[Webkit-unassigned] [Bug 140179] New: ASSERTION FAILED: character != kEndOfFileMarker in WebCore::HTMLTokenizer::bufferCharacter

Wed Jan 7 09:25:36 PST 2015

https://bugs.webkit.org/show_bug.cgi?id=140179

            Bug ID: 140179
           Summary: ASSERTION FAILED: character != kEndOfFileMarker in
                    WebCore::HTMLTokenizer::bufferCharacter
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: rhodovan.u-szeged at partner.samsung.com
                CC: akling at apple.com, darin at apple.com
            Blocks: 116980

Created attachment 244157
  --> https://bugs.webkit.org/attachment.cgi?id=244157&action=review
Test case

Load this test with debug WK:

<!DOCTYPE html>
<div>&#xa0a103a0

Backtrace:

ASSERTION FAILED: character != kEndOfFileMarker
../../Source/WebCore/html/parser/HTMLTokenizer.h(189) : void WebCore::HTMLTokenizer::bufferCharacter(UChar)

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fff98984700 (LWP 2074)]
0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321        *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007fffed92a5c7 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007ffff331af51 in WebCore::HTMLTokenizer::bufferCharacter (this=0x7ffff7eceaf0, character=0) at ../../Source/WebCore/html/parser/HTMLTokenizer.h:189
#2  0x00007ffff331b267 in WebCore::HTMLTokenizer::processEntity (this=0x7ffff7eceaf0, source=...) at ../../Source/WebCore/html/parser/HTMLTokenizer.cpp:117
#3  0x00007ffff3312068 in WebCore::HTMLTokenizer::nextToken (this=0x7ffff7eceaf0, source=..., token=...) at ../../Source/WebCore/html/parser/HTMLTokenizer.cpp:200
#4  0x00007ffff32f6028 in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x7ffff7ece100, mode=WebCore::HTMLDocumentParser::ForceSynchronous) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:284
#5  0x00007ffff32f5a77 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x7ffff7ece100, mode=WebCore::HTMLDocumentParser::ForceSynchronous) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:187
#6  0x00007ffff32f58cb in WebCore::HTMLDocumentParser::prepareToStopParsing (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:137
#7  0x00007ffff32f6ceb in WebCore::HTMLDocumentParser::attemptToEnd (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:446
#8  0x00007ffff32f6d99 in WebCore::HTMLDocumentParser::finish (this=0x7ffff7ece100) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:474
#9  0x00007ffff3463885 in WebCore::DocumentWriter::end (this=0x7ffff7ebaaa0) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#10 0x00007ffff344f029 in WebCore::DocumentLoader::finishedLoading (this=0x7ffff7ebaa00, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:440
#11 0x00007ffff344ed92 in WebCore::DocumentLoader::notifyFinished (this=0x7ffff7ebaa00, resource=0x7ffff7ec7680) at ../../Source/WebCore/loader/DocumentLoader.cpp:374
#12 0x00007ffff3501e1e in WebCore::CachedResource::checkNotify (this=0x7ffff7ec7680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:294
#13 0x00007ffff3501f1c in WebCore::CachedResource::finishLoading (this=0x7ffff7ec7680) at ../../Source/WebCore/loader/cache/CachedResource.cpp:310
#14 0x00007ffff34fe617 in WebCore::CachedRawResource::finishLoading (this=0x7ffff7ec7680, data=0x7fff9843f570) at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:104
#15 0x00007ffff34b1886 in WebCore::SubresourceLoader::didFinishLoading (this=0x7ffff7ec7200, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:355
#16 0x00007ffff34ad4e7 in WebCore::ResourceLoader::didFinishLoading (this=0x7ffff7ec7200, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:506
#17 0x00007ffff3e58c65 in WebCore::readCallback (asyncResult=0x7b69d0, data=0x7fff984370e0) at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1295
#18 0x00007fffeb4cc7d6 in async_ready_callback_wrapper (source_object=0x7c8ad0, res=0x7b69d0, user_data=user_data at entry=0x7fff984370e0) at ginputstream.c:523
#19 0x00007fffeb4f20d5 in g_task_return_now (task=0x7b69d0) at gtask.c:1077
#20 0x00007fffeb4f20f9 in complete_in_idle_cb (task=0x7b69d0) at gtask.c:1086
#21 0x00007fffea7319fd in g_main_dispatch (context=0x478330) at gmain.c:3064
#22 g_main_context_dispatch (context=context at entry=0x478330) at gmain.c:3663
#23 0x00007fffea731d68 in g_main_context_iterate (context=0x478330, block=block at entry=1, dispatch=dispatch at entry=1, self=<optimized out>) at gmain.c:3734
#24 0x00007fffea73202a in g_main_loop_run (loop=0x8fd9e0) at gmain.c:3928
#25 0x00007ffff4537450 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59
#26 0x00007ffff2a65456 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#27 0x00007ffff2a652bb in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:70
#28 0x0000000000400891 in main (argc=2, argv=0x7fffffffd888) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:44

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150107/3420037e/attachment-0002.html>