Bug 54462 - XSLT with output method HTML and images crashes in debug mode
Summary: XSLT with output method HTML and images crashes in debug mode
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: XML (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Adam Barth
URL:
Keywords:
: 52929 (view as bug list)
Depends on:
Blocks:
 
Reported: 2011-02-15 08:06 PST by Vsevolod Vlasov
Modified: 2011-02-15 17:04 PST (History)
5 users (show)

See Also:


Attachments
Failing XML example (96 bytes, text/xml)
2011-02-15 08:07 PST, Vsevolod Vlasov
no flags Details
Failing XSL example (242 bytes, application/xslt+xml)
2011-02-15 08:07 PST, Vsevolod Vlasov
no flags Details
Patch (4.35 KB, patch)
2011-02-15 16:25 PST, Adam Barth
darin: review+
darin: commit-queue+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Vsevolod Vlasov 2011-02-15 08:06:41 PST
If 

1) XML file links to XSLT
2) XSLT has output method set to html
3) Resulting HTML has images

then

Webkit crashes on assertion in debug mode (DocumentParser:56).

ASSERTION FAILED: m_state == ParsingState
.../webkit/Source/WebCore/dom/DocumentParser.cpp(56) : virtual void WebCore::DocumentParser::prepareToStopParsing()
 -> WebCore::DocumentParser::prepareToStopParsing()
 -> WebCore::HTMLDocumentParser::prepareToStopParsing()
 -> WebCore::HTMLDocumentParser::attemptToEnd()
 -> WebCore::HTMLDocumentParser::finish()
 -> WebCore::Document::finishParsing()
 -> WebCore::DocumentWriter::endIfNotLoadingMainResource()
 -> WebCore::Document::explicitClose()
 -> WebCore::Document::setContent(WTF::String const&)
 -> WebCore::XSLTProcessor::createDocumentFromSource(WTF::String const&, WTF::String const&, WTF::String const&, WebCore::Node*, WebCore::Frame*)
 -> WebCore::Document::applyXSLTransform(WebCore::ProcessingInstruction*)
 -> WebCore::Document::recalcStyleSelector()
 -> WebCore::Document::styleSelectorChanged(WebCore::StyleSelectorUpdateFlag)
 -> WebCore::Document::removePendingSheet()
 -> WebCore::ProcessingInstruction::sheetLoaded()
 -> WebCore::XSLStyleSheet::checkLoaded()
 -> WebCore::ProcessingInstruction::parseStyleSheet(WTF::String const&)
 -> WebCore::ProcessingInstruction::setXSLStyleSheet(WTF::String const&, WebCore::KURL const&, WTF::String const&)
 -> WebCore::CachedXSLStyleSheet::checkNotify()
 -> WebCore::CachedXSLStyleSheet::data(WTF::PassRefPtr<WebCore::SharedBuffer>, bool)
 -> WebCore::CachedResourceRequest::didFinishLoading(WebCore::SubresourceLoader*)
 -> WebCore::SubresourceLoader::didFinishLoading(double)
 -> WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double)
 -> -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:]
 -> _NSURLConnectionDidFinishLoading
 -> URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*)
 -> URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long)
 -> URLConnectionClient::processEvents()
 -> MultiplexerSource::perform()
 -> __CFRunLoopDoSources0
 -> __CFRunLoopRun
 -> CFRunLoopRunSpecific
Comment 1 Vsevolod Vlasov 2011-02-15 08:07:19 PST
Created attachment 82458 [details]
Failing XML example
Comment 2 Vsevolod Vlasov 2011-02-15 08:07:38 PST
Created attachment 82459 [details]
Failing XSL example
Comment 3 Vsevolod Vlasov 2011-02-15 08:14:44 PST
see https://bugs.webkit.org/show_bug.cgi?id=50253
Comment 4 Pavel Feldman 2011-02-15 08:18:23 PST

*** This bug has been marked as a duplicate of bug 50253 ***
Comment 5 Adam Barth 2011-02-15 14:41:39 PST
This is not a duplicate of Bug 50253.  Testing a patch now.
Comment 6 Adam Barth 2011-02-15 16:15:42 PST
This is a regression caused by http://trac.webkit.org/changeset/75577
Comment 7 Adam Barth 2011-02-15 16:25:13 PST
Created attachment 82548 [details]
Patch
Comment 8 Darin Adler 2011-02-15 16:26:38 PST
Comment on attachment 82548 [details]
Patch

Is this single test case enough coverage?
Comment 9 Adam Barth 2011-02-15 16:30:55 PST
> Is this single test case enough coverage?

We more or less would like test coverage for each code path touched in http://trac.webkit.org/changeset/75577.

1) DOMParser::parseFromString <-- We have tests for this one.
2) WebCore/xml/XMLHttpRequest.cpp <-- We have lots of test for this one.  :)
3) WebCore/xml/XSLTProcessor.cpp <-- Added in this patch.
4) CachedFont.cpp <-- This is for SVG fonts.  I don't know whether this is covered.
Comment 10 Adam Barth 2011-02-15 16:36:45 PST
Committed r78644: <http://trac.webkit.org/changeset/78644>
Comment 11 Eric Seidel (no email) 2011-02-15 16:38:07 PST
Comment on attachment 82548 [details]
Patch

LGTM too thanks.
Comment 12 Adam Barth 2011-02-15 17:04:21 PST
*** Bug 52929 has been marked as a duplicate of this bug. ***