202897 2019-10-13 13:40:52 -0700 Chromium test-case asserts with ASSERTION FAILED: static_cast<unsigned>(position.offsetInContainerNode()) <= node->length() 2022-12-08 13:43:23 -0800 1 1 1 Unclassified WebKit HTML Editing WebKit Nightly Build Unspecified Unspecified NEW InRadar P2 Normal --- 1 emilio webkit-unassigned ahmad.saleem792 rniwa webkit-bug-importer wenson_hsieh oldest_to_newest 1579509 0 emilio 2019-10-13 13:40:52 -0700 On master (247b0314320d499ae788b6ea993aa1d98e2d607e / r250962), WebKitGTK build. Runing on WebKitTestRunner this test-case: https://cs.chromium.org/chromium/src/third_party/blink/web_tests/editing/undo/crash-delete-from-document.html?l=1&rcl=753caf715d8f30f0c673f1b4b36dadfc75c3201f Asserts like: ASSERTION FAILED: static_cast<unsigned>(position.offsetInContainerNode()) <= node->length() ../../Source/WebCore/editing/FrameSelection.cpp(588) : void WebCore::updatePositionAfterAdoptingTextReplacement(WebCore::Position&, WebCore::CharacterData*, unsigned int, unsigned int, unsigned int) 1 0x7fcf350763d3 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x9) [0x7fcf350763d3] 2 0x7fcf40d1f5f2 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN3WTF15CrashOnOverflow10overflowedEv+0) [0x7fcf40d1f5f2] 3 0x7fcf432eefba /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xcbaafba) [0x7fcf432eefba] 4 0x7fcf432ef108 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore14FrameSelection15textWasReplacedEPNS_13CharacterDataEjjj+0x146) [0x7fcf432ef108] 5 0x7fcf43070a2a /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore13CharacterData16setDataAndUpdateERKN3WTF6StringEjjj+0x17a) [0x7fcf43070a2a] 6 0x7fcf4307062a /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore13CharacterData10deleteDataEjj+0xf6) [0x7fcf4307062a] 7 0x7fcf43218ede /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xcad4ede) [0x7fcf43218ede] 8 0x7fcf432181ea /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore5Range15processContentsENS0_10ActionTypeE+0x574) [0x7fcf432181ea] 9 0x7fcf43217786 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore5Range14deleteContentsEv+0x28) [0x7fcf43217786] 10 0x7fcf4390e2fc /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore12DOMSelection18deleteFromDocumentEv+0xe6) [0x7fcf4390e2fc] 11 0x7fcf448c62d1 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xe1822d1) [0x7fcf448c62d1] 12 0x7fcf448cb5eb /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xe1875eb) [0x7fcf448cb5eb] 13 0x7fcf448c631b /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore49jsDOMSelectionPrototypeFunctionDeleteFromDocumentEPN3JSC14JSGlobalObjectEPNS0_9CallFrameE+0x23) [0x7fcf448c631b] 14 0x7fcedf5fa16b [0x7fcedf5fa16b] #CRASHED - WebKitWebProcess (pid 394048) 1579927 1 webkit-bug-importer 2019-10-14 17:25:32 -0700 <rdar://problem/56271355> 1917725 2 ahmad.saleem792 2022-12-08 13:43:23 -0800 This test was introduced in following commit: Link - https://src.chromium.org/viewvc/blink?view=revision&revision=175647