Bug 6092

Summary: REGRESSION: dom/xhtml/level2/html//HTMLInputElement01.xhtml crashes
Product: WebKit Reporter: Eric Seidel (no email) <eric>
Component: DOMAssignee: Darin Adler <darin>
Status: RESOLVED FIXED    
Severity: Critical CC: cdumez
Priority: P1    
Version: 420+   
Hardware: Mac   
OS: OS X 10.4   
Attachments:
Description Flags
keep current node ref'd in the XML tokenizer/parser as in the HTML parser eric: review+

Eric Seidel (no email)
Reported 2005-12-15 01:29:45 PST
REGRESSSION: dom/xhtml/level2/html//HTMLInputElement01.xhtml crashes Date/Time: 2005-12-15 01:27:40.765 -0800 OS Version: 10.4.4 Command: DumpRenderTree Path: /Volumes/Stuff/Projects/build/Development/DumpRenderTree Parent: perl [19144] Version: ??? (???) PID: 19196 Thread: 0 Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x0000000c Thread 0 Crashed: 0 com.apple.WebCore 0x013f0888 DOM::DocPtr<DOM::DocumentImpl>::get() const + 20 (DocPtr.h:47) 1 com.apple.WebCore 0x013f0940 DOM::NodeImpl::getDocument() const + 40 (dom_nodeimpl.h:264) 2 com.apple.WebCore 0x01204800 DOM::ElementImpl::dispatchAttrAdditionEvent (DOM::AttributeImpl*) + 40 (dom_elementimpl.cpp:611) 3 com.apple.WebCore 0x012055f8 DOM::NamedAttrMapImpl::addAttribute (DOM::AttributeImpl*) + 384 (dom_elementimpl.cpp:1042) 4 com.apple.WebCore 0x01208c5c DOM::ElementImpl::setAttribute(DOM::QualifiedName const&, DOM::DOMStringImpl*, int&) + 456 (dom_elementimpl.cpp:398) 5 com.apple.WebCore 0x01209964 DOM::ElementImpl::setAttributeNS(DOM::DOMString const&, DOM::DOMString const&, DOM::DOMString const&, int&) + 388 (dom_elementimpl.cpp:760) 6 com.apple.WebCore 0x012312dc khtml::handleElementAttributes(DOM::ElementImpl*, unsigned char const**, int, int&) + 776 (xml_tokenizer.cpp:307) 7 com.apple.WebCore 0x012317c8 khtml::XMLTokenizer::startElementNs(unsigned char const*, unsigned char const*, unsigned char const*, int, unsigned char const**, int, int, unsigned char const**) + 972 (xml_tokenizer.cpp:342) 8 com.apple.WebCore 0x01231bfc khtml::startElementNsHandler(void*, unsigned char const*, unsigned char const*, unsigned char const*, int, unsigned char const**, int, int, unsigned char const**) + 108 (xml_tokenizer.cpp:547) 9 libxml2.2.dylib 0x92c26480 xmlParseStartTag + 8228 10 libxml2.2.dylib 0x92c282ec xmlParseDocument + 3368 11 libxml2.2.dylib 0x92c0cc0c xmlParseChunk + 424 12 com.apple.WebCore 0x0122e444 khtml::parseQString(_xmlParserCtxt*, QString const&) + 80 (xml_tokenizer.cpp:189) 13 com.apple.WebCore 0x0122fccc khtml::XMLTokenizer::finish() + 344 (xml_tokenizer.cpp: 646) 14 com.apple.WebCore 0x011f3a7c DOM::DocumentImpl::finishParsing() + 84 (dom_docimpl.cpp:1562) 15 com.apple.WebCore 0x010a453c KHTMLPart::endIfNotLoading() + 176 (khtml_part.cpp: 1014) 16 com.apple.WebCore 0x010a4590 KHTMLPart::end() + 52 (khtml_part.cpp:1003) 17 com.apple.WebCore 0x01088d54 -[WebCoreBridge end] + 72 (WebCoreBridge.mm:524) 18 com.apple.WebKit 0x00256a5c -[WebDataSource(WebPrivate) _finishedLoading] + 204 (WebDataSource.m:784) 19 com.apple.WebKit 0x00293ef8 -[WebMainResourceLoader didFinishLoading] + 560 (WebMainResourceLoader.m:395) 20 com.apple.WebKit 0x00251274 -[WebLoader connectionDidFinishLoading:] + 184 (WebLoader.m:663) 21 com.apple.Foundation 0x92917cdc -[NSURLConnection(NSURLConnectionInternal) _sendDidFinishLoadingCallback] + 188 22 com.apple.Foundation 0x92915f48 -[NSURLConnection(NSURLConnectionInternal) _sendCallbacks] + 556 23 com.apple.Foundation 0x92915ca0 _sendCallbacks + 156 24 com.apple.CoreFoundation 0x9075da68 __CFRunLoopDoSources0 + 384 25 com.apple.CoreFoundation 0x9075cf98 __CFRunLoopRun + 452 26 com.apple.CoreFoundation 0x9075ca18 CFRunLoopRunSpecific + 268 27 com.apple.Foundation 0x928f4664 -[NSRunLoop runMode:beforeDate:] + 172 28 DumpRenderTree 0x00005f58 dumpRenderTree + 740 (DumpRenderTree.m:572) 29 DumpRenderTree 0x00003924 main + 2408 (DumpRenderTree.m:176) 30 DumpRenderTree 0x00002814 _start + 340 (crt.c:272) 31 DumpRenderTree 0x000026bc start + 60 Thread 1: 0 libSystem.B.dylib 0x9000b208 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b15c mach_msg + 60 2 com.apple.CoreFoundation 0x9075d114 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9075ca18 CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x9290cb9c +[NSURLConnection(NSURLConnectionInternal) _resourceLoadLoop:] + 264 5 com.apple.Foundation 0x928e56d4 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002b200 _pthread_body + 96 Thread 2: 0 libSystem.B.dylib 0x9000b208 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b15c mach_msg + 60 2 com.apple.CoreFoundation 0x9075d114 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9075ca18 CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x9290dcdc +[NSURLCache _diskCacheSyncLoop:] + 152 5 com.apple.Foundation 0x928e56d4 forkThreadForFunction + 108 6 libSystem.B.dylib 0x9002b200 _pthread_body + 96 Thread 3: 0 libSystem.B.dylib 0x9000b208 mach_msg_trap + 8 1 libSystem.B.dylib 0x9000b15c mach_msg + 60 2 com.apple.CoreFoundation 0x9075d114 __CFRunLoopRun + 832 3 com.apple.CoreFoundation 0x9075ca18 CFRunLoopRunSpecific + 268 4 com.apple.Foundation 0x928f4664 -[NSRunLoop runMode:beforeDate:] + 172 5 com.apple.Foundation 0x928f459c -[NSRunLoop run] + 76 6 com.apple.WebKit 0x002c41e8 +[WebFileDatabase _syncLoop:] + 420 (WebFileDatabase.m:291) 7 com.apple.Foundation 0x928e56d4 forkThreadForFunction + 108 8 libSystem.B.dylib 0x9002b200 _pthread_body + 96 Thread 4: 0 libSystem.B.dylib 0x9001f20c select + 12 1 com.apple.CoreFoundation 0x9076f9a8 __CFSocketManager + 472 2 libSystem.B.dylib 0x9002b200 _pthread_body + 96 Thread 0 crashed with PPC Thread State 64: srr0: 0x00000000013f0888 srr1: 0x000000000000d030 vrsave: 0x0000000000000000 cr: 0x22000222 xer: 0x0000000000000004 lr: 0x00000000013f0940 ctr: 0x0000000000000007 r0: 0x000000000000000c r1: 0x00000000bfffe1a0 r2: 0x000000000000000c r3: 0x000000000000000c r4: 0x000000000f86e590 r5: 0x000000000ca02600 r6: 0x00000000ffffffff r7: 0x0000000000000001 r8: 0x000000000f86e427 r9: 0x0000000000000070 r10: 0x0000000000000001 r11: 0x0000000000000dc8 r12: 0x0000000090006700 r13: 0x00000000bfffe7d0 r14: 0x00000000bfffe7cc r15: 0x00000000bfffe7d4 r16: 0x0000000000000000 r17: 0x0000000000000000 r18: 0x0000000000000037 r19: 0x0000000000000005 r20: 0x000000000cb6ccf2 r21: 0x0000000000000000 r22: 0x0000000000000421 r23: 0x0000000000000019 r24: 0x000000000cbf6a00 r25: 0x000000000f6c09e0 r26: 0x0000000000000019 r27: 0x000000000f49aa80 r28: 0x000000000cb6cc48 r29: 0x000000000f86e230 r30: 0x00000000bfffe1a0 r31: 0x0000000001208aac Binary Images Description: 0x1000 - 0x9fff DumpRenderTree /Volumes/Stuff/Projects/build/Development/ DumpRenderTree 0x205000 - 0x317fff com.apple.WebKit 420+ /Volumes/Stuff/Projects/build/Development/ WebKit.framework/Versions/A/WebKit 0x1008000 - 0x149bfff com.apple.WebCore 420+ /Volumes/Stuff/Projects/build/Development/ WebCore.framework/Versions/A/WebCore 0xc01c000 - 0xc0d1fff com.apple.JavaScriptCore 420+ /Volumes/Stuff/Projects/build/Development/ JavaScriptCore.framework/Versions/A/JavaScriptCore 0x8fe00000 - 0x8fe54fff dyld 44.2 /usr/lib/dyld 0x90000000 - 0x901b3fff libSystem.B.dylib /usr/lib/libSystem.B.dylib 0x9020b000 - 0x9020ffff libmathCommon.A.dylib /usr/lib/system/libmathCommon.A.dylib 0x90211000 - 0x90264fff com.apple.CoreText 1.0.1 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreText.framework/Versions/A/CoreText 0x90291000 - 0x90342fff ATS /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ATS.framework/Versions/A/ATS 0x90371000 - 0x906aefff com.apple.CoreGraphics 1.256.30 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ CoreGraphics.framework/Versions/A/CoreGraphics 0x9073a000 - 0x90813fff com.apple.CoreFoundation 6.4.4 (368.25) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation 0x9085c000 - 0x9085cfff com.apple.CoreServices 10.4 (???) /System/Library/Frameworks/ CoreServices.framework/Versions/A/CoreServices 0x9085e000 - 0x90960fff libicucore.A.dylib /usr/lib/libicucore.A.dylib 0x909ba000 - 0x90a3efff libobjc.A.dylib /usr/lib/libobjc.A.dylib 0x90a68000 - 0x90ad6fff com.apple.framework.IOKit 1.4 (???) /System/Library/Frameworks/ IOKit.framework/Versions/A/IOKit 0x90aed000 - 0x90afffff libauto.dylib /usr/lib/libauto.dylib 0x90b06000 - 0x90ddefff com.apple.CoreServices.CarbonCore 681.1 (671.2) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/ CarbonCore.framework/Versions/A/CarbonCore 0x90e44000 - 0x90ec4fff com.apple.CoreServices.OSServices 4.1 /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/ OSServices.framework/Versions/A/OSServices 0x90f0e000 - 0x90f4ffff com.apple.CFNetwork 10.4.3 (129.2) /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/CFNetwork.framework/Versions/A/CFNetwork 0x90f64000 - 0x90f7cfff com.apple.WebServices 1.1.2 (1.1.0) /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/WebServicesCore.framework/Versions/A/ WebServicesCore 0x90f8c000 - 0x9100dfff com.apple.SearchKit 1.0.5 /System/Library/Frameworks/ CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit 0x91053000 - 0x9107dfff com.apple.Metadata 10.4.4 (121.33) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/ Metadata.framework/Versions/A/Metadata 0x9108e000 - 0x9109cfff libz.1.dylib /usr/lib/libz.1.dylib 0x9109f000 - 0x91262fff com.apple.security 4.3 (25966) /System/Library/Frameworks/ Security.framework/Versions/A/Security 0x91365000 - 0x9136efff com.apple.DiskArbitration 2.1 /System/Library/Frameworks/ DiskArbitration.framework/Versions/A/DiskArbitration 0x91375000 - 0x9139cfff com.apple.SystemConfiguration 1.8.2 /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration 0x913af000 - 0x913b7fff libgcc_s.1.dylib /usr/lib/libgcc_s.1.dylib 0x913bc000 - 0x913dcfff libmx.A.dylib /usr/lib/libmx.A.dylib 0x913e2000 - 0x913eafff libbsm.dylib /usr/lib/libbsm.dylib 0x913ee000 - 0x9146efff com.apple.audio.CoreAudio 3.0.2 /System/Library/Frameworks/ CoreAudio.framework/Versions/A/CoreAudio 0x914ad000 - 0x914adfff com.apple.ApplicationServices 10.4 (???) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices 0x914af000 - 0x914e7fff com.apple.AE 1.5 (297) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE 0x91502000 - 0x915cffff com.apple.ColorSync 4.4.3 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync 0x91624000 - 0x916b7fff com.apple.print.framework.PrintCore 4.3 (172.3) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ PrintCore.framework/Versions/A/PrintCore 0x916fe000 - 0x917bbfff com.apple.QD 3.8.18 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD 0x917f9000 - 