[Webkit-unassigned] [Bug 225046] New: editing/pasteboard/paste-as-quotation-then-paste-crash.html: ASSERTION FAILED: m_parent->hasEditableStyle() || !m_parent->renderer()
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Apr 25 23:10:25 PDT 2021
https://bugs.webkit.org/show_bug.cgi?id=225046
Bug ID: 225046
Summary: editing/pasteboard/paste-as-quotation-then-paste-crash
.html: ASSERTION FAILED: m_parent->hasEditableStyle()
|| !m_parent->renderer()
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: HTML Editing
Assignee: webkit-unassigned at lists.webkit.org
Reporter: Hironori.Fujii at sony.com
CC: wenson_hsieh at apple.com
Created attachment 427023
--> https://bugs.webkit.org/attachment.cgi?id=427023&action=review
WinCairo crash log
editing/pasteboard/paste-as-quotation-then-paste-crash.html: ASSERTION FAILED: m_parent->hasEditableStyle() || !m_parent->renderer()
ASSERTION FAILED: m_parent->hasEditableStyle() || !m_parent->renderer()
C:\home\webkit\gc\Source\WebCore\editing/AppendNodeCommand.cpp(44) : WebCore::AppendNodeCommand::AppendNodeCommand
WinCairo callstack:
# Child-SP RetAddr Call Site
00 00000007`a1119e10 00007ffc`3ba8a9e1 WTF!WTFCrash(void)+0x1f [C:\home\webkit\gc\Source\WTF\wtf\Assertions.cpp @ 305]
01 00000007`a1119e40 00007ffc`3fb5c269 WebKit2!WTFCrashWithInfo(int __formal = 0n44, char * __formal = 0x00007ffc`4f676e50 "C:\home\webkit\gc\Source\WebCore\editing/AppendNodeCommand.cpp", char * __formal = 0x00007ffc`4f676e20 "WebCore::AppendNodeCommand::AppendNodeCommand", int __formal = 0n972)+0x31 [C:\home\webkit\gc\WebKitBuild\Debug\WTF\Headers\wtf\Assertions.h @ 693]
02 00000007`a1119e70 00007ffc`3fb7d5cc WebKit2!WebCore::AppendNodeCommand::AppendNodeCommand(class WTF::Ref<WebCore::ContainerNode,WTF::RawPtrTraits<WebCore::ContainerNode> > * parent = 0x00000007`a1119fb0, class WTF::Ref<WebCore::Node,WTF::RawPtrTraits<WebCore::Node> > * node = 0x00000007`a111a290, WebCore::EditAction editingAction = Unspecified (0n0))+0x1b9 [C:\home\webkit\gc\Source\WebCore\editing\AppendNodeCommand.cpp @ 44]
03 00000007`a1119ec0 00007ffc`3fb52be1 WebKit2!WebCore::AppendNodeCommand::create(class WTF::Ref<WebCore::ContainerNode,WTF::RawPtrTraits<WebCore::ContainerNode> > * parent = 0x00000007`a1119fb0, class WTF::Ref<WebCore::Node,WTF::RawPtrTraits<WebCore::Node> > * node = 0x00000007`a111a290, WebCore::EditAction editingAction = Unspecified (0n0))+0x7c [C:\home\webkit\gc\Source\WebCore\editing\AppendNodeCommand.h @ 36]
04 00000007`a1119f10 00007ffc`3fb5397d WebKit2!WebCore::CompositeEditCommand::appendNode(class WTF::Ref<WebCore::Node,WTF::RawPtrTraits<WebCore::Node> > * node = 0x00000007`a111a290, class WTF::Ref<WebCore::ContainerNode,WTF::RawPtrTraits<WebCore::ContainerNode> > * parent = 0x00000007`a1119fb0)+0xe1 [C:\home\webkit\gc\Source\WebCore\editing\CompositeEditCommand.cpp @ 610]
05 00000007`a1119f70 00007ffc`3fb6aad3 WebKit2!WebCore::CompositeEditCommand::insertNodeAfter(class WTF::Ref<WebCore::Node,WTF::RawPtrTraits<WebCore::Node> > * insertChild = 0x00000007`a111a290, class WebCore::Node * refChild = 0x000001ad`f6e4df60)+0x12d [C:\home\webkit\gc\Source\WebCore\editing\CompositeEditCommand.cpp @ 570]
06 00000007`a1119fe0 00007ffc`3fb52c80 WebKit2!WebCore::BreakBlockquoteCommand::doApply(void)+0x3d3 [C:\home\webkit\gc\Source\WebCore\editing\BreakBlockquoteCommand.cpp @ 87]
