[Webkit-unassigned] [Bug 94854] New: Crash in WebCoreCompositeEditCommandinsertNodeAt

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Aug 23 14:25:05 PDT 2012 

https://bugs.webkit.org/show_bug.cgi?id=94854

           Summary: Crash in WebCoreCompositeEditCommandinsertNodeAt
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: Unspecified
        OS/Version: Unspecified
            Status: NEW
          Keywords: HasReduction, InChromiumBugs, NeedsRadar
          Severity: Normal
          Priority: P1
         Component: HTML Editing
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: rniwa at webkit.org
                CC: ap at webkit.org, enrica at apple.com, sukolsak at google.com


Created an attachment (id=160245)
 --> (https://bugs.webkit.org/attachment.cgi?id=160245&action=review)
Demonstrates the bug

<embed>
<div style="overflow:scroll;">
<div style="display:table;"></div>
</div>
<script type="text/javascript">
document.designMode = "on"
document.execCommand("selectall")
document.execCommand("inserttext",false,"iframe")
document.execCommand("selectall")
</script>

0012ee9c 031fbe8a chrome_1c30000!WebCoreCompositeEditCommandinsertNodeAt(class WTFPassRefPtrWebCoreNode insertChild = class WTFPassRefPtrWebCoreNode, class WebCorePosition  editingPosition = 0x00000000)+0x47 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 348]
0012ef60 031db893 chrome_1c30000!WebCoreDeleteSelectionCommanddoApply(void)+0x49a [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingdeleteselectioncommand.cpp @ 821]
0012ef74 031dc668 chrome_1c30000!WebCoreCompositeEditCommandapplyCommandToComposite(class WTFPassRefPtrWebCoreEditCommand prpCommand = class WTFPassRefPtrWebCoreEditCommand)+0x23 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 257]
0012ef88 032af596 chrome_1c30000!WebCoreCompositeEditCommanddeleteSelection(bool smartDelete = false, bool mergeBlocksAfterDelete = true, bool replace = true, bool expandForSpecialElements = false)+0x48 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 549]
0012f0c0 031db583 chrome_1c30000!WebCoreInsertTextCommanddoApply(void)+0x56 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditinginserttextcommand.cpp @ 114]
0012f0d0 031fe325 chrome_1c30000!WebCoreCompositeEditCommandapplyCommandToComposite(class WTFPassRefPtrWebCoreCompositeEditCommand command = class WTFPassRefPtrWebCoreCompositeEditCommand, class WebCoreVisibleSelection  selection = 0x051a84b8)+0x43 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 272]
0012f0ec 031ff392 chrome_1c30000!WebCoreTypingCommandinsertTextRunWithoutNewlines(class WTFString  text = 0x051a851c, bool selectInsertedText = false)+0x55 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingtypingcommand.cpp @ 385]
0012f108 03200078 chrome_1c30000!WebCoreTypingCommandinsertText(class WTFString  text = 0x051a851c, bool selectInsertedText = false)+0x92 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingtypingcommand.cpp @ 370]
0012f118 031dd81b chrome_1c30000!WebCoreTypingCommanddoApply(void)+0xa8 [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingtypingcommand.cpp @ 285]
0012f128 031df9cb chrome_1c30000!WebCoreCompositeEditCommandapply(void)+0x6b [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 205]
0012f130 031fff23 chrome_1c30000!WebCoreapplyCommand(class WTFPassRefPtrWebCoreCompositeEditCommand command = class WTFPassRefPtrWebCoreCompositeEditCommand)+0xb [cbbuildslavewinbuildsrcthird_partywebkitsourcewebcoreeditingcompositeeditcommand.cpp @ 162]
...

http://crbug.com/121317

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list