Bug 140179

Summary: ASSERTION FAILED: character != kEndOfFileMarker in WebCore::HTMLTokenizer::bufferCharacter
Product: WebKit Reporter: Renata Hodovan <rhodovan.u-szeged>
Component: Page LoadingAssignee: Darin Adler <darin>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, commit-queue, darin, esprehn+autocc, gyuyoung.kim, kling
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 116980    
Attachments:
Description Flags
Test case
none
Patch none

Description Renata Hodovan 2015-01-07 09:25:36 PST 
Created attachment 244157 [details]
Test case

Load this test with debug WK:

<!DOCTYPE html>
<div>&#xa0a103a0


Backtrace:

ASSERTION FAILED: character != kEndOfFileMarker
../../Source/WebCore/html/parser/HTMLTokenizer.h(189) : void WebCore::HTMLTokenizer::bufferCharacter(UChar)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fff98984700 (LWP 2074)]
0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321	    *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007ffff331af51 in WebCore::HTMLTokenizer::bufferCharacter (this=0x7ffff7eceaf0, character=0) at ../../Source/WebCore/html/parser/HTMLTokenizer.h:189
#2  0x00007ffff331b267 in WebCore::HTMLTokenizer::processEntity (this=0x7ffff7eceaf0, source=...) at ../../Source/WebCore/html/parser/HTMLTokenizer.cpp:117
#3  0x00007ffff3312068 in WebCore::HTMLTokenizer::nextToken (this=0x7ffff7eceaf0, source=..., token=...) at ../../Source/WebCore/html/parser/HTMLTokenizer.cpp:200
#4  0x00007ffff32f6028 in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x7ffff7ece100, mode=WebCore::HTMLDocumentParser::ForceSynchronous) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:284
#5  0x00007ffff32f5a77 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x7ffff7ece100, mode=WebCore::HTMLDocumentParser::ForceSynchronous) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:187
#6  0x00007ffff32f58cb in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:137
#7  0x00007ffff32f6ceb in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:446
#8  0x00007ffff32f6d99 in WebCore::HTMLDocumentParser::finish (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:474
#9  0x00007ffff3463885 in WebCore::DocumentWriter::end (this=0x7ffff7ebaaa0) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#10 0x00007ffff344f029 in WebCore::DocumentLoader::finishedLoading (this=0x7ffff7ebaa00, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:440
#11 0x00007ffff344ed92 in WebCore::DocumentLoader::notifyFinished (this=0x7ffff7ebaa00, resource=0x7ffff7ec7680) at ../../Source/WebCore/loader/DocumentLoader.cpp:374
#12 0x00007ffff3501e1e in WebCore::CachedResource::checkNotify (this=0x7ffff7ec7680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:294
#13 0x00007ffff3501f1c in WebCore::CachedResource::finishLoading (this=0x7ffff7ec7680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:310
#14 0x00007ffff34fe617 in WebCore::CachedRawResource::finishLoading (this=0x7ffff7ec7680, data=0x7fff9843f570) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:104
#15 0x00007ffff34b1886 in WebCore::SubresourceLoader::didFinishLoading (this=0x7ffff7ec7200, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:355
#16 0x00007ffff34ad4e7 in WebCore::ResourceLoader::didFinishLoading (this=0x7ffff7ec7200, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:506
#17 0x00007ffff3e58c65 in WebCore::readCallback (asyncResult=0x7b69d0, data=0x7fff984370e0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1295
#18 0x00007fffeb4cc7d6 in async_ready_callback_wrapper (source_object=0x7c8ad0, res=0x7b69d0, user_data=user_data@entry=0x7fff984370e0) at ginputstream.c:523
#19 0x00007fffeb4f20d5 in g_task_return_now (task=0x7b69d0) at gtask.c:1077
#20 0x00007fffeb4f20f9 in complete_in_idle_cb (task=0x7b69d0) at gtask.c:1086
#21 0x00007fffea7319fd in g_main_dispatch (context=0x478330) at gmain.c:3064
#22 g_main_context_dispatch (context=context@entry=0x478330) at gmain.c:3663
#23 0x00007fffea731d68 in g_main_context_iterate (context=0x478330, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3734
#24 0x00007fffea73202a in g_main_loop_run (loop=0x8fd9e0) at gmain.c:3928
#25 0x00007ffff4537450 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59
#26 0x00007ffff2a65456 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#27 0x00007ffff2a652bb in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:70
#28 0x0000000000400891 in main (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44
Comment 1 Darin Adler 2015-01-07 20:14:28 PST 
I’ll take this one. I’ve just been working on this code.
Comment 2 Darin Adler 2015-01-07 23:02:28 PST 
Created attachment 244245 [details]
Patch
Comment 3 WebKit Commit Bot 2015-01-08 13:12:09 PST 
Comment on attachment 244245 [details]
Patch

Clearing flags on attachment: 244245

Committed r178128: <http://trac.webkit.org/changeset/178128>
Comment 4 WebKit Commit Bot 2015-01-08 13:12:14 PST 
All reviewed patches have been landed.  Closing bug.