07 00000007`a111a660 00007ffc`3fc21702 WebKit2!WebCore::CompositeEditCommand::applyCommandToComposite(class WTF::Ref<WebCore::EditCommand,WTF::RawPtrTraits<WebCore::EditCommand> > * command = 0x00000007`a111b0a8)+0x60 [C:\home\webkit\gc\Source\WebCore\editing\CompositeEditCommand.cpp @ 489]
08 00000007`a111a6d0 00007ffc`3fb522a5 WebKit2!WebCore::ReplaceSelectionCommand::doApply(void)+0xc22 [C:\home\webkit\gc\Source\WebCore\editing\ReplaceSelectionCommand.cpp @ 1183]
09 00000007`a111b8d0 00007ffc`3fbd0d2b WebKit2!WebCore::CompositeEditCommand::apply(void)+0x2c5 [C:\home\webkit\gc\Source\WebCore\editing\CompositeEditCommand.cpp @ 398]
0a 00000007`a111b9a0 00007ffc`3fbbe43e WebKit2!WebCore::Editor::replaceSelectionWithFragment(class WebCore::DocumentFragment * fragment = 0x000001ad`f6d3a850, WebCore::Editor::SelectReplacement selectReplacement = No (0n0), WebCore::Editor::SmartReplace smartReplace = No (0n0), WebCore::Editor::MatchStyle matchStyle = No (0n0), WebCore::EditAction editingAction = Paste (0n36), WebCore::MailBlockquoteHandling mailBlockquoteHandling = RespectBlockquote (0n0))+0x2eb [C:\home\webkit\gc\Source\WebCore\editing\Editor.cpp @ 696]
0b 00000007`a111bea0 00007ffc`405f4234 WebKit2!WebCore::Editor::handleTextEvent(class WebCore::TextEvent * event = 0x000001ad`f6d969e0)+0x19e [C:\home\webkit\gc\Source\WebCore\editing\Editor.cpp @ 344]
0c 00000007`a111bf60 00007ffc`3fa0379a WebKit2!WebCore::EventHandler::defaultTextInputEventHandler(class WebCore::TextEvent * event = 0x000001ad`f6d969e0)+0x44 [C:\home\webkit\gc\Source\WebCore\page\EventHandler.cpp @ 4151]
0d 00000007`a111bfa0 00007ffc`3fda162b WebKit2!WebCore::Node::defaultEventHandler(class WebCore::Event * event = 0x000001ad`f6d969e0)+0x25a [C:\home\webkit\gc\Source\WebCore\dom\Node.cpp @ 2445]
0e 00000007`a111c070 00007ffc`3f972da4 WebKit2!WebCore::HTMLInputElement::defaultEventHandler(class WebCore::Event * event = 0x000001ad`f6d969e0)+0x81b [C:\home\webkit\gc\Source\WebCore\html\HTMLInputElement.cpp @ 1249]
0f 00000007`a111c220 00007ffc`3f96f3e8 WebKit2!WebCore::callDefaultEventHandlersInBubblingOrder(class WebCore::Event * event = 0x000001ad`f6d969e0, class WebCore::EventPath * path = 0x00000007`a111c340)+0x74 [C:\home\webkit\gc\Source\WebCore\dom\EventDispatcher.cpp @ 64]
10 00000007`a111c280 00007ffc`3fa02fc2 WebKit2!WebCore::EventDispatcher::dispatchEvent(class WebCore::Node * node = 0x000001ad`b105d520, class WebCore::Event * event = 0x000001ad`f6d969e0)+0x608 [C:\home\webkit\gc\Source\WebCore\dom\EventDispatcher.cpp @ 205]
11 00000007`a111c720 00007ffc`3fbce362 WebKit2!WebCore::Node::dispatchEvent(class WebCore::Event * event = 0x000001ad`f6d969e0)+0x32 [C:\home\webkit\gc\Source\WebCore\dom\Node.cpp @ 2375]
12 00000007`a111c750 00007ffc`3d546ecf WebKit2!WebCore::Editor::pasteAsFragment(class WTF::Ref<WebCore::DocumentFragment,WTF::RawPtrTraits<WebCore::DocumentFragment> > * pastingFragment = 0x00000007`a111c8d0, bool smartReplace = false, bool matchStyle = false, WebCore::MailBlockquoteHandling respectsMailBlockquote = RespectBlockquote (0n0))+0x122 [C:\home\webkit\gc\Source\WebCore\editing\Editor.cpp @ 625]
