Bug 131018

Created attachment 228256 [details] Test case The failing test: <head> <script> function runTest () { document.execCommand("selectall", true, null); document.execCommand("insertorderedlist", false, null); } </script> </head> <body onload="runTest();" contenteditable="true"> <video> </video> <div> <textarea></textarea> </div> </body>y> </html> The backtrace: ASSERTION FAILED: prev != *this /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/VisiblePosition.cpp(89) : WebCore::VisiblePosition WebCore::VisiblePosition::previous(WebCore::EditingBoundaryCrossingRule) const 1 0x7ffff5ed9db5 WTFCrash 2 0x7ffff10e335f WebCore::VisiblePosition::previous(WebCore::EditingBoundaryCrossingRule) const 3 0x7ffff10b1e8c WebCore::InsertListCommand::listifyParagraph(WebCore::VisiblePosition const&, WebCore::QualifiedName const&) 4 0x7ffff10b139c WebCore::InsertListCommand::doApplyForSingleParagraph(bool, WebCore::HTMLQualifiedName const&, WebCore::Range*) 5 0x7ffff10b0a21 WebCore::InsertListCommand::doApply() 6 0x7ffff106123d WebCore::CompositeEditCommand::apply() 7 0x7ffff1061031 WebCore::applyCommand(WTF::PassRefPtr<WebCore::CompositeEditCommand>) 8 0x7ffff109a0cb 9 0x7ffff109d1b4 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const 10 0x7ffff0f575dc WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) 11 0x7ffff1f334f1 WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) 12 0x7fff9b6cb0b4 Program received signal SIGSEGV, Segmentation fault. 0x00007ffff5ed9dba in WTFCrash () at /home/reni2/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333 333 *(int *)(uintptr_t)0xbbadbeef = 0; (gdb) bt #0 0x00007ffff5ed9dba in WTFCrash () at /home/reni2/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333 #1 0x00007ffff10e335f in WebCore::VisiblePosition::previous (this=0x7fffffffb7b0, rule=WebCore::CannotCrossEditingBoundary) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/VisiblePosition.cpp:89 #2 0x00007ffff10b1e8c in WebCore::InsertListCommand::listifyParagraph (this=0x1124410, originalStart=..., listTag=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:348 #3 0x00007ffff10b139c in WebCore::InsertListCommand::doApplyForSingleParagraph (this=0x1124410, forceCreateList=false, listTag=..., currentSelection=0x1138530) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:256 #4 0x00007ffff10b0a21 in WebCore::InsertListCommand::doApply (this=0x1124410) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:192 #5 0x00007ffff106123d in WebCore::CompositeEditCommand::apply (this=0x1124410) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/CompositeEditCommand.cpp:227 #6 0x00007ffff1061031 in WebCore::applyCommand (command=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/CompositeEditCommand.cpp:182 #7 0x00007ffff109a0cb in WebCore::executeInsertOrderedList (frame=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/EditorCommand.cpp:551 #8 0x00007ffff109d1b4 in WebCore::Editor::Command::execute (this=0x7fffffffbc50, parameter=..., triggeringEvent=0x0) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/EditorCommand.cpp:1741 #9 0x00007ffff0f575dc in WebCore::Document::execCommand (this=0x9e8ce0, commandName=..., userInterface=false, value=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/dom/Document.cpp:4217 #10 0x00007ffff1f334f1 in WebCore::jsDocumentPrototypeFunctionExecCommand (exec=0x7fffffffbd50) at /home/reni2/data/REPOS/webkit_sec/WebKitBuild/Debug/DerivedSources/WebCore/JSDocument.cpp:4736 #11 0x00007fff9b6cb0b4 in ?? () #12 0x00007fffffffbdb0 in ?? () #13 0x00007ffff5ec4fb5 in llint_op_call () from /home/reni2/data/REPOS/webkit_sec/WebKitBuild/Debug/lib/libjavascriptcore_efl.so.0 #14 0x0000000000000000 in ?? ()