2007-01-31 18:23:47 Stephanie Lewis: Crashes while running the pixel tests fairly often. http://buildbotsafari.apple.com:8010/post-commit-leak-tests-powerpc-mac-os-x/builds/1348/step-pixel-layout-test/0 ASSERTION FAILED: m_type == toSVGTransform.type() (/Volumes/Big/slave/post-commit-leak-tests-powerpc-mac-os-x/build/OpenSource/WebCore/ksvg2/svg/SVGTransformDistance.cpp:55 WebCore::SVGTransformDistance::SVGTransformDistance(const WebCore::SVGTransform&, const WebCore::SVGTransform&)) Segmentation fault LEAK: 223 Node LEAK: 39 RenderObject LEAK: 3 Frame LEAK: 465 KJS::Node svg/W3C-SVG-1.1/animate-elem-39-t.svg -> failed Thread 0 Crashed: 0 com.apple.WebCore 0x029571c4 WebCore::SVGTransformDistance::SVGTransformDistance[in-charge](WebCore::SVGTransform const&, WebCore::SVGTransform const&) + 236 (SVGTransformDistance.cpp:55) 1 com.apple.WebCore 0x02457934 WebCore::SVGAnimateTransformElement::updateAnimatedValue(WebCore::EAnimationMode, float, unsigned, float) + 252 (SVGAnimateTransformElement.cpp:82) 2 com.apple.WebCore 0x0245bbfc WebCore::SVGAnimationElement::handleTimerEvent(double, double) + 300 (SVGAnimationElement.cpp:730) 3 com.apple.WebCore 0x0245be34 WebCore::SVGAnimationElement::updateAnimatedValueForElapsedSeconds(double) + 364 (SVGAnimationElement.cpp:760) 4 com.apple.WebCore 0x0294aa00 WebCore::SVGTimer::applyAnimations(double, WTF::HashMap<WebCore::SVGElement*, WTF::Vector<WebCore::SVGAnimationElement*, (unsigned long)0>, WTF::PtrHash<WebCore::SVGElement*>, WTF::HashTraits<WebCore::SVGElement*>, WTF::HashTraits<WTF::Vector<WebCore::SVGAnimationElement*, (unsigned long)0> > > const&) + 244 (SVGTimer.cpp:112) 5 com.apple.WebCore 0x0294afdc WebCore::SVGTimer::notifyAll() + 140 (SVGTimer.cpp:137) 6 com.apple.WebCore 0x0245488c WebCore::TimeScheduler::timerFired(WebCore::Timer<WebCore::TimeScheduler>*) + 84 (TimeScheduler.cpp:115) 7 com.apple.WebCore 0x02c6e5d4 WebCore::Timer<WebCore::TimeScheduler>::fired() + 152 (Timer.h:96) 8 com.apple.WebCore 0x0269e698 WebCore::TimerBase::fireTimers(double, WTF::Vector<WebCore::TimerBase*, (unsigned long)0> const&) + 236 (Timer.cpp:322) 9 com.apple.WebCore 0x0269e764 WebCore::TimerBase::sharedTimerFired() + 132 (Timer.cpp:355) 10 com.apple.WebCore 0x0269db10 WebCore::timerFired(__CFRunLoopTimer*, void*) + 60 (SharedTimerMac.cpp:47) 11 com.apple.CoreFoundation 0x907f0550 __CFRunLoopDoTimer + 184 12 com.apple.CoreFoundation 0x907dcec8 __CFRunLoopRun + 1680 13 com.apple.CoreFoundation 0x907dc47c CFRunLoopRunSpecific + 268 14 com.apple.Foundation 0x9296e164 -[NSRunLoop runMode:beforeDate:] + 172 15 DumpRenderTree 0x0000d4bc runTest + 1492 (DumpRenderTree.m:1209) 16 DumpRenderTree 0x00007f48 dumpRenderTree + 4144 (DumpRenderTree.m:412) 17 DumpRenderTree 0x000082b0 main + 120 (DumpRenderTree.m:464) 18 DumpRenderTree 0x00002564 _start + 340 (crt.c:272) 19 DumpRenderTree 0x0000240c start + 60 <rdar://problem/4968303>
It's very odd that this would just start happening now.
This no longer occurs after fixing bug 12620. However, the "bug" still exists. It's possible to provide a bad values array which would hit this. For example: <animateTransform type='rotate' value=';10' /> is likely to hit this ASSERT.
I thought animation was turned off these days? This shouldn't be a P1 if that's the case.
It's not possible to reach this crash on TOT since SVG animation is disabled via ifdef. Downgrading to p2.
Animation is back on, this goes back to P1.
We've never seen those anymore in the past months. Closing.