13 00000007`a111c7f0 00007ffc`3fbbf111 WebKit2!WebCore::Editor::pasteWithPasteboard(class WebCore::Pasteboard * pasteboard = 0x000001ad`f6e10400, class WTF::OptionSet<enum WebCore::Editor::PasteOption> options = class WTF::OptionSet<enum WebCore::Editor::PasteOption>)+0x2af [C:\home\webkit\gc\Source\WebCore\editing\win\EditorWin.cpp @ 52]
14 00000007`a111c920 00007ffc`3fbbeee3 WebKit2!WebCore::Editor::paste(class WebCore::Pasteboard * pasteboard = 0x000001ad`f6e10400, WebCore::Editor::FromMenuOrKeyBinding fromMenuOrKeyBinding = No (0n0))+0x201 [C:\home\webkit\gc\Source\WebCore\editing\Editor.cpp @ 1475]
15 00000007`a111ca20 00007ffc`3fbe1785 WebKit2!WebCore::Editor::paste(WebCore::Editor::FromMenuOrKeyBinding fromMenuOrKeyBinding = No (0n0))+0x73 [C:\home\webkit\gc\Source\WebCore\editing\Editor.cpp @ 1461]
16 00000007`a111ca80 00007ffc`3fbc4337 WebKit2!WebCore::executePaste(class WebCore::Frame * frame = 0x000001ad`b1040890, class WebCore::Event * __formal = 0x00000000`00000000, WebCore::EditorCommandSource source = CommandFromDOM (0n1), class WTF::String * __formal = 0x00000007`a111cd78)+0xc5 [C:\home\webkit\gc\Source\WebCore\editing\EditorCommand.cpp @ 905]
17 00000007`a111cb00 00007ffc`3f879c59 WebKit2!WebCore::Editor::Command::execute(class WTF::String * parameter = 0x00000007`a111cd78, class WebCore::Event * triggeringEvent = 0x00000000`00000000)+0x107 [C:\home\webkit\gc\Source\WebCore\editing\EditorCommand.cpp @ 1861]
18 00000007`a111cb60 00007ffc`3dbda378 WebKit2!WebCore::Document::execCommand(class WTF::String * commandName = 0x00000007`a111ccf8, bool userInterface = false, class WTF::String * value = 0x00000007`a111cd78)+0x89 [C:\home\webkit\gc\Source\WebCore\dom\Document.cpp @ 5733]
19 00000007`a111cbf0 00007ffc`3dbe7fb9 WebKit2!WebCore::jsDocumentPrototypeFunction_execCommandBody(class JSC::JSGlobalObject * lexicalGlobalObject = 0x000001ad`f6d43fb8, class JSC::CallFrame * callFrame = 0x00000007`a111d0b0, class WebCore::JSDocument * castedThis = 0x000001ad`f6d10eb8)+0x7e8 [C:\home\webkit\gc\WebKitBuild\Debug\WebCore\DerivedSources\JSDocument.cpp @ 5850]
1a 00000007`a111cf00 00007ffc`3dbb9299 WebKit2!WebCore::IDLOperation<WebCore::JSDocument>::call<&WebCore::jsDocumentPrototypeFunction_execCommandBody,0>(class JSC::JSGlobalObject * lexicalGlobalObject = 0x000001ad`f6d43fb8, class JSC::CallFrame * callFrame = 0x00000007`a111d0b0, char * operationName = 0x00007ffc`48b2c9e0 "execCommand")+0x309 [C:\home\webkit\gc\Source\WebCore\bindings\js\JSDOMOperation.h @ 55]
1b 00000007`a111d060 000001ad`b4ad11be WebKit2!WebCore::jsDocumentPrototypeFunction_execCommand(class JSC::JSGlobalObject * lexicalGlobalObject = 0x000001ad`f6d43fb8, class JSC::CallFrame * callFrame = 0x00000007`a111d0b0)+0x39 [C:\home\webkit\gc\WebKitBuild\Debug\WebCore\DerivedSources\JSDocument.cpp @ 5856]
1c 00000007`a111d090 000001ad`f6d43fb8 0x000001ad`b4ad11be
1d 00000007`a111d098 00000007`a111d0b0 0x000001ad`f6d43fb8
1e 00000007`a111d0a0 00000007`a111d140 0x00000007`a111d0b0
1f 00000007`a111d0a8 00007ffc`3666931e 0x00000007`a111d140
20 00000007`a111d0b0 00000007`a111d140 JavaScriptCore!llint_entry+0x21aee
21 00000007`a111d0b8 00007ffc`3666931e 0x00000007`a111d140
22 00000007`a111d0c0 00000000`00000000 JavaScriptCore!llint_entry+0x21aee
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210426/a320d2d8/attachment.htm>
More information about the webkit-unassigned
mailing list