0x91857fff com.apple.HIServices 1.5.1 (???) /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices 0x91885000 - 0x918a9fff com.apple.LangAnalysis 1.6.1 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/ LangAnalysis 0x918bd000 - 0x918e2fff com.apple.FindByContent 1.5 /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/FindByContent.framework/Versions/A/ FindByContent 0x918f5000 - 0x91937fff com.apple.LaunchServices 10.4.6 (168.1) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ LaunchServices.framework/Versions/A/LaunchServices 0x91953000 - 0x91967fff com.apple.speech.synthesis.framework 3.3 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ SpeechSynthesis.framework/Versions/A/SpeechSynthesis 0x91975000 - 0x919aefff com.apple.ImageIO.framework 1.4.4 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ ImageIO.framework/Versions/A/ImageIO 0x919c3000 - 0x91a8bfff libcrypto.0.9.7.dylib /usr/lib/libcrypto.0.9.7.dylib 0x91ad9000 - 0x91aeefff libcups.2.dylib /usr/lib/libcups.2.dylib 0x91af3000 - 0x91b10fff libJPEG.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib 0x91b15000 - 0x91b84fff libJP2.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib 0x91b9b000 - 0x91b9ffff libGIF.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib 0x91ba1000 - 0x91bd2fff libRaw.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libRaw.dylib 0x91bd6000 - 0x91c19fff libTIFF.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib 0x91c20000 - 0x91c39fff libPng.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib 0x91c3e000 - 0x91c41fff libRadiance.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/ImageIO.framework/Versions/A/Resources/ libRadiance.dylib 0x91c43000 - 0x91c43fff com.apple.Accelerate 1.1.1 (Accelerate 1.1.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate 0x91c45000 - 0x91d2ffff com.apple.vImage 2.0 /System/Library/Frameworks/ Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage 0x91d37000 - 0x91d56fff com.apple.Accelerate.vecLib 3.1.1 (vecLib 3.1.1) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/ Versions/A/vecLib 0x91dc2000 - 0x91e27fff libvMisc.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib 0x91e31000 - 0x91ec3fff libvDSP.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib 0x91edd000 - 0x9246dfff libBLAS.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib 0x924b5000 - 0x927c5fff libLAPACK.dylib /System/Library/Frameworks/Accelerate.framework/ Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib 0x927f2000 - 0x9287efff com.apple.DesktopServices 1.3.1 /System/Library/PrivateFrameworks/ DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv 0x928c0000 - 0x92aeafff com.apple.Foundation 6.4.2 (567.21) /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation 0x92c08000 - 0x92ce6fff libxml2.2.dylib /usr/lib/libxml2.2.dylib 0x92d06000 - 0x92df4fff libiconv.2.dylib /usr/lib/libiconv.2.dylib 0x92e06000 - 0x92e24fff libGL.dylib /System/Library/Frameworks/OpenGL.framework/Versions/ A/Libraries/libGL.dylib 0x92e2f000 - 0x92e89fff libGLU.dylib /System/Library/Frameworks/OpenGL.framework/Versions/ A/Libraries/libGLU.dylib 0x92ea7000 - 0x92ea7fff com.apple.Carbon 10.4 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Carbon 0x92ea9000 - 0x92ebdfff com.apple.ImageCapture 3.0 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/ImageCapture.framework/Versions/A/ImageCapture 0x92ed5000 - 0x92ee5fff com.apple.speech.recognition.framework 3.4 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ SpeechRecognition.framework/Versions/A/SpeechRecognition 0x92ef1000 - 0x92f06fff com.apple.securityhi 2.0 (203) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/SecurityHI.framework/Versions/A/SecurityHI 0x92f18000 - 0x92f9ffff com.apple.ink.framework 101.2 (69) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink 0x92fb3000 - 0x92fbefff com.apple.help 1.0.3 (32) /System/Library/Frameworks/Carbon.framework/ Versions/A/Frameworks/Help.framework/Versions/A/Help 0x92fc8000 - 0x92ff5fff com.apple.openscripting 1.2.4 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/OpenScripting.framework/Versions/A/OpenScripting 0x9300f000 - 0x9301ffff com.apple.print.framework.Print 5.0 (190.1) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Print.framework/ Versions/A/Print 0x9302b000 - 0x93091fff com.apple.htmlrendering 1.1.2 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/HTMLRendering.framework/Versions/A/HTMLRendering 0x930c2000 - 0x93114fff com.apple.NavigationServices 3.4.2 /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/NavigationServices.framework/Versions/A/ NavigationServices 0x93140000 - 0x9315dfff com.apple.audio.SoundManager 3.9 /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ CarbonSound.framework/Versions/A/CarbonSound 0x9316f000 - 0x9317cfff com.apple.CommonPanels 1.2.2 (73) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/ CommonPanels.framework/Versions/A/CommonPanels 0x93185000 - 0x93497fff com.apple.HIToolbox 1.4.5 (???) /System/Library/Frameworks/ Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox 0x935e3000 - 0x935effff com.apple.opengl 1.4.7 /System/Library/Frameworks/OpenGL.framework/ Versions/A/OpenGL 0x93681000 - 0x93681fff com.apple.Cocoa 6.4 (???) /System/Library/Frameworks/ Cocoa.framework/Versions/A/Cocoa 0x93683000 - 0x93cb6fff com.apple.AppKit 6.4.4 (824.28) /System/Library/Frameworks/ AppKit.framework/Versions/C/AppKit 0x94043000 - 0x940b3fff com.apple.CoreData 80 /System/Library/Frameworks/ CoreData.framework/Versions/A/CoreData 0x940ec000 - 0x941b6fff com.apple.audio.toolbox.AudioToolbox 1.4.1 /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox 0x9420a000 - 0x9420afff com.apple.audio.units.AudioUnit 1.4 /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit 0x9420c000 - 0x94384fff com.apple.QuartzCore 1.4.5 /System/Library/Frameworks/ QuartzCore.framework/Versions/A/QuartzCore 0x943ce000 - 0x9440bfff libsqlite3.0.dylib /usr/lib/libsqlite3.0.dylib 0x94413000 - 0x94463fff libGLImage.dylib /System/Library/Frameworks/OpenGL.framework/ Versions/A/Libraries/libGLImage.dylib 0x94605000 - 0x94614fff libCGATS.A.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/ Resources/libCGATS.A.dylib 0x9461c000 - 0x94628fff libCSync.A.dylib /System/Library/Frameworks/ ApplicationServices.framework/Versions/A/Frameworks/CoreGraphics.framework/Versions/A/ Resources/libCSync.A.dylib 0x9466e000 - 0x94686fff libRIP.A.dylib /System/Library/Frameworks/ApplicationServices.framework/ Versions/A/Frameworks/CoreGraphics.framework/Versions/A/Resources/libRIP.A.dylib 0x954b6000 - 0x95539fff libstdc++.6.dylib /usr/lib/libstdc++.6.dylib 0x96045000 - 0x9606efff libxslt.1.dylib /usr/lib/libxslt.1.dylib Model: PowerBook6,4, BootROM 4.8.3f1, 1 processors, PowerPC G4 (1.1), 1.33 GHz, 1.25 GB Graphics: GeForce FX Go5200, GeForce FX Go5200, AGP, 64 MB Memory Module: DIMM0/BUILT-IN, 256 MB, built-in, built-in Memory Module: DIMM1/J31, 1 GB, DDR SDRAM, PC2700U-25330 AirPort: AirPort Extreme, 404.2 (3.90.34.0.p16) Bluetooth: Version 1.7.0f10, 2 service, 0 devices, 1 incoming serial ports Network Service: AirPort, AirPort, en1 Network Service: VPN (L2TP), PPP (L2TP), ppp0 Parallel ATA Device: MATSHITADVD-R UJ-825, Parallel ATA Device: TOSHIBA MK6025GAS, 55.89 GB USB Device: Bluetooth HCI, , Up to 12 Mb/sec, 500 mA
