Bug 42919

Summary: crash in insertParagraph in a contentEditable list
Product: WebKit Reporter: Ojan Vafai <ojan>
Component: HTML EditingAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, adele, dglazkov, enrica, eric, rniwa
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
test case
none
Patch darin: review+

Description Ojan Vafai 2010-07-23 16:43:27 PDT 
Created attachment 62473 [details]
test case

See test case. Also, hitting enter crashes.
Comment 1 Ojan Vafai 2010-07-23 17:33:23 PDT 
In a debug build we hit an assert: ASSERT(m_refChild->parentNode()->isContentEditable() || !m_refChild->parentNode()->attached());

#0	0x10193ccff in WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand at InsertNodeBeforeCommand.cpp:43
#1	0x101520861 in WebCore::InsertNodeBeforeCommand::create at InsertNodeBeforeCommand.h:37
#2	0x101519868 in WebCore::CompositeEditCommand::insertNodeBefore at CompositeEditCommand.cpp:136
#3	0x10151a07c in WebCore::CompositeEditCommand::insertNodeAfter at CompositeEditCommand.cpp:150
#4	0x10151c2db in WebCore::CompositeEditCommand::breakOutOfEmptyListItem at CompositeEditCommand.cpp:1047
#5	0x10193d943 in WebCore::InsertParagraphSeparatorCommand::doApply at InsertParagraphSeparatorCommand.cpp:194
#6	0x1017598df in WebCore::EditCommand::apply at EditCommand.cpp:91
#7	0x101517a3e in WebCore::CompositeEditCommand::applyCommandToComposite at CompositeEditCommand.cpp:99
#8	0x102023216 in WebCore::TypingCommand::insertParagraphSeparator at TypingCommand.cpp:376
#9	0x102023699 in WebCore::TypingCommand::doApply at TypingCommand.cpp:268
#10	0x1017598df in WebCore::EditCommand::apply at EditCommand.cpp:91
#11	0x10175995a in WebCore::applyCommand at EditCommand.cpp:212
#12	0x1020238c3 in WebCore::TypingCommand::insertParagraphSeparator at TypingCommand.cpp:231
#13	0x10176a65a in WebCore::executeInsertParagraph at EditorCommand.cpp:533
#14	0x101768566 in WebCore::Editor::Command::execute at EditorCommand.cpp:1554
#15	0x10164e121 in WebCore::Document::execCommand at Document.cpp:3713
#16	0x1019f9255 in WebCore::jsDocumentPrototypeFunctionExecCommand at JSDocument.cpp:1992
Comment 2 Ojan Vafai 2010-07-23 17:34:57 PDT 
We're trying to break out of an empty list item, but since the parent list element is the contentEditable element, things go wrong. In this case, we shouldn't break out. We should just split the LI.
Comment 3 Ojan Vafai 2010-07-23 17:46:03 PDT 
Created attachment 62478 [details]
Patch
Comment 4 Darin Adler 2010-07-23 20:40:38 PDT 
Comment on attachment 62478 [details]
Patch

LayoutTests/editing/execCommand/crash-on-enter-in-contentEditable-list.html:10
 +  \ No newline at end of file
It’s better to have a newline at the end of the file.
Comment 5 Ojan Vafai 2010-07-26 11:28:53 PDT 
Committed r64056: <http://trac.webkit.org/changeset/64056>