[Webkit-unassigned] [Bug 132557] SVG animation stops running.

Mon May 12 10:40:15 PDT 2014

https://bugs.webkit.org/show_bug.cgi?id=132557

--- Comment #4 from Dirk Schulze <krit at webkit.org>  2014-05-12 10:40:38 PST ---
(In reply to comment #3)
> What happens here is the SVGAnimatedLength is garbage collected, which in turn cause the SVGLength to be detached from the SVGElement:
> 
>   * frame #0: 0x0000000109ed92e9 WebCore`WebCore::SVGAnimatedPropertyTearOff<WebCore::SVGLength>::~SVGAnimatedPropertyTearOff() [inlined] WebCore::SVGAnimatedPropertyTearOff<WebCore::SVGLength>::~SVGAnimatedPropertyTearOff(this=0x000000010dda80c0) at SVGAnimatedPropertyTearOff.h:35
>     frame #1: 0x0000000109ed92e9 WebCore`WebCore::SVGAnimatedPropertyTearOff<WebCore::SVGLength>::~SVGAnimatedPropertyTearOff() [inlined] WebCore::SVGAnimatedPropertyTearOff<WebCore::SVGLength>::~SVGAnimatedPropertyTearOff(this=0x000000010dda80c0, p=<unavailable>) at SVGAnimatedPropertyTearOff.h:35
>     frame #2: 0x0000000109ed92e9 WebCore`WebCore::SVGAnimatedPropertyTearOff<WebCore::SVGLength>::~SVGAnimatedPropertyTearOff(this=0x000000010dda80c0) + 9 at SVGAnimatedPropertyTearOff.h:35
>     frame #3: 0x0000000109ecb9f5 WebCore`WebCore::JSSVGAnimatedLengthOwner::finalize(JSC::Handle<JSC::Unknown>, void*) [inlined] WTF::RefCounted<WebCore::SVGAnimatedProperty>::deref(this=<unavailable>) + 213 at RefCounted.h:146
>     frame #4: 0x0000000109ecb9e1 WebCore`WebCore::JSSVGAnimatedLengthOwner::finalize(JSC::Handle<JSC::Unknown>, void*) [inlined] WebCore::JSSVGAnimatedLength::releaseImpl() + 11 at JSSVGAnimatedLength.h:56
>     frame #5: 0x0000000109ecb9d6 WebCore`WebCore::JSSVGAnimatedLengthOwner::finalize(this=<unavailable>, context=<unavailable>, handle=<unavailable>) + 182 at JSSVGAnimatedLength.cpp:185
>     frame #6: 0x000000010bf98408 JavaScriptCore`JSC::WeakBlock::sweep() [inlined] JSC::WeakBlock::finalize(JSC::WeakImpl*) + 104 at WeakSetInlines.h:52
>     frame #7: 0x000000010bf983e2 JavaScriptCore`JSC::WeakBlock::sweep(this=0x000000010cdd5000) + 66 at WeakBlock.cpp:76
>     frame #8: 0x000000010bf9a088 JavaScriptCore`JSC::WeakSet::sweep(this=0x000000010ca60448) + 40 at WeakSet.cpp:48
>     frame #9: 0x000000010bea0de9 JavaScriptCore`JSC::MarkedBlock::sweep(this=0x000000010ca60000, sweepMode=SweepOnly) + 25 at MarkedBlock.cpp:109
>     frame #10: 0x000000010bd57769 JavaScriptCore`JSC::IncrementalSweeper::doSweep(double) [inlined] JSC::IncrementalSweeper::sweepNextBlock(this=0x00007fe42060f2d0) + 52 at IncrementalSweeper.cpp:100
>     frame #11: 0x000000010bd57735 JavaScriptCore`JSC::IncrementalSweeper::doSweep(this=0x00007fe42060f2d0, sweepBeginTime=4826.326385675) + 101 at IncrementalSweeper.cpp:78
>     frame #12: 0x000000010bd56b6a JavaScriptCore`JSC::HeapTimer::timerDidFire(timer=<unavailable>, context=0x00000001077e6bd0) + 170 at HeapTimer.cpp:99
> 
> It is not a bug in the Garbage Collector but in the relation between SVGAnimatedProperty and SVGLength. SVGAnimatedProperty needs to be kept alive as long as there is a live wrapper for SVGLength.
> 
> Dirk, any opinion? Do you want to take the bug?

I am absolutely not familiar with the code (partly: anymore). I personally would rather not like to hack in this code base. Instead I would like to disable the animation syntonization code. But not sure if that is still possible or if people rely on it. I certainly hope no one uses animVal and we can remove SVGAnimatedPropertyTearOff

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.