Attachments
keep current node ref'd in the XML tokenizer/parser as in the HTML parser (13.36 KB, patch)
2005-12-15 08:38 PST, Darin Adler 		eric: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Darin Adler
Comment 1 2005-12-15 08:02:56 PST
This is a reference counting problem in the XML tokenizer -- it doesn't do the same kinds of "reference current node" things that the HTML tokenizer does. Working on a patch.
Darin Adler
Comment 2 2005-12-15 08:38:19 PST
Created attachment 5093 [details] keep current node ref'd in the XML tokenizer/parser as in the HTML parser
Eric Seidel (no email)
Comment 3 2005-12-15 08:58:25 PST
Comment on attachment 5093 [details] keep current node ref'd in the XML tokenizer/parser as in the HTML parser The spacing on setCurrentNode looks odd. Read through the whole thing, but I'm just waking up, so I want to read through it all again before I r+ it.
Eric Seidel (no email)
Comment 4 2005-12-15 09:34:26 PST
Comment on attachment 5093 [details] keep current node ref'd in the XML tokenizer/parser as in the HTML parser Reading through it a second time for real: ~XMLTokenizer() has strange spacing. setCurrentNode() (already mentioned) has strange spacing. If startElementImpl fails to add a node, it can just call stopParsing() or? That woudl get rid of the need for your FIXMEs while (m_currentNode->implicitNode()) - m_currentNode = m_currentNode->parentNode(); could be re-written to use a local, and avoid the (admittedly minimal) refcount thrash. I'm not sure why it's not OK to clear the parent node in this case: + if (NodeImpl* par = m_currentNode->parentNode()) + setCurrentNode(par); That code will never be reached (parsing would have aborted by now), but even so, clearing m_currnetNode should be OK... To solve your second FIXME in exitText, I think it's OK to stop parsing in enterText in the failure case as well. Otherwise looks fine. Darin should land this. r=me.
Darin Adler
Comment 5 2005-12-15 11:12:57 PST
Comment on attachment 5093 [details] keep current node ref'd in the XML tokenizer/parser as in the HTML parser > ~XMLTokenizer() has strange spacing. Eric and I figured out there was nothing wrong here. > setCurrentNode() (already mentioned) has strange spacing. It looks like there are some tabs in there -- I'll fix that. > If startElementImpl fails to add a node, it can just call stopParsing()? > That would get rid of the need for your FIXMEs. > To solve your second FIXME in exitText, I think it's OK to stop parsing in > enterText in the failure case as well. Sure, it would be nice to fix those FIXMEs, but I'd prefer to not do that in this patch. I just wanted to make sure to record it. > I'm not sure why it's not OK to clear the parent node in this case: > > + if (NodeImpl* par = m_currentNode->parentNode()) > + setCurrentNode(par); Generally it's never correct to set the current node to 0; any future parsed nodes would not know where to go. But I hope we can find a way to make it so that will never happen -- not moving to the parent seems like it's almost never correct.
Lucas Forschler
Comment 6 2019-02-06 09:03:21 PST
Mass moving XML DOM bugs to the "DOM" Component.
Note You need to log in before you can comment on or make changes to this bug.