Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: c7e77855c8282fc00733d11c7c2ec27eba959950
https://github.com/WebKit/WebKit/commit/c7e77855c8282fc00733d11c7c2ec27eba959950
Author: Claudio Saavedra <[email protected]>
Date: 2026-04-28 (Tue, 28 Apr 2026)
Changed paths:
A
LayoutTests/animations/animation-apply-pending-animation-crash-expected.txt
A LayoutTests/animations/animation-apply-pending-animation-crash.html
M Source/WebCore/animation/KeyframeEffect.cpp
Log Message:
-----------
[WebKit][Main+SU] [73e157cc9e45c104] ASAN_SEGV |
WebCore::WebAnimation::currentTime;
WebCore::KeyframeEffect::applyPendingAcceleratedActions;
WebCore::KeyframeEffect::applyPendingAcceleratedActions
https://bugs.webkit.org/show_bug.cgi?id=306595
rdar://168488307
Reviewed by Antoine Quint.
KeyframeEffect::applyPendingAcceleratedActions() can be called from an
asynchronous micro task scheduled from KeyframeEffect::wasRemovedFromStack()
and, while that method keeps a reference to the effect's animation, the lambda
doesn't, so it's possible for the weak pointer that tracks it to become nullptr
before it gets called. It's safer to check if there's still an animation
before applying anything.
Test: animations/animation-apply-pending-animation-crash.html
* LayoutTests/animations/animation-apply-pending-animation-crash-expected.txt:
Added.
* LayoutTests/animations/animation-apply-pending-animation-crash.html: Added.
* Source/WebCore/animation/KeyframeEffect.cpp:
(WebCore::KeyframeEffect::applyPendingAcceleratedActions):
Originally-landed-as: [email protected] (2e52d07ce2b7).
rdar://174957251
Canonical link: https://commits.webkit.org/312237@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
