[Webkit-unassigned] [Bug 113224] New: ASSERT_NOT_REACHED() touched in WebCore::SVGAnimatedStringAnimator::addAnimatedTypes

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 25 10:59:19 PDT 2013 

https://bugs.webkit.org/show_bug.cgi?id=113224

           Summary: ASSERT_NOT_REACHED() touched in
                    WebCore::SVGAnimatedStringAnimator::addAnimatedTypes
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: SVG
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: reni at webkit.org
                CC: zimmermann at kde.org, pdr at google.com,
                    fmalita at chromium.org


The test what caused the problem is:

<svg xmlns="http://www.w3.org/2000/svg">
    <animate attributeName="fill-rule" from="500,500" by="100, 100"></animate>
</svg>


(It's a minimalized version, what still crashes but doesn't show anything.)


BACKTRACE:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff4c1cd56 in WebCore::SVGAnimatedStringAnimator::addAnimatedTypes (this=0x94bab0) at /home/reni/WebKit-git/Source/WebCore/svg/SVGAnimatedString.cpp:68
68        ASSERT_NOT_REACHED();
(gdb) 
(gdb) bt   
#0  0x00007ffff4c1cd56 in WebCore::SVGAnimatedStringAnimator::addAnimatedTypes (this=0x94bab0) at /home/reni/WebKit-git/Source/WebCore/svg/SVGAnimatedString.cpp:68
#1  0x00007ffff4c24a25 in WebCore::SVGAnimatedTypeAnimator::calculateFromAndByValues (this=0x94bab0, from=..., to=..., fromString=..., byString=...)
    at /home/reni/WebKit-git/Source/WebCore/svg/SVGAnimatedTypeAnimator.h:75
#2  0x00007ffff4c2682b in WebCore::SVGAnimateElement::calculateFromAndByValues (this=0x94c2b0, fromString=..., byString=...)
    at /home/reni/WebKit-git/Source/WebCore/svg/SVGAnimateElement.cpp:176
#3  0x00007ffff4c2f29b in WebCore::SVGAnimationElement::startedActiveInterval (this=0x94c2b0) at /home/reni/WebKit-git/Source/WebCore/svg/SVGAnimationElement.cpp:587
#4  0x00007ffff4bd4a90 in WebCore::SVGSMILElement::progress (this=0x94c2b0, elapsed=..., resultElement=0x94c2b0, seekToTime=false)
    at /home/reni/WebKit-git/Source/WebCore/svg/animation/SVGSMILElement.cpp:1106
#5  0x00007ffff4bca9d8 in WebCore::SMILTimeContainer::updateAnimations (this=0x948d60, elapsed=..., seekToTime=false)
    at /home/reni/WebKit-git/Source/WebCore/svg/animation/SMILTimeContainer.cpp:296
#6  0x00007ffff4bc9e8d in WebCore::SMILTimeContainer::begin (this=0x948d60) at /home/reni/WebKit-git/Source/WebCore/svg/animation/SMILTimeContainer.cpp:142
#7  0x00007ffff4beef58 in WebCore::SVGDocumentExtensions::startAnimations (this=0x94b070) at /home/reni/WebKit-git/Source/WebCore/svg/SVGDocumentExtensions.cpp:102
#8  0x00007ffff40c5bb5 in WebCore::Document::implicitClose (this=0x9433c0) at /home/reni/WebKit-git/Source/WebCore/dom/Document.cpp:2532
#9  0x00007ffff453ea6d in WebCore::FrameLoader::checkCallImplicitClose (this=0x7012a8) at /home/reni/WebKit-git/Source/WebCore/loader/FrameLoader.cpp:837
#10 0x00007ffff453e801 in WebCore::FrameLoader::checkCompleted (this=0x7012a8) at /home/reni/WebKit-git/Source/WebCore/loader/FrameLoader.cpp:780
#11 0x00007ffff453e566 in WebCore::FrameLoader::finishedParsing (this=0x7012a8) at /home/reni/WebKit-git/Source/WebCore/loader/FrameLoader.cpp:713
#12 0x00007ffff40ccd1f in WebCore::Document::finishedParsing (this=0x9433c0) at /home/reni/WebKit-git/Source/WebCore/dom/Document.cpp:4493
#13 0x00007ffff4a1f34f in WebCore::XMLDocumentParser::end (this=0x7075d0) at /home/reni/WebKit-git/Source/WebCore/xml/parser/XMLDocumentParser.cpp:217
#14 0x00007ffff4a1f38c in WebCore::XMLDocumentParser::finish (this=0x7075d0) at /home/reni/WebKit-git/Source/WebCore/xml/parser/XMLDocumentParser.cpp:229
#15 0x00007ffff45362fe in WebCore::DocumentWriter::end (this=0x678f20) at /home/reni/WebKit-git/Source/WebCore/loader/DocumentWriter.cpp:248
#16 0x00007ffff4523bf4 in WebCore::DocumentLoader::finishedLoading (this=0x678e80, finishTime=0) at /home/reni/WebKit-git/Source/WebCore/loader/DocumentLoader.cpp:402
#17 0x00007ffff4523950 in WebCore::DocumentLoader::notifyFinished (this=0x678e80, resource=0x745240)
    at /home/reni/WebKit-git/Source/WebCore/loader/DocumentLoader.cpp:341
#18 0x00007ffff4503ec2 in WebCore::CachedResource::checkNotify (this=0x745240) at /home/reni/WebKit-git/Source/WebCore/loader/cache/CachedResource.cpp:379
#19 0x00007ffff4503f20 in WebCore::CachedResource::data (this=0x745240, allDataReceived=true)
    at /home/reni/WebKit-git/Source/WebCore/loader/cache/CachedResource.cpp:388

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list