Bug 25381

Summary: Needs test: jQuery animation crashing Safari
Product: WebKit Reporter: Reza Shaffaf <reza.shaffaf>
Component: Tools / TestsAssignee: Alexey Proskuryakov <ap>
Status: RESOLVED FIXED    
Severity: Normal CC: gregsimon, zwarich
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
URL: http://mikepultz.com/safari-chrome2.html
Attachments:
Description Flags
test case reduction
none
Stack trace
none
reduction to 418byte from 3kb
none
testcase without jquery dependancy. always reproducable.
none
Regression test darin: review+

Description Reza Shaffaf 2009-04-24 16:00:30 PDT 
This crash is reproducible in Safari 3.2.1 (4525.27.1) on Macintosh and Safari 3.1.2 and Chrome 1.0.154.59 on Windows.

When using jQuery's show/hide, slideup/slidedown animations on a div with fixed positioning, the browser will crash.

See the URL for a test case reduction.  If you require any further information just let me know and I will provide it.
Comment 1 Reza Shaffaf 2009-04-24 16:05:57 PDT 
Created attachment 29772 [details]
test case reduction
Comment 2 Cameron Zwarich (cpst) 2009-04-24 19:07:18 PDT 
Created attachment 29780 [details]
Stack trace

ASSERTION FAILED: !node() || documentBeingDestroyed() || !document()->frame()->view() || document()->frame()->view()->layoutRoot() != this
(/Users/Cameron/WebKit/WebCore/rendering/RenderObject.cpp:210 virtual WebCore::RenderObject::~RenderObject())
Comment 3 Cameron Zwarich (cpst) 2009-04-24 19:08:05 PDT 
This may be related to bug 25252.
Comment 4 Cameron Zwarich (cpst) 2009-04-24 19:10:28 PDT 
Actually, it appears before the revision causing bug 25252, and the bug mentions this. I'm stupid.
Comment 5 ruseel 2009-08-13 02:01:18 PDT 
Created attachment 34722 [details]
reduction to 418byte from 3kb

reduction to 418byte.
Comment 6 ruseel 2009-08-15 22:14:16 PDT 
Created attachment 34919 [details]
testcase without jquery dependancy. always reproducable.
Comment 7 Alexey Proskuryakov 2009-11-20 13:06:00 PST 
This reproduces with Safari 4.0.4, but not with ToT.

I don't know if there was an appropriate regression test landed with a fix, so it's likely easiest to land this test.
Comment 8 Alexey Proskuryakov 2009-11-20 13:20:46 PST 
Created attachment 43609 [details]
Regression test
Comment 9 Darin Adler 2009-11-20 13:23:05 PST 
Comment on attachment 43609 [details]
Regression test

Is there no way to make the test effective without all the timeouts? Could we force layout instead?

It's irritating to have timeouts in a test.
Comment 10 Alexey Proskuryakov 2009-11-20 13:30:46 PST 
Actually, forcing layout does work! I was too intimidated with this layout and rendering bug to try :)

Landed a test without timeouts in <http://trac.webkit.org/changeset/51254>.