Bug 21590 - Crash on SVG path-animation or potentially <use/> related
Summary: Crash on SVG path-animation or potentially <use/> related
Status: RESOLVED DUPLICATE of bug 23586
Alias: None
Product: WebKit
Classification: Unclassified
Component: SVG (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac (Intel) OS X 10.5
: P1 Critical
Assignee: Nobody
URL: http://www.carto.net/neumann/svg/svgf...
Keywords:
Depends on:
Blocks:
 
Reported: 2008-10-14 11:20 PDT by Andreas Neumann
Modified: 2010-01-17 17:24 PST (History)
4 users (show)

See Also:

Attachments
The crash log (25.85 KB, text/plain)
2008-10-14 11:21 PDT, Andreas Neumann 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Neumann 2008-10-14 11:20:51 PDT 
After loading the example, Webkit crashes. The example uses SVG path animation (bézier curves) but also <use/> elements where the animation elements are inherited to the use instances.
Comment 1 Andreas Neumann 2008-10-14 11:21:43 PDT 
Created attachment 24343 [details]
The crash log
Comment 2 Eric Seidel (no email) 2008-10-21 15:35:51 PDT 
Hits this ASSERT:

        ASSERT(element->parentNode()); 

#0	0x03832f81 in WebCore::SVGUseElement::expandSymbolElementsInShadowTree at SVGUseElement.cpp:722
#1	0x038330ae in WebCore::SVGUseElement::expandSymbolElementsInShadowTree at SVGUseElement.cpp:732
#2	0x03835b65 in WebCore::SVGUseElement::buildPendingResource at SVGUseElement.cpp:368
#3	0x03834291 in WebCore::SVGUseElement::recalcStyle at SVGUseElement.cpp:173
#4	0x033f3ef2 in WebCore::Element::recalcStyle at Element.cpp:756
#5	0x033f3ef2 in WebCore::Element::recalcStyle at Element.cpp:756
#6	0x033adf53 in WebCore::Document::recalcStyle at Document.cpp:1166
#7	0x033a1c0b in WebCore::Document::updateRendering at Document.cpp:1189
#8	0x0339e970 in WebCore::Document::updateDocumentsRendering at Document.cpp:1207
#9	0x03987da6 in WebCore::SMILTimeContainer::updateAnimations at SMILTimeContainer.cpp:279
#10	0x03987f66 in WebCore::SMILTimeContainer::begin at SMILTimeContainer.cpp:102
#11	0x037addf1 in WebCore::SVGDocumentExtensions::startAnimations at SVGDocumentExtensions.cpp:71
#12	0x033ad63c in WebCore::Document::implicitClose at Document.cpp:1638
#13	0x03448c64 in WebCore::FrameLoader::checkCallImplicitClose at FrameLoader.cpp:1353
#14	0x03454c15 in WebCore::FrameLoader::checkCompleted at FrameLoader.cpp:1305
#15	0x03455d9d in WebCore::FrameLoader::loadDone at FrameLoader.cpp:1272
#16	0x033994c2 in WebCore::DocLoader::setLoadInProgress at DocLoader.cpp:262
#17	0x038d9b9a in WebCore::Loader::Host::didFinishLoading at loader.cpp:306
#18	0x03858aff in WebCore::SubresourceLoader::didFinishLoading at SubresourceLoader.cpp:194
#19	0x037817f6 in WebCore::ResourceLoader::didFinishLoading at ResourceLoader.cpp:398
#20	0x0377f30a in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] at ResourceHandleMac.mm:560
#21	0x9120a097 in -[NSURLConnection(NSURLConnectionReallyInternal) sendDidFinishLoading]
#22	0x9120a003 in _NSURLConnectionDidFinishLoading
#23	0x934cf209 in sendDidFinishLoadingCallback
#24	0x934cc180 in _CFURLConnectionSendCallbacks
#25	0x934cba25 in muxerSourcePerform
#26	0x9619b615 in CFRunLoopRunSpecific
#27	0x9619bcf8 in CFRunLoopRunInMode
#28	0x93c61480 in RunCurrentEventLoopInMode
#29	0x93c61299 in ReceiveNextEventCommon
#30	0x93c6110d in BlockUntilNextEventMatchingListInMode
#31	0x9277d3ed in _DPSNextEvent
#32	0x9277cca0 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:]
#33	0x000086be in ??
#34	0x92775cdb in -[NSApplication run]
#35	0x92742f14 in NSApplicationMain
#36	0x000ba4d6 in ??
Comment 3 Eric Seidel (no email) 2008-10-21 15:37:40 PDT 
I wonder if this is related to bug 19432 or bug 21004
Comment 4 Eric Seidel (no email) 2009-10-06 12:05:01 PDT 
We seem to have a bunch of crashes in this same use code.  I expect they all share one root cause.
Comment 5 Rahul Kuchhal 2009-10-22 14:49:47 PDT 
Duplicate of 23586?
Comment 6 Nikolas Zimmermann 2010-01-17 17:24:05 PST 

*** This bug has been marked as a duplicate of bug 23586 ***