Note that this test only crashes when running run-webkit-tests standalone, not when testing more than 1 test.
BT: Process: DumpRenderTree [6331] Path: /Users/rbuis/work/WebKit/WebKitBuild/Debug/DumpRenderTree Identifier: DumpRenderTree Version: ??? (???) Code Type: X86-64 (Native) Parent Process: perl5.10.0 [6243] Date/Time: 2011-05-31 15:24:33.596 -0400 OS Version: Mac OS X 10.6.7 (10J4138) Report Version: 6 Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000bbadbeef Crashed Thread: 0 Dispatch queue: com.apple.main-thread Thread 0 Crashed: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x0000000101dda72b WebCore::SVGSMILElement::progress(WebCore::SMILTime, WebCore::SVGSMILElement*) + 503 (SVGSMILElement.cpp:890) 1 com.apple.WebCore 0x0000000101ceb03a WebCore::SMILTimeContainer::updateAnimations(WebCore::SMILTime) + 1222 (SMILTimeContainer.cpp:290) 2 com.apple.WebCore 0x0000000101ceb3a5 WebCore::SMILTimeContainer::sampleAnimationAtTime(WTF::String const&, double) + 233 (SMILTimeContainer.cpp:223) 3 com.apple.WebCore 0x0000000101d502b8 WebCore::SVGDocumentExtensions::sampleAnimationAtTime(WTF::String const&, WebCore::SVGSMILElement*, double) + 164 (SVGDocumentExtensions.cpp:135) 4 com.apple.WebKit 0x0000000100a79fb0 -[WebFrame(WebPrivate) _pauseSVGAnimation:onSMILNode:atTime:] + 240 (WebFrame.mm:1027) 5 DumpRenderTree 0x000000010002befc LayoutTestController::sampleSVGAnimationForElementAtTime(OpaqueJSString*, double, OpaqueJSString*) + 210 (LayoutTestControllerMac.mm:795) 6 DumpRenderTree 0x000000010001fc65 sampleSVGAnimationForElementAtTimeCallback(OpaqueJSContext const*, OpaqueJSValue*, OpaqueJSValue*, unsigned long, OpaqueJSValue const* const*, OpaqueJSValue const**) + 417 (LayoutTestController.cpp:1908) 7 com.apple.JavaScriptCore 0x00000001002348c9 JSC::JSCallbackFunction::call(JSC::ExecState*) + 301 (JSCallbackFunction.cpp:67) 8 com.apple.JavaScriptCore 0x000000010021ba1e cti_op_call_NotJSFunction + 425 (JITStubs.cpp:2191) 9 com.apple.JavaScriptCore 0x0000000100214a65 jscGeneratedNativeCode + 0 (JITStubs.cpp:951) 10 com.apple.JavaScriptCore 0x00000001001f6849 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 73 (JITCode.h:77) 11 com.apple.JavaScriptCore 0x00000001001f1a05 JSC::Interpreter::executeCall(JSC::ExecState*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1243 (Interpreter.cpp:852) 12 com.apple.JavaScriptCore 0x00000001001872fb JSC::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 167 (CallData.cpp:39) 13 com.apple.WebCore 0x0000000101e74d25 WebCore::JSMainThreadExecState::call(JSC::ExecState*, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 87 (JSMainThreadExecState.h:48) 14 com.apple.WebCore 0x0000000101c81f1e WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) + 418 (ScheduledAction.cpp:110) 15 com.apple.WebCore 0x0000000101c824fc WebCore::ScheduledAction::execute(WebCore::Document*) + 294 (ScheduledAction.cpp:133) 16 com.apple.WebCore 0x0000000101c825d2 WebCore::ScheduledAction::execute(WebCore::ScriptExecutionContext*) + 84 (ScheduledAction.cpp:80) 17 com.apple.WebCore 0x000000010138bf90 WebCore::DOMTimer::fired() + 420 (DOMTimer.cpp:150) 18 com.apple.WebCore 0x0000000101e2661c WebCore::ThreadTimers::sharedTimerFiredInternal() + 204 (ThreadTimers.cpp:115) 19 com.apple.WebCore 0x0000000101e2682f WebCore::ThreadTimers::sharedTimerFired() + 25 (ThreadTimers.cpp:91) 20 com.apple.WebCore 0x0000000101ce1f14 WebCore::timerFired(__CFRunLoopTimer*, void*) + 73 (SharedTimerMac.mm:167) 21 com.apple.CoreFoundation 0x00007fff87dc4be8 __CFRunLoopRun + 6488 22 com.apple.CoreFoundation 0x00007fff87dc2dbf CFRunLoopRunSpecific + 575 23 com.apple.Foundation 0x00007fff82f757c8 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 270 24 DumpRenderTree 0x000000010001154a runTest(std::string const&) + 1880 (DumpRenderTree.mm:1155) 25 DumpRenderTree 0x0000000100011a61 runTestingServerLoop() + 145 (DumpRenderTree.mm:631) 26 DumpRenderTree 0x0000000100011e7b dumpRenderTree(int, char const**) + 309 (DumpRenderTree.mm:683) 27 DumpRenderTree 0x000000010001209d main + 97 (DumpRenderTree.mm:725) 28 DumpRenderTree 0x00000001000014ec start + 52
Created attachment 95464 [details] Crashing test
(In reply to comment #2) > Created an attachment (id=95464) [details] > Crashing test Note that this is a crash in Debug mode only. Cheers, Rob.
Committed r87747: <http://trac.webkit.org/changeset/87747>
Just abused the bug for a quick "fix", reopening to try to track really fixing the problem. Cheers, Rob.
(In reply to comment #5) > Just abused the bug for a quick "fix", reopening to try to track really fixing the problem. > Cheers, > > Rob. I am pretty sure we already have a bug report for this, can't find it. When Matthew initially landed this patch, we found this crash, but he didn't fix it yet :(
This is already tracked under bug 49045 *** This bug has been marked as a duplicate of bug 49045 ***