Bug 16463

Summary: http://www.croczilla.com/svg/samples/invaders/invaders.svg crashes webkit-gtk
Product: WebKit Reporter: Shreyas Srinivasan <shres>
Component: SVGAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WORKSFORME    
Severity: Normal CC: alp, webkit
Priority: P2 Keywords: Cairo, Gtk, PlatformOnly
Version: 528+ (Nightly build)   
Hardware: PC   
OS: Linux   

Shreyas Srinivasan
Reported 2007-12-16 07:32:35 PST
Stack trace: Thread 1 (Thread -1259460928 (LWP 16337)): #0 0xb6b1c9f6 in WebCore::SVGUseElement::associateInstancesWithShadowTreeElements (this=0x826c638, target=0x826d000, targetInstance=0x826cb20) at ../../../WebCore/svg/SVGUseElement.cpp:697 #1 0xb6b1dd0f in WebCore::SVGUseElement::buildPendingResource (this=0x826c638) at ../../../WebCore/svg/SVGUseElement.cpp:330 #2 0xb6b1e32d in WebCore::SVGUseElement::insertedIntoDocument (this=0x826c638) at ../../../WebCore/svg/SVGUseElement.cpp:125 #3 0xb668898e in WebCore::ContainerNode::addChild (this=0x8212a50, newChild=@0xbfb7265c) at ../../../WebCore/dom/ContainerNode.cpp:577 #4 0xb66f0d22 in WebCore::XMLTokenizer::startElementNs (this=0x80bf2e8, xmlLocalName=0x80b9126 "use", xmlPrefix=0x0, xmlURI=0x80b9043 "http://www.w3.org/2000/svg", nb_namespaces=0, libxmlNamespaces=0x0, nb_attributes=4, nb_defaulted=0, libxmlAttributes=0x8212898) at ../../../WebCore/dom/XMLTokenizer.cpp:781 #5 0xb66f0fbc in startElementNsHandler (closure=0x8208668, localname=0x80b9126 "use", prefix=0x0, uri=0x80b9043 "http://www.w3.org/2000/svg", nb_namespaces=0, namespaces=0x0, nb_attributes=4, nb_defaulted=0, libxmlAttributes=0x8212898) at ../../../WebCore/dom/XMLTokenizer.cpp:1025 #6 0xb5178d6a in ?? () from /usr/lib/libxml2.so.2 #7 0x08208668 in ?? () #8 0x080b9126 in ?? () #9 0x00000000 in ?? ()
Attachments
Add attachment proposed patch, testcase, etc.
Eric Seidel (no email)
Comment 1 2007-12-16 10:24:59 PST
Strange, none of that looks like Gtk-specific code. A reduction would be most helpful.
Eric Seidel (no email)
Comment 2 2007-12-16 10:26:10 PST
Oh, I should also note that inaders.svg does not crash the Mac build. I have not tried loading it under libguardmalloc, but I expect it's OK. bug 15352 is the only bug I've seen in invaders.svg.
Eric Seidel (no email)
Comment 3 2007-12-27 01:39:45 PST
Perhaps Alp can confirm this.
Robert Blaut
Comment 4 2008-03-16 11:55:06 PDT
(In reply to comment #3) > Perhaps Alp can confirm this. > Alp, are you able to reproduce the problem?
Alp Toker
Comment 5 2008-03-16 14:49:37 PDT
(In reply to comment #4) > (In reply to comment #3) > > Perhaps Alp can confirm this. > > > > Alp, are you able to reproduce the problem? > I can't reproduce this. Invaders rendering is a bit glitchy but it doesn't crash. Can anyone still repro it?
Marco Barisione
Comment 6 2008-06-20 04:18:46 PDT
I'm not able to reproduce it, I suggest to close the bug.
Robert Blaut
Comment 7 2008-06-20 12:48:28 PDT
Per comment #5 and comment #6 resolved as worksforme.
Note You need to log in before you can comment on or make changes to this bug.