Bug 168083 - Crash in WebCore::Animation::~Animation
Summary: Crash in WebCore::Animation::~Animation
Status: RESOLVED CONFIGURATION CHANGED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Animations (show other bugs)
Version: WebKit Nightly Build
Hardware: PC Linux
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-09 15:32 PST by Michael Catanzaro
Modified: 2023-05-10 00:47 PDT (History)
4 users (show)

See Also:

Attachments
Backtrace (229.17 KB, text/plain)
2017-02-09 15:32 PST, Michael Catanzaro 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Catanzaro 2017-02-09 15:32:18 PST 
Created attachment 301091 [details]
Backtrace

I hit this crash today when watching a YouTube video. It reminds me of bug #164913, but it's different. Truncated backtrace:

0x00007fdf1395f390 in WTF::RefCounted<WebCore::TimingFunction>::deref() const (this=0x7fde4845d5b0)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/RefCounted.h:145
#1  0x00007fdf1395f390 in WTF::derefIfNotNull<WebCore::TimingFunction>(WebCore::TimingFunction*) (ptr=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/PassRefPtr.h:40
#2  0x00007fdf1395f390 in WTF::RefPtr<WebCore::TimingFunction>::~RefPtr() (this=0x7fde149b89f0, __in_chrg=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/RefPtr.h:62
#3  0x00007fdf1395f390 in WebCore::Animation::~Animation() (this=0x7fde149b89c0, __in_chrg=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WebCore/platform/animation/Animation.cpp:126
#4  0x00007fdf13c95a13 in WTF::RefCounted<WebCore::Animation>::deref() const (this=0x7fde149b89c0)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/RefCounted.h:145
#5  0x00007fdf13c95a13 in WTF::derefIfNotNull<WebCore::Animation>(WebCore::Animation*) (ptr=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/PassRefPtr.h:40
#6  0x00007fdf13c95a13 in WTF::RefPtr<WebCore::Animation>::~RefPtr() (this=0x7fde7981b600, __in_chrg=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/RefPtr.h:62
#7  0x00007fdf13c95a13 in WTF::VectorDestructor<true, WTF::RefPtr<WebCore::Anima---Type <return> to continue, or q <return> to quit---
tion> >::destruct(WTF::RefPtr<WebCore::Animation>*, WTF::RefPtr<WebCore::Animation>*) (end=0x7fde7981b608, begin=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/Vector.h:60
#8  0x00007fdf13c95a13 in WTF::VectorTypeOperations<WTF::RefPtr<WebCore::Animation> >::destruct(WTF::RefPtr<WebCore::Animation>*, WTF::RefPtr<WebCore::Animation>*) (end=<optimized out>, begin=<optimized out>)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/Vector.h:224
#9  0x00007fdf13c95a13 in WTF::Vector<WTF::RefPtr<WebCore::Animation>, 0ul, WTF::CrashOnOverflow, 16ul>::shrink(unsigned long) (size=0, this=0x7fddf79cb570)
    at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/Vector.h:1023
#10 0x00007fdf13c95a13 in WTF::Vector<WTF::RefPtr<WebCore::Animation>, 0ul, WTF::CrashOnOverflow, 16ul>::~Vector() (this=0x7fddf79cb570, __in_chrg=<optimized out>) at /usr/src/debug/webkitgtk-2.14.3/Source/WTF/wtf/Vector.h:631

Full backtrace attached.
Comment 1 Michael Catanzaro 2017-09-03 07:47:06 PDT 
Only have two reports of this total, but I'm sure I've seen it many more times than that.
Comment 2 Antoine Quint 2023-05-10 00:47:15 PDT 
Michael, given this was filed in 2017, I'm going to close this, but please re-open, preferably with a test case, if you see this again.