RESOLVED FIXED 50253
Hit ASSERT(m_state == ParsingState) after clicking on ad at macnn.com 
https://bugs.webkit.org/show_bug.cgi?id=50253
Summary Hit ASSERT(m_state == ParsingState) after clicking on ad at macnn.com
Simon Fraser (smfr)
Reported 2010-11-30 11:18:00 PST
I hit: ASSERTION FAILED: m_state == ParsingState (/Volumes/InternalData/Development/webkit/OpenSource/WebCore/dom/DocumentParser.cpp:56 virtual void WebCore::DocumentParser::prepareToStopParsing()) after loading macnn.com (with all ads visible), and clicking on the annoying Capital One ad in the right sidebar (in the "macnn sponsor" box). The ad is flash that expands leftwards. Stack is #0 0x0000000102ed2867 in WebCore::DocumentParser::prepareToStopParsing (this=0x10792b800) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/dom/DocumentParser.cpp:56 #1 0x00000001030f363e in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x10792b800) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/html/parser/HTMLDocumentParser.cpp:144 #2 0x00000001030f2910 in WebCore::HTMLDocumentParser::attemptToEnd (this=0x10792b800) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/html/parser/HTMLDocumentParser.cpp:344 #3 0x00000001030f2948 in WebCore::HTMLDocumentParser::finish (this=0x10792b800) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/html/parser/HTMLDocumentParser.cpp:372 #4 0x0000000102e8f6c0 in WebCore::Document::finishParsing (this=0x107971a00) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/dom/Document.cpp:2257 #5 0x0000000102ed6660 in WebCore::DocumentWriter::endIfNotLoadingMainResource (this=0x1078b8648) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/loader/DocumentWriter.cpp:221 #6 0x0000000102e976a6 in WebCore::Document::close (this=0x107971a00) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/dom/Document.cpp:2054 #7 0x0000000103352e54 in WebCore::jsHTMLDocumentPrototypeFunctionClose (exec=0x13345a098) at /Volumes/InternalData/Development/webkit/OpenSource/WebKitBuild/Debug/DerivedSources/WebCore/JSHTMLDocument.cpp:411 #8 0x000055dc8ec001b8 in ?? () #9 0x00000001018e4fb9 in JSC::JITCode::execute (this=0x131055798, registerFile=0x1077fa838, callFrame=0x13345a040, globalData=0x1078e1c00) at JITCode.h:77 #10 0x00000001018dfd5d in JSC::Interpreter::executeCall (this=0x1077fa820, callFrame=0x107760168, function=0x12f74e1c0, callType=JSC::CallTypeJS, callData=@0x7fff5fbfdcf0, thisValue={m_ptr = 0x12edc0000}, args=@0x7fff5fbfdce0) at /Volumes/InternalData/Development/webkit/OpenSource/JavaScriptCore/interpreter/Interpreter.cpp:849 #11 0x00000001018998b0 in JSC::call (exec=0x107760168, functionObject={m_ptr = 0x12f74e1c0}, callType=JSC::CallTypeJS, callData=@0x7fff5fbfdcf0, thisValue={m_ptr = 0x12edc0000}, args=@0x7fff5fbfdce0) at /Volumes/InternalData/Development/webkit/OpenSource/JavaScriptCore/runtime/CallData.cpp:38 #12 0x000000010328b493 in WebCore::JSMainThreadExecState::call (exec=0x107760168, functionObject={m_ptr = 0x12f74e1c0}, callType=JSC::CallTypeJS, callData=@0x7fff5fbfdcf0, thisValue={m_ptr = 0x12edc0000}, args=@0x7fff5fbfdce0) at JSMainThreadExecState.h:48 #13 0x000000010376188f in WebCore::ScheduledAction::executeFunctionInContext (this=0x12c1e81d0, globalObject=0x12edc2a80, thisValue={m_ptr = 0x12edc0000}, context=0x107971a68) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/bindings/js/ScheduledAction.cpp:106 #14 0x0000000103761dba in WebCore::ScheduledAction::execute (this=0x12c1e81d0, document=0x107971a00) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/bindings/js/ScheduledAction.cpp:128 #15 0x0000000103761e94 in WebCore::ScheduledAction::execute (this=0x12c1e81d0, context=0x107971a68) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/bindings/js/ScheduledAction.cpp:76 #16 0x0000000102f8205d in WebCore::DOMTimer::fired (this=0x139a40f50) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/page/DOMTimer.cpp:131 #17 0x00000001038e4462 in WebCore::ThreadTimers::sharedTimerFiredInternal (this=0x1077a7c00) at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/platform/ThreadTimers.cpp:112 #18 0x00000001038e45f1 in WebCore::ThreadTimers::sharedTimerFired () at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/platform/ThreadTimers.cpp:90 #19 0x00000001037ba291 in WebCore::timerFired () at /Volumes/InternalData/Development/webkit/OpenSource/WebCore/platform/mac/SharedTimerMac.mm:166
Attachments
Add attachment proposed patch, testcase, etc.
Alexey Proskuryakov
Comment 1 2010-11-30 21:36:04 PST
Not a "compatibility regression", but it's probably useful to have this block bug 41115.
Adam Barth
Comment 2 2010-11-30 22:37:40 PST
This assert might be bogus. This is Eric's area.
Eric Seidel (no email)
Comment 3 2010-11-30 22:40:54 PST
Well, the quesiton is why is it ever valid to call it twice. :) But I don't know. The code changed a bunch with TonyG's rewrite. I'd have to stare at this in a debugger.
Simon Fraser (smfr)
Comment 4 2010-12-01 15:46:32 PST
I just hit this on http://venturebeat.com/2010/11/05/why-apple-cant-beat-android/?obref=obinsite too.
Alexey Proskuryakov
Comment 5 2010-12-08 16:50:49 PST
I've just hit this on dailymotion.com.
Adam Barth
Comment 6 2010-12-08 19:18:51 PST
I was going to assign this to myself, but I did that already apparently.
Adam Barth
Comment 7 2011-01-21 21:38:55 PST
*** Bug 52929 has been marked as a duplicate of this bug. ***
Pavel Feldman
Comment 8 2011-02-15 08:18:23 PST
*** Bug 54462 has been marked as a duplicate of this bug. ***
Pavel Feldman
Comment 9 2011-02-15 08:19:45 PST
https://bugs.webkit.org/show_bug.cgi?id=54462 has a nice stack trace and a scenario on how to repro it on XML+XSLT -> HTML scenario.
Adam Barth
Comment 10 2011-02-15 14:18:48 PST
Looking now.
Adam Barth
Comment 11 2011-02-15 17:00:28 PST
Fixed one of the dups. Continuing to investigate.
Adam Barth
Comment 12 2011-02-15 17:09:06 PST
None of these reproduce any more. I suspect some of them are Bug 54462 and some are another related bug I fixed recently. Please re-open if you can reproduce now that Bug 54462 is fixed.
Note You need to log in before you can comment on or make changes to this bug.