Bug 190413

Summary:	ASSERT: SMILTimeContainer::begin ASSERT(!m_beginTime) on gamejolt.com
Product:	WebKit	Reporter:	Joseph Pecoraro <joepeck>
Component:	SVG	Assignee:	Nobody <webkit-unassigned>
Status:	RESOLVED DUPLICATE
Severity:	Normal	CC:	cturner, dino, graouts, mitz, sabouhallawa, simon.fraser, webkit-bug-importer, zimmermann
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified
URL:	https://gamejolt.com/games/game-test-life/32149

Joseph Pecoraro

Reported 2018-10-09 15:16:54 PDT

ASSERT: SMILTimeContainer::begin ASSERT(!m_beginTime) on gamejolt.com. I'm on WebKit Debug at r236094. Steps to Reproduce: 1. Load https://gamejolt.com/games/game-test-life/32149 2. Wait a little while => ASSERT

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2018-10-10 00:20:20 PDT

<rdar://problem/45153186>

mitz

Comment 2 2018-11-04 12:16:52 PST

Also seen on <https://online.seterra.com/en/vgp/3015> (maybe it’s the same game engine).

Simon Fraser (smfr)

Comment 3 2018-11-20 18:22:27 PST

We call begin the first time via something like: * frame #0: 0x0000000109843a7b WebCore`WebCore::SMILTimeContainer::begin(this=0x0000000139e11bb0) at SMILTimeContainer.cpp:135 frame #1: 0x00000001097a5bab WebCore`WebCore::SVGSVGElement::insertedIntoAncestor(this=0x000000013cdedc80, insertionType=(connectedToDocument = true, treeScopeChanged = true), parentOfInsertedTree=0x000000012346b138) at SVGSVGElement.cpp:485 frame #2: 0x0000000107efdedc WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x000000013cdedc80, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:48 frame #3: 0x0000000107efdfc4 WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305f70, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:56 frame #4: 0x0000000107efdfc4 WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305ea0, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:56 frame #5: 0x0000000107efdd16 WebCore`WebCore::notifyChildNodeInserted(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305ea0) at ContainerNodeAlgorithms.cpp:103 frame #6: 0x0000000107efb590 WebCore`void WebCore::executeNodeInsertionWithScriptAssertion<WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4>(containerNode=0x000000012346b138, child=0x0000000131305ea0, source=API, replacedAllChildren=No, doNodeInsertion=(anonymous class) @ 0x00007ffeefbfba90)::$_4) at ContainerNode.cpp:197 frame #7: 0x0000000107ef83cb WebCore`WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(this=0x000000012346b138, newChild=0x0000000131305ea0) at ContainerNode.cpp:718 frame #8: 0x0000000107efb488 WebCore`WebCore::ContainerNode::appendChild(this=0x000000012346b138, newChild=0x0000000131305ea0) at ContainerNode.cpp:686 frame #9: 0x00000001080984b4 WebCore`WebCore::Node::appendChild(this=0x000000012346b138, newChild=0x0000000131305ea0) at Node.cpp:494 frame #10: 0x0000000106c450be WebCore`WebCore::jsNodePrototypeFunctionAppendChildBody(state=0x00007ffeefbfbe60, castedThis=0x000000013ccf0b00, throwScope=0x00007ffeefbfbde0) at JSNode.cpp:855 frame #11: 0x0000000106c35898 WebCore`long long WebCore::IDLOperation<WebCore::JSNode>::call<&(state=0x00007ffeefbfbe60, operationName="appendChild")), (WebCore::CastedThisErrorBehavior)0>(JSC::ExecState&, char const*) at JSDOMOperation.h:53 then again at: * frame #0: 0x0000000109843a7b WebCore`WebCore::SMILTimeContainer::begin(this=0x000000012d57e160) at SMILTimeContainer.cpp:135 frame #1: 0x000000010960cb24 WebCore`WebCore::SVGDocumentExtensions::startAnimations(this=0x00000001306c1e38) at SVGDocumentExtensions.cpp:99 frame #2: 0x0000000107f542ba WebCore`WebCore::Document::implicitClose(this={ origin = Unique, url = , inMainFrame = 1, pageCacheState = NotInPageCache }) at Document.cpp:3023 frame #3: 0x00000001087ce82b WebCore`WebCore::FrameLoader::checkCallImplicitClose(this=0x000000011c4242e0) at FrameLoader.cpp:951 frame #4: 0x00000001087ce2a8 WebCore`WebCore::FrameLoader::checkCompleted(this=0x000000011c4242e0) at FrameLoader.cpp:892 frame #5: 0x00000001087cc295 WebCore`WebCore::FrameLoader::finishedParsing(this=0x000000011c4242e0) at FrameLoader.cpp:781 frame #6: 0x0000000107f6df83 WebCore`WebCore::Document::finishedParsing(this={ origin = Unique, url = , inMainFrame = 1, pageCacheState = NotInPageCache }) at Document.cpp:5641 frame #7: 0x00000001099ce316 WebCore`WebCore::XMLDocumentParser::end(this=0x000000012f87c240) at XMLDocumentParser.cpp:205 frame #8: 0x00000001099ce8be WebCore`WebCore::XMLDocumentParser::finish(this=0x000000012f87c240) at XMLDocumentParser.cpp:219 frame #9: 0x00000001087af70e WebCore`WebCore::DocumentWriter::end(this=0x000000012ebd30b8) at DocumentWriter.cpp:284

Charlie Turner

Comment 4 2020-05-11 06:21:13 PDT

*** This bug has been marked as a duplicate of bug 172490 ***

Note You need to log in before you can comment on or make changes to this bug.