[Webkit-unassigned] [Bug 173468] New: Crash due to infinite recursion via FrameSelection::updateAppearanceAfterLayout

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jun 16 07:21:13 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=173468

            Bug ID: 173468
           Summary: Crash due to infinite recursion via
                    FrameSelection::updateAppearanceAfterLayout
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: HTML Editing
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: koivisto at iki.fi
                CC: wenson_hsieh at apple.com

Infinite recursion via updateAppearanceAfterLayout:

      17 libsystem_kernel.dylib: kdebug_trace
 ==> 17 WebCore: WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType) <==
          17 WebCore: WebCore::Document::updateLayout()
            17 WebCore: WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks)
              17 WebCore: WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&)
                17 WebCore: WebCore::VisiblePosition::init(WebCore::Position const&, WebCore::EAffinity)
                  17 WebCore: WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity)
                    17 WebCore: WebCore::adjustedSelectionStartForStyleComputation(WebCore::VisibleSelection const&)
                      17 WebCore: WebCore::Editor::styleForSelectionStart(WebCore::Frame*, WebCore::Node*&)
                        17 WebKit: WebKit::WebPage::editorState(WebKit::WebPage::IncludePostLayoutDataHint) const
                          17 WebKit: WebKit::WebPage::updateEditorStateAfterLayoutIfEditabilityChanged()
                            17 WebCore: WebCore::FrameSelection::updateAppearanceAfterLayout()
                              17 WebCore: WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType)
                                17 WebCore: WebCore::Document::updateLayout()
                                  17 WebCore: WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks)
                                    17 WebCore: WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&)
                                      17 WebCore: WebCore::VisiblePosition::init(WebCore::Position const&, WebCore::EAffinity)
                                        17 WebCore: WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity)
                                          17 WebCore: WebCore::adjustedSelectionStartForStyleComputation(WebCore::VisibleSelection const&)
                                            17 WebCore: WebCore::Editor::styleForSelectionStart(WebCore::Frame*, WebCore::Node*&)
                                              17 WebKit: WebKit::WebPage::editorState(WebKit::WebPage::IncludePostLayoutDataHint) const
                                                17 WebKit: WebKit::WebPage::updateEditorStateAfterLayoutIfEditabilityChanged()
                                                  17 WebCore: WebCore::FrameSelection::updateAppearanceAfterLayout()
                                                    17 WebCore: WebCore::Document::resolveStyle(WebCore::Document::ResolveStyleType)
                                                      17 WebCore: WebCore::Document::updateLayout()

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170616/cfb9f49f/attachment.html>

More information about the webkit-unassigned mailing list