RESOLVED FIXED 12904
REGRESSION: Failed assertion when trying to start iExploder 
https://bugs.webkit.org/show_bug.cgi?id=12904
Summary REGRESSION: Failed assertion when trying to start iExploder
Adam Roben (:aroben)
Reported 2007-02-26 22:54:11 PST
We are failing an assertion when starting iExploder. Steps: 1. Go to http://toadstool.se/software/iexploder/ 2. Click "Start test sequence from the beginning!" 3. ASSERT Here's the backtrace: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0xbbadbeef 0x0112e506 in WebCore::RenderBlock::layoutBlock (this=0x1722989c, relayoutChildren=false) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/rendering/RenderBlock.cpp:455 455 ASSERT(minMaxKnown()); (gdb) bt #0 0x0112e506 in WebCore::RenderBlock::layoutBlock (this=0x1722989c, relayoutChildren=false) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/rendering/RenderBlock.cpp:455 #1 0x0111fc0c in WebCore::RenderBlock::layout (this=0x1722989c) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/rendering/RenderBlock.cpp:440 #2 0x01139215 in WebCore::RenderView::layout (this=0x1722989c) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/rendering/RenderView.cpp:105 #3 0x010bb849 in WebCore::FrameView::layout (this=0x172591a0, allowSubtree=true) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/page/FrameView.cpp:425 #4 0x010c2e51 in WebCore::Document::implicitClose (this=0x218dc00) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/dom/Document.cpp:1398 #5 0x013661d7 in WebCore::FrameLoader::checkEmitLoadEvent (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:1092 #6 0x0136fa6f in WebCore::FrameLoader::checkCompleted (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:1060 #7 0x013709d2 in WebCore::FrameLoader::finishedParsing (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:1017 #8 0x010beabc in WebCore::Document::finishedParsing (this=0x218dc00) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/dom/Document.cpp:3365 #9 0x01256f9c in WebCore::TextTokenizer::finish (this=0x1722af70) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/TextDocument.cpp:142 #10 0x010bd3c8 in WebCore::Document::finishParsing (this=0x218dc00) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/dom/Document.cpp:1501 #11 0x0137207e in WebCore::FrameLoader::endIfNotLoading (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:915 #12 0x013720bf in WebCore::FrameLoader::end (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:899 #13 0x01374ef9 in WebCore::DocumentLoader::finishedLoading (this=0x2172200) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/DocumentLoader.cpp:304 #14 0x0136cd0c in WebCore::FrameLoader::finishedLoading (this=0x2015800) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/FrameLoader.cpp:2456 #15 0x01376bdd in WebCore::MainResourceLoader::didFinishLoading (this=0x2177a00) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/MainResourceLoader.cpp:302 #16 0x01378380 in WebCore::ResourceLoader::didFinishLoading (this=0x2177a00) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/loader/ResourceLoader.cpp:323 #17 0x01357ef5 in -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] (self=0x172587a0, _cmd=0x90a9d160, con=0x172587b0) at /Volumes/Data/Users/adamroben/dev/WebKit/OpenSource/WebCore/platform/network/mac/ResourceHandleMac.mm:369 #18 0x9265be00 in -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] () #19 0x92659ea5 in -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] () #20 0x92659b41 in _sendCallbacks () #21 0x90829379 in CFRunLoopRunSpecific () #22 0x90828eb5 in CFRunLoopRunInMode () #23 0x92dcdb90 in RunCurrentEventLoopInMode () #24 0x92dcd297 in ReceiveNextEventCommon () #25 0x92dcd0ee in BlockUntilNextEventMatchingListInMode () #26 0x9326f465 in _DPSNextEvent () #27 0x9326f056 in -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] () #28 0x00026641 in -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] (self=0x2921f70, _cmd=0x90ab4b5c, mask=4294967295, expiration=0x294ede0, mode=0xa080b448, dequeue=1 '\001') at /Volumes/Data/Users/adamroben/dev/WebKit/Internal/WebBrowser/BrowserApplication.m:161 #29 0x93268ddb in -[NSApplication run] () #30 0x9325cd2f in NSApplicationMain () #31 0x000bdb6b in main (argc=1, argv=0xbffff4ec) at /Volumes/Data/Users/adamroben/dev/WebKit/Internal/WebBrowser/main.m:26 Current language: auto; currently c++
Attachments
Band-aid fix (384 bytes, patch)
2007-02-27 03:32 PST, Dave Hyatt 		mitz: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
mitz
Comment 1 2007-02-27 00:38:08 PST
Reduction: open <data:text/plain,>.
Dave Hyatt
Comment 2 2007-02-27 03:30:44 PST
So I have a simple patch for this, but Mitz's reduction reveals what is IMHO a bug in the TextDocument/TextTokenizer code. A plaintext document with no text should still make all of the scaffolding necessary to display text, i.e., a root element at the very least. Right now there's a blank RenderView with no kids and so nobody ever dirties the RenderView for min max recalc. A band-aid patch is to just throw setMinMaxKnown(false) into RenderView's constructor. I also think text documents should not be allowed to be empty though. Mitz, is an empty text document what is occurring on iExploder?
Dave Hyatt
Comment 3 2007-02-27 03:32:48 PST
Created attachment 13392 [details] Band-aid fix
mitz
Comment 4 2007-02-27 04:27:04 PST
Comment on attachment 13392 [details] Band-aid fix (In reply to comment #2) > Mitz, is an empty text document what is occurring on iExploder? Yeah, it is currently returning a 500 error page with empty text content. r=me
Dave Hyatt
Comment 5 2007-02-27 12:03:11 PST
Fixed
Note You need to log in before you can comment on or make changes to this bug.