[Webkit-unassigned] [Bug 151603] New: ASSERTION FAILED: comparePositions(start, end) <= 0 in WebCore::CompositeEditCommand::cloneParagraphUnderNewElement
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 25 07:33:07 PST 2015
https://bugs.webkit.org/show_bug.cgi?id=151603
Bug ID: 151603
Summary: ASSERTION FAILED: comparePositions(start, end) <= 0 in
WebCore::CompositeEditCommand::cloneParagraphUnderNewE
lement
Classification: Unclassified
Product: WebKit
Version: WebKit Local Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: HTML Editing
Assignee: webkit-unassigned at lists.webkit.org
Reporter: rhodovan.u-szeged at partner.samsung.com
CC: ddkilzer at webkit.org
Blocks: 116980
Created attachment 266162
--> https://bugs.webkit.org/attachment.cgi?id=266162&action=review
Test
Load the attached test with debug MiniBrowser:
<script>
window.onload = function() {
document.designMode = 'on';
document.execCommand('selectAll');
document.execCommand('indent');
}
</script>
<style>
* {
display: table-cell;
}
</style>
<base>a</base>
OS: Ubuntu 15.10 x86_64
Checked build: debug EFL
Checked version: 79922a5
Backtrace:
ASSERTION FAILED: comparePositions(start, end) <= 0
../../Source/WebCore/editing/CompositeEditCommand.cpp(1056) : void WebCore::CompositeEditCommand::cloneParagraphUnderNewElement(const WebCore::Position&, const WebCore::Position&, WebCore::Node*, WebCore::Element*)
1 0x7f784cd1482c WTFCrash
2 0x7f784c5c9931 WebCore::CompositeEditCommand::cloneParagraphUnderNewElement(WebCore::Position const&, WebCore::Position const&, WebCore::Node*, WebCore::Element*)
3 0x7f784c5ca857 WebCore::CompositeEditCommand::moveParagraphWithClones(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&, WebCore::Element*, WebCore::Node*)
4 0x7f784b4144e6 WebCore::IndentOutdentCommand::indentIntoBlockquote(WebCore::Position const&, WebCore::Position const&, WTF::RefPtr<WebCore::Element>&)
5 0x7f784b415d88 WebCore::IndentOutdentCommand::formatRange(WebCore::Position const&, WebCore::Position const&, WebCore::Position const&, WTF::RefPtr<WebCore::Element>&)
6 0x7f784c5adb2f WebCore::ApplyBlockElementCommand::formatSelection(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&)
7 0x7f784b415d09 WebCore::IndentOutdentCommand::formatSelection(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&)
8 0x7f784c5acd9e WebCore::ApplyBlockElementCommand::doApply()
9 0x7f784c5c2f28 WebCore::CompositeEditCommand::apply()
10 0x7f784c5c2cef WebCore::applyCommand(WTF::PassRefPtr<WebCore::CompositeEditCommand>)
11 0x7f784b3fbda0
12 0x7f784b400048 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const
13 0x7f784b2a188d WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&)
14 0x7f784ca03583 WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*)
15 0x7f77e77ff0c8
Aborted (core dumped)
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f784cd14831 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321 *(int *)(uintptr_t)0xbbadbeef = 0;
[Current thread is 1 (Thread 0x7f7850861a80 (LWP 27717))]
#0 0x00007f784cd14831 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1 0x00007f784c5c9931 in WebCore::CompositeEditCommand::cloneParagraphUnderNewElement (this=0x7f7827adc000, start=..., end=..., passedOuterNode=0x7f7827be3958, blockElement=0x7f7827beb000) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:1056
#2 0x00007f784c5ca857 in WebCore::CompositeEditCommand::moveParagraphWithClones (this=0x7f7827adc000, startOfParagraphToMove=..., endOfParagraphToMove=..., blockElement=0x7f7827beb000, outerNode=0x7f7827be3958) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:1181
#3 0x00007f784b4144e6 in WebCore::IndentOutdentCommand::indentIntoBlockquote (this=0x7f7827adc000, start=..., end=..., targetBlockquote=...) at ../../Source/WebCore/editing/IndentOutdentCommand.cpp:117
#4 0x00007f784b415d88 in WebCore::IndentOutdentCommand::formatRange (this=0x7f7827adc000, start=..., end=..., blockquoteForNextIndent=...) at ../../Source/WebCore/editing/IndentOutdentCommand.cpp:236
#5 0x00007f784c5adb2f in WebCore::ApplyBlockElementCommand::formatSelection (this=0x7f7827adc000, startOfSelection=..., endOfSelection=...) at ../../Source/WebCore/editing/ApplyBlockElementCommand.cpp:145
#6 0x00007f784b415d09 in WebCore::IndentOutdentCommand::formatSelection (this=0x7f7827adc000, startOfSelection=..., endOfSelection=...) at ../../Source/WebCore/editing/IndentOutdentCommand.cpp:226
#7 0x00007f784c5acd9e in WebCore::ApplyBlockElementCommand::doApply (this=0x7f7827adc000) at ../../Source/WebCore/editing/ApplyBlockElementCommand.cpp:90
#8 0x00007f784c5c2f28 in WebCore::CompositeEditCommand::apply (this=0x7f7827adc000) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:227
#9 0x00007f784c5c2cef in WebCore::applyCommand (command=...) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:186
#10 0x00007f784b3fbda0 in WebCore::executeIndent (frame=...) at ../../Source/WebCore/editing/EditorCommand.cpp:456
#11 0x00007f784b400048 in WebCore::Editor::Command::execute (this=0x7ffcbcd62820, parameter=..., triggeringEvent=0x0) at ../../Source/WebCore/editing/EditorCommand.cpp:1703
#12 0x00007f784b2a188d in WebCore::Document::execCommand (this=0x7f782781d900, commandName=..., userInterface=false, value=...) at ../../Source/WebCore/dom/Document.cpp:4657
#13 0x00007f784ca03583 in WebCore::jsDocumentPrototypeFunctionExecCommand (state=0x7ffcbcd628f0) at DerivedSources/WebCore/JSDocument.cpp:5066
#14 0x00007f77e77ff0c8 in ?? ()
#15 0x00007ffcbcd62970 in ?? ()
#16 0x00007f78404f1636 in llint_entry () from webkit/WebKitBuild/Debug/lib/libjavascriptcore_efl.so.1
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20151125/8740642f/attachment.html>
More information about the webkit-unassigned
mailing list