RESOLVED FIXED 54462
XSLT with output method HTML and images crashes in debug mode 
https://bugs.webkit.org/show_bug.cgi?id=54462
Summary XSLT with output method HTML and images crashes in debug mode
Vsevolod Vlasov
Reported 2011-02-15 08:06:41 PST
If 1) XML file links to XSLT 2) XSLT has output method set to html 3) Resulting HTML has images then Webkit crashes on assertion in debug mode (DocumentParser:56). ASSERTION FAILED: m_state == ParsingState .../webkit/Source/WebCore/dom/DocumentParser.cpp(56) : virtual void WebCore::DocumentParser::prepareToStopParsing() -> WebCore::DocumentParser::prepareToStopParsing() -> WebCore::HTMLDocumentParser::prepareToStopParsing() -> WebCore::HTMLDocumentParser::attemptToEnd() -> WebCore::HTMLDocumentParser::finish() -> WebCore::Document::finishParsing() -> WebCore::DocumentWriter::endIfNotLoadingMainResource() -> WebCore::Document::explicitClose() -> WebCore::Document::setContent(WTF::String const&) -> WebCore::XSLTProcessor::createDocumentFromSource(WTF::String const&, WTF::String const&, WTF::String const&, WebCore::Node*, WebCore::Frame*) -> WebCore::Document::applyXSLTransform(WebCore::ProcessingInstruction*) -> WebCore::Document::recalcStyleSelector() -> WebCore::Document::styleSelectorChanged(WebCore::StyleSelectorUpdateFlag) -> WebCore::Document::removePendingSheet() -> WebCore::ProcessingInstruction::sheetLoaded() -> WebCore::XSLStyleSheet::checkLoaded() -> WebCore::ProcessingInstruction::parseStyleSheet(WTF::String const&) -> WebCore::ProcessingInstruction::setXSLStyleSheet(WTF::String const&, WebCore::KURL const&, WTF::String const&) -> WebCore::CachedXSLStyleSheet::checkNotify() -> WebCore::CachedXSLStyleSheet::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool) -> WebCore::CachedResourceRequest::didFinishLoading(WebCore::SubresourceLoader*) -> WebCore::SubresourceLoader::didFinishLoading(double) -> WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) -> -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] -> _NSURLConnectionDidFinishLoading -> URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) -> URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) -> URLConnectionClient::processEvents() -> MultiplexerSource::perform() -> __CFRunLoopDoSources0 -> __CFRunLoopRun -> CFRunLoopRunSpecific
Attachments
Failing XML example (96 bytes, text/xml)
2011-02-15 08:07 PST, Vsevolod Vlasov 		no flags
Details
Failing XSL example (242 bytes, application/xslt+xml)
2011-02-15 08:07 PST, Vsevolod Vlasov 		no flags
Details
Patch (4.35 KB, patch)
2011-02-15 16:25 PST, Adam Barth 		darin: review+
darin: commit-queue+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Vsevolod Vlasov
Comment 1 2011-02-15 08:07:19 PST
Created attachment 82458 [details] Failing XML example
Vsevolod Vlasov
Comment 2 2011-02-15 08:07:38 PST
Created attachment 82459 [details] Failing XSL example
Vsevolod Vlasov
Comment 3 2011-02-15 08:14:44 PST
see https://bugs.webkit.org/show_bug.cgi?id=50253
Pavel Feldman
Comment 4 2011-02-15 08:18:23 PST
*** This bug has been marked as a duplicate of bug 50253 ***
Adam Barth
Comment 5 2011-02-15 14:41:39 PST
This is not a duplicate of Bug 50253. Testing a patch now.
Adam Barth
Comment 6 2011-02-15 16:15:42 PST
This is a regression caused by http://trac.webkit.org/changeset/75577
Adam Barth
Comment 7 2011-02-15 16:25:13 PST
Created attachment 82548 [details] Patch
Darin Adler
Comment 8 2011-02-15 16:26:38 PST
Comment on attachment 82548 [details] Patch Is this single test case enough coverage?
Adam Barth
Comment 9 2011-02-15 16:30:55 PST
> Is this single test case enough coverage? We more or less would like test coverage for each code path touched in http://trac.webkit.org/changeset/75577. 1) DOMParser::parseFromString <-- We have tests for this one. 2) WebCore/xml/XMLHttpRequest.cpp <-- We have lots of test for this one. :) 3) WebCore/xml/XSLTProcessor.cpp <-- Added in this patch. 4) CachedFont.cpp <-- This is for SVG fonts. I don't know whether this is covered.
Adam Barth
Comment 10 2011-02-15 16:36:45 PST
Committed r78644: <http://trac.webkit.org/changeset/78644>
Eric Seidel (no email)
Comment 11 2011-02-15 16:38:07 PST
Comment on attachment 82548 [details] Patch LGTM too thanks.
Adam Barth
Comment 12 2011-02-15 17:04:21 PST
*** Bug 52929 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.