[Webkit-unassigned] [Bug 224262] New: REGRESSION(r274812): Release assert in Document::updateLayout() after calling focus({preventScroll: true}) on a textarea
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Apr 6 20:30:28 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=224262
Bug ID: 224262
Summary: REGRESSION(r274812): Release assert in
Document::updateLayout() after calling
focus({preventScroll: true}) on a textarea
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Keywords: InRadar
Severity: Normal
Priority: P2
Component: HTML Editing
Assignee: webkit-unassigned at lists.webkit.org
Reporter: rniwa at webkit.org
CC: wenson_hsieh at apple.com
e.g.
ASSERTION FAILED: isSafeToUpdateStyleOrLayout(*this)
./dom/Document.cpp(2176) : void WebCore::Document::updateLayout()
1 0x3bd844de9 WTFCrash
2 0x3bd844e09 WTFCrashWithSecurityImplication
3 0x3a375c9ea WebCore::Document::updateLayout()
4 0x3a375e272 WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks)
5 0x3a3b1d560 WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&)
6 0x3a3b1d40a WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
7 0x3a3b1db5b WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
8 0x3a1057907 WebCore::VisibleSelection::visibleStart() const
9 0x3a3a944c3 WebCore::FrameSelection::recomputeCaretRect()
10 0x3a3a8e1bb WebCore::FrameSelection::updateAppearance()
11 0x3a3a8dead WebCore::FrameSelection::updateAndRevealSelection(WebCore::AXTextStateChangeIntent const&)
12 0x3a3a6dce2 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, WTF::OptionSet<WebCore::FrameSelection::SetSelectionOption>, WebCore::AXTextStateChangeIntent, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity)
13 0x3a3a8bd55 WebCore::FrameSelection::moveWithoutValidationTo(WebCore::Position const&, WebCore::Position const&, bool, bool, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
14 0x3a3d3547d WebCore::HTMLTextFormControlElement::setSelectionRange(int, int, WebCore::TextFieldSelectionDirection, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
15 0x3a3d3635b WebCore::HTMLTextAreaElement::setValueCommon(WTF::String const&)
16 0x3a3d33ff4 WebCore::HTMLTextAreaElement::setNonDirtyValue(WTF::String const&)
17 0x3a3d33cee WebCore::HTMLTextAreaElement::childrenChanged(WebCore::ContainerNode::ChildChange const&)
18 0x3a36fcf77 WebCore::ContainerNode::removeAllChildrenWithScriptAssertion(WebCore::ContainerNode::ChildChange::Source, WebCore::ContainerNode::DeferChildrenChanged)
19 0x3a3703ac6 WebCore::ContainerNode::replaceChildren(WTF::Vector<WTF::Variant<WTF::RefPtr<WebCore::Node, WTF::RawPtrTraits<WebCore::Node>, WTF::DefaultRefDerefTraits<WebCore::Node> >, WTF::String>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&)
<rdar://76269714>
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210407/58439d10/attachment-0001.htm>
More information about the webkit-unassigned
mailing list