x00007faf28191677 in std::terminate () at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:57
#5  0x00007faf28192415 in __cxxabiv1::__cxa_pure_virtual () at ../../../../libstdc++-v3/libsupc++/pure.cc:50
#6  0x00007faf30e59db8 in WebCore::Animation::animationsMatch (this=0x7fae482c0000, other=..., matchProperties=matchProperties at entry=true) at DerivedSources/ForwardingHeaders/wtf/RefPtr.h:71
#7  0x00007faf30e5a889 in WebCore::Animation::operator== (o=..., this=<optimized out>) at ../../Source/WebCore/platform/animation/Animation.h:152
#8  WebCore::Animation::operator!= (o=..., this=<optimized out>) at ../../Source/WebCore/platform/animation/Animation.h:152
#9  WebCore::AnimationList::operator== (this=0x7faf25ed1280, other=...) at ../../Source/WebCore/platform/animation/AnimationList.cpp:60
#10 0x00007faf313079e5 in WTF::arePointingToEqualData<std::unique_ptr<WebCore::AnimationList, std::default_delete<WebCore::AnimationList> > > (a=std::unique_ptr<class WebCore::AnimationList> = {...}, b=std::unique_ptr<class WebCore::AnimationList> = {...}) at /usr/include/c++/9/bits/unique_ptr.h:357
#11 0x00007faf313071cb in WebCore::StyleRareNonInheritedData::operator== (this=0x7fae482bf720, o=...) at DerivedSources/ForwardingHeaders/wtf/RefPtr.h:71
#12 0x00007faf312f9923 in WebCore::DataRef<WebCore::StyleRareNonInheritedData>::operator== (other=..., this=0x7faea8601eb0) at DerivedSources/ForwardingHeaders/wtf/Ref.h:121
#13 WebCore::RenderStyle::operator== (other=..., this=0x7faea8601e90) at ../../Source/WebCore/rendering/style/RenderStyle.cpp:364
#14 WebCore::RenderStyle::operator== (this=0x7faea8601e90, other=...) at ../../Source/WebCore/rendering/style/RenderStyle.cpp:355
#15 0x00007faf3139bf64 in WebCore::RenderStyle::operator!= (other=..., this=0x7faea8601e90) at ../../Source/WebCore/rendering/style/RenderStyle.h:165
#16 WebCore::Style::determineChange (s1=..., s2=...) at ../../Source/WebCore/style/StyleChange.cpp:52
#17 0x00007faf313a3a66 in WebCore::Style::TreeResolver::createAnimatedElementUpdate (this=this at entry=0x7fff85a55680, newStyle=std::unique_ptr<class WebCore::RenderStyle> = {...}, element=..., parentChange=WebCore::Style::NoChange) at ../../Source/WebCore/style/StyleTreeResolver.cpp:326
#18 0x00007faf313ae6b5 in WebCore::Style::TreeResolver::resolveElement (this=this at entry=0x7fff85a55680, element=...) at /usr/include/c++/9/bits/move.h:74
#19 0x00007faf313b0164 in WebCore::Style::TreeResolver::resolveComposedTree (this=this at entry=0x7fff85a55680) at ../../Source/WebCore/style/StyleTreeResolver.cpp:500
#20 0x00007faf313b12ab in WebCore::Style::TreeResolver::resolve (this=this at entry=0x7fff85a55680) at ../../Source/WebCore/style/StyleTreeResolver.cpp:558
#21 0x00007faf306cfccf in WebCore::Document::resolveStyle (this=this at entry=0x7faed0601ca0, type=<optimized out>, type at entry=WebCore::Document::ResolveStyleType::Normal) at ../../Source/WebCore/dom/Document.cpp:1904
#22 0x00007faf306d0881 in WebCore::Document::updateStyleIfNeeded (this=0x7faed0601ca0) at ../../Source/WebCore/dom/Document.cpp:2023
#23 0x00007faf30e517b8 in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x7faf25e9dde8) at ../../Source/WebCore/platform/ThreadTimers.h:101
#24 WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x7faf25e9dde8) at ../../Source/WebCore/platform/ThreadTimers.cpp:101
#25 0x00007faf2c9ae624 in WTF::RunLoop::TimerBase::<lambda(gpointer)>::operator() (__closure=0x0, userData=0x7faf34170fd0 <WebCore::MainThreadSharedTimer::singleton()::instance+16>) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:171
#26 WTF::RunLoop::TimerBase::<lambda(gpointer)>::_FUN(gpointer) () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:177
#27 0x00007faf285ff9c8 in g_main_dispatch () at ../../Source/glib-2.58.1/glib/gmain.c:3182
#28 g_main_context_dispatch () at ../../Source/glib-2.58.1/glib/gmain.c:3847
#29 0x00007faf285ffd88 in g_main_context_iterate () at ../../Source/glib-2.58.1/glib/gmain.c:3920
#30 0x00007faf28600072 in g_main_loop_run () at ../../Source/glib-2.58.1/glib/gmain.c:4116
#31 0x00007faf2c9aece8 in WTF::RunLoop::run () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:96
#32 0x00007faf2f7f188a in WebKit::AuxiliaryProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=3, argv=<optimized out>) at ../../Source/WebKit/Shared/unix/AuxiliaryProcessMain.h:47
#33 0x00007faf27de5f33 in __libc_start_main (main=0x400b90 <main(int, char**)>, argc=3, argv=0x7fff85a55e58, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fff85a55e48) at ../csu/libc-start.c:308
#34 0x0000000000400c1e in _start ()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190517/f6a9d52e/attachment-0001.html>

More information about the webkit-unassigned mailing list