[Webkit-unassigned] [Bug 151100] ASSERTION FAILED: previousListChild != listChildNode in WebCore::InsertListCommand::unlistifyParagraph

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Jan 20 10:53:03 PST 2023 

https://bugs.webkit.org/show_bug.cgi?id=151100

Ahmad Saleem <ahmad.saleem792 at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |ahmad.saleem792 at gmail.com

--- Comment #3 from Ahmad Saleem <ahmad.saleem792 at gmail.com> ---
I am able to hit this assert using attached test case using Minibrowser WK2 Debug build based of 259136 at main and this is output:

ASSERTION FAILED: previousListChild != listChildNode
editing/InsertListCommand.cpp(312) : void WebCore::InsertListCommand::unlistifyParagraph(const WebCore::VisiblePosition &, WebCore::HTMLElement &, WebCore::Node *)
1   0x137c46d84 WTFCrash
2   0x280832730 WTFCrashWithInfo(int, char const*, char const*, int)
3   0x283e57d74 WebCore::InsertListCommand::unlistifyParagraph(WebCore::VisiblePosition const&, WebCore::HTMLElement&, WebCore::Node*)
4   0x283e578c8 WebCore::InsertListCommand::doApplyForSingleParagraph(bool, WebCore::HTMLQualifiedName const&, WebCore::SimpleRange&)
5   0x283e571d8 WebCore::InsertListCommand::doApply()
6   0x283dac198 WebCore::CompositeEditCommand::apply()
7   0x283e3da9c WebCore::executeInsertOrderedList(WebCore::Frame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&)
8   0x283e12a30 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const
9   0x283a99ef0 WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&)
10  0x280be2e5c WebCore::jsDocumentPrototypeFunction_execCommandBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSDocument*)
11  0x280be2944 long long WebCore::IDLOperation<WebCore::JSDocument>::call<&(WebCore::jsDocumentPrototypeFunction_execCommandBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSDocument*)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*)
12  0x280bcda00 WebCore::jsDocumentPrototypeFunction_execCommand(JSC::JSGlobalObject*, JSC::CallFrame*)
13  0x14680c03c (null)
14  0x13836e990 llint_entry
15  0x138348eec vmEntryToJavaScript
16  0x1393a7a5c JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*)
17  0x1393a6ff8 JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::JSGlobalObject*, JSC::JSObject*)
18  0x139810110 JSC::evaluate(JSC::JSGlobalObject*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
19  0x139810254 JSC::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
20  0x283240254 WebCore::JSExecState::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&)
21  0x28323fd28 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
22  0x28323fb5c WebCore::ScriptController::evaluateInWorldIgnoringException(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld&)
23  0x28324050c WebCore::ScriptController::evaluateIgnoringException(WebCore::ScriptSourceCode const&)
24  0x283cbd164 WebCore::ScriptElement::executeClassicScript(WebCore::ScriptSourceCode const&)
25  0x283cbb2e8 WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport)
26  0x284323810 WebCore::HTMLScriptRunner::runScript(WebCore::ScriptElement&, WTF::TextPosition const&)
27  0x28432363c WebCore::HTMLScriptRunner::execute(WTF::Ref<WebCore::ScriptElement, WTF::RawPtrTraits<WebCore::ScriptElement> >&&, WTF::TextPosition const&)
28  0x2842fb1f4 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder()
29  0x2842fb6e4 WebCore::HTMLDocumentParser::pumpTokenizerLoop(WebCore::HTMLDocumentParser::SynchronousMode, bool, WebCore::PumpSession&)
30  0x2842faa9c WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode)
31  0x2842fa248 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230120/3bb28d0c/attachment-0001.htm>

More information about the webkit-unassigned mailing list