Bug 17506 - REGRESSION (r30535): ASSERTION FAILED: i < size()
Summary: REGRESSION (r30535): ASSERTION FAILED: i < size()
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: 528+ (Nightly build)
Hardware: Mac OS X 10.5
: P1 Normal
Assignee: Darin Adler
URL: https://studentmail.jjc.edu/exchange/
Keywords: Regression
Depends on:
Blocks:
 
Reported: 2008-02-23 22:35 PST by Matt Lilek
Modified: 2008-02-23 23:30 PST (History)
1 user (show)

See Also:

Attachments
patch (1.08 KB, patch)
2008-02-23 23:16 PST, Darin Adler 		andersca: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Lilek 2008-02-23 22:35:25 PST 
Just loading the URL hits the following ASSERT:

ASSERTION FAILED: i < size()
(/Users/matt/Code/WebKit/WebKitBuild/Debug/JavaScriptCore.framework/PrivateHeaders/Vector.h:429 T& WTF::Vector<T, inlineCapacity>::at(size_t) [with T = char, long unsigned int inlineCapacity = 64ul])

Thread 0 Crashed:
0   com.apple.WebCore             	0x020a5b4d WTF::Vector<char, 64ul>::at(unsigned long) + 81 (Vector.h:429)
1   com.apple.WebCore             	0x020a5b88 WTF::Vector<char, 64ul>::operator[](unsigned long) + 24 (Vector.h:438)
2   com.apple.WebCore             	0x020a49b4 WebCore::findTextEncoding(char const*, int) + 82 (TextResourceDecoder.cpp:87)
3   com.apple.WebCore             	0x020a523f WebCore::TextResourceDecoder::checkForHeadCharset(char const*, unsigned long, bool&) + 2135 (TextResourceDecoder.cpp:695)
4   com.apple.WebCore             	0x020a57e4 WebCore::TextResourceDecoder::decode(char const*, unsigned long) + 216 (TextResourceDecoder.cpp:750)
5   com.apple.WebCore             	0x01ccdad1 WebCore::FrameLoader::write(char const*, int, bool) + 607 (FrameLoader.cpp:978)
6   com.apple.WebCore             	0x01ccdd62 WebCore::FrameLoader::addData(char const*, int) + 278 (FrameLoader.cpp:1747)
7   com.apple.WebCore             	0x020bc52c -[WebCoreFrameBridge addData:] + 148 (WebCoreFrameBridge.mm:297)
8   com.apple.WebCore             	0x020c13d4 -[WebCoreFrameBridge receivedData:textEncodingName:] + 252 (WebCoreFrameBridge.mm:1233)
9   com.apple.WebKit              	0x001bf6e2 -[WebHTMLRepresentation receivedData:withDataSource:] + 200 (WebHTMLRepresentation.mm:175)
10  com.apple.WebKit              	0x0019c6b0 -[WebDataSource(WebInternal) _receivedData:] + 90 (WebDataSource.mm:198)
11  com.apple.WebKit              	0x001b2c02 WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader*, char const*, int) + 128 (WebFrameLoaderClient.mm:703)
12  com.apple.WebCore             	0x01cc9071 WebCore::FrameLoader::committedLoad(WebCore::DocumentLoader*, char const*, int) + 53 (FrameLoader.cpp:3228)
13  com.apple.WebCore             	0x01c6d619 WebCore::DocumentLoader::commitLoad(char const*, int) + 87 (DocumentLoader.cpp:354)
14  com.apple.WebCore             	0x01c6d838 WebCore::DocumentLoader::receivedData(char const*, int) + 76 (DocumentLoader.cpp:367)
15  com.apple.WebCore             	0x01cc887d WebCore::FrameLoader::receivedData(char const*, int) + 41 (FrameLoader.cpp:2194)
16  com.apple.WebCore             	0x01ea0c0a WebCore::MainResourceLoader::addData(char const*, int, bool) + 80 (MainResourceLoader.cpp:139)
17  com.apple.WebCore             	0x01f965a9 WebCore::ResourceLoader::didReceiveData(char const*, int, long long, bool) + 83 (ResourceLoader.cpp:240)
18  com.apple.WebCore             	0x01ea0f18 WebCore::MainResourceLoader::didReceiveData(char const*, int, long long, bool) + 282 (MainResourceLoader.cpp:299)
19  com.apple.WebCore             	0x01f96180 WebCore::ResourceLoader::didReceiveData(WebCore::ResourceHandle*, char const*, int, int) + 62 (ResourceLoader.cpp:368)
20  com.apple.WebCore             	0x01f93a3d -[WebCoreResourceHandleAsDelegate connection:didReceiveData:lengthReceived:] + 201 (ResourceHandleMac.mm:450)
21  com.apple.Foundation          	0x90dea3b7 -[NSURLConnection(NSURLConnectionReallyInternal) sendDidReceiveData:originalLength:] + 119
22  com.apple.Foundation          	0x90dea31e _NSURLConnectionDidReceiveData + 94
23  com.apple.CFNetwork           	0x92c500af sendDidReceiveDataCallback + 518
24  com.apple.CFNetwork           	0x92c4d76d _CFURLConnectionSendCallbacks + 1559
25  com.apple.CFNetwork           	0x92c4d0d9 muxerSourcePerform + 283
26  com.apple.CoreFoundation      	0x943af62e CFRunLoopRunSpecific + 3166
27  com.apple.CoreFoundation      	0x943afd18 CFRunLoopRunInMode + 88
28  com.apple.HIToolbox           	0x910986a0 RunCurrentEventLoopInMode + 283
29  com.apple.HIToolbox           	0x910984b9 ReceiveNextEventCommon + 374
30  com.apple.HIToolbox           	0x9109832d BlockUntilNextEventMatchingListInMode + 106
31  com.apple.AppKit              	0x917047d9 _DPSNextEvent + 657
32  com.apple.AppKit              	0x9170408e -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
33  com.apple.Safari              	0x0000965e 0x1000 + 34398
34  com.apple.AppKit              	0x916fd0c5 -[NSApplication run] + 795
35  com.apple.AppKit              	0x916ca30a NSApplicationMain + 574
36  com.apple.Safari              	0x00002a76 0x1000 + 6774
Comment 1 Matt Lilek 2008-02-23 22:38:52 PST 
<http://trac.webkit.org/projects/webkit/changeset/30538> more than likely caused this.
Comment 2 Darin Adler 2008-02-23 23:08:02 PST 
What's new in that check-in is the assertion. The code in question isn't new. My guess is that we had code reading off the end of the buffer, but just didn't catch it until now.
Comment 3 Darin Adler 2008-02-23 23:12:32 PST 
I can't access that URL without a username or password, so I can't reproduce this. I'll try to fix it based on the backtrace alone.
Comment 4 Darin Adler 2008-02-23 23:16:54 PST 
Created attachment 19313 [details]
patch
Comment 5 Anders Carlsson 2008-02-23 23:20:33 PST 
Comment on attachment 19313 [details]
patch

r=me
Comment 6 Darin Adler 2008-02-23 23:25:08 PST 
It was actually r30535 that caused this.
Comment 7 Darin Adler 2008-02-23 23:30:22 PST 
LOL. I see this same assertion when running the regression tests. How did I miss it!?