[Webkit-unassigned] [Bug 190413] ASSERT: SMILTimeContainer::begin ASSERT(!m_beginTime) on gamejolt.com

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Nov 20 18:22:27 PST 2018 

https://bugs.webkit.org/show_bug.cgi?id=190413

--- Comment #3 from Simon Fraser (smfr) <simon.fraser at apple.com> ---
We call begin the first time via something like:

  * frame #0: 0x0000000109843a7b WebCore`WebCore::SMILTimeContainer::begin(this=0x0000000139e11bb0) at SMILTimeContainer.cpp:135
    frame #1: 0x00000001097a5bab WebCore`WebCore::SVGSVGElement::insertedIntoAncestor(this=0x000000013cdedc80, insertionType=(connectedToDocument = true, treeScopeChanged = true), parentOfInsertedTree=0x000000012346b138) at SVGSVGElement.cpp:485
    frame #2: 0x0000000107efdedc WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x000000013cdedc80, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:48
    frame #3: 0x0000000107efdfc4 WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305f70, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:56
    frame #4: 0x0000000107efdfc4 WebCore`WebCore::notifyNodeInsertedIntoDocument(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305ea0, treeScopeChange=Changed, postInsertionNotificationTargets={ size = 0, capacity = 11 }) at ContainerNodeAlgorithms.cpp:56
    frame #5: 0x0000000107efdd16 WebCore`WebCore::notifyChildNodeInserted(parentOfInsertedTree=0x000000012346b138, node=0x0000000131305ea0) at ContainerNodeAlgorithms.cpp:103
    frame #6: 0x0000000107efb590 WebCore`void WebCore::executeNodeInsertionWithScriptAssertion<WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(WebCore::Node&)::$_4>(containerNode=0x000000012346b138, child=0x0000000131305ea0, source=API, replacedAllChildren=No, doNodeInsertion=(anonymous class) @ 0x00007ffeefbfba90)::$_4) at ContainerNode.cpp:197
    frame #7: 0x0000000107ef83cb WebCore`WebCore::ContainerNode::appendChildWithoutPreInsertionValidityCheck(this=0x000000012346b138, newChild=0x0000000131305ea0) at ContainerNode.cpp:718
    frame #8: 0x0000000107efb488 WebCore`WebCore::ContainerNode::appendChild(this=0x000000012346b138, newChild=0x0000000131305ea0) at ContainerNode.cpp:686
    frame #9: 0x00000001080984b4 WebCore`WebCore::Node::appendChild(this=0x000000012346b138, newChild=0x0000000131305ea0) at Node.cpp:494
    frame #10: 0x0000000106c450be WebCore`WebCore::jsNodePrototypeFunctionAppendChildBody(state=0x00007ffeefbfbe60, castedThis=0x000000013ccf0b00, throwScope=0x00007ffeefbfbde0) at JSNode.cpp:855
    frame #11: 0x0000000106c35898 WebCore`long long WebCore::IDLOperation<WebCore::JSNode>::call<&(state=0x00007ffeefbfbe60, operationName="appendChild")), (WebCore::CastedThisErrorBehavior)0>(JSC::ExecState&, char const*) at JSDOMOperation.h:53

then again at:

  * frame #0: 0x0000000109843a7b WebCore`WebCore::SMILTimeContainer::begin(this=0x000000012d57e160) at SMILTimeContainer.cpp:135
    frame #1: 0x000000010960cb24 WebCore`WebCore::SVGDocumentExtensions::startAnimations(this=0x00000001306c1e38) at SVGDocumentExtensions.cpp:99
    frame #2: 0x0000000107f542ba WebCore`WebCore::Document::implicitClose(this={ origin = Unique, url = , inMainFrame = 1, pageCacheState = NotInPageCache }) at Document.cpp:3023
    frame #3: 0x00000001087ce82b WebCore`WebCore::FrameLoader::checkCallImplicitClose(this=0x000000011c4242e0) at FrameLoader.cpp:951
    frame #4: 0x00000001087ce2a8 WebCore`WebCore::FrameLoader::checkCompleted(this=0x000000011c4242e0) at FrameLoader.cpp:892
    frame #5: 0x00000001087cc295 WebCore`WebCore::FrameLoader::finishedParsing(this=0x000000011c4242e0) at FrameLoader.cpp:781
    frame #6: 0x0000000107f6df83 WebCore`WebCore::Document::finishedParsing(this={ origin = Unique, url = , inMainFrame = 1, pageCacheState = NotInPageCache }) at Document.cpp:5641
    frame #7: 0x00000001099ce316 WebCore`WebCore::XMLDocumentParser::end(this=0x000000012f87c240) at XMLDocumentParser.cpp:205
    frame #8: 0x00000001099ce8be WebCore`WebCore::XMLDocumentParser::finish(this=0x000000012f87c240) at XMLDocumentParser.cpp:219
    frame #9: 0x00000001087af70e WebCore`WebCore::DocumentWriter::end(this=0x000000012ebd30b8) at DocumentWriter.cpp:284

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20181121/fd80990e/attachment-0001.html>

More information about the webkit-unassigned mailing list