Bug 131018 - ASSERTION FAILED: prev != *this in WebCore::VisiblePosition::previous
Summary: ASSERTION FAILED: prev != *this in WebCore::VisiblePosition::previous
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks: 116980
  Show dependency treegraph
 
Reported: 2014-04-01 01:38 PDT by Renata Hodovan
Modified: 2023-01-20 09:45 PST (History)
8 users (show)

See Also:


Attachments
Test case (363 bytes, text/html)
2014-04-01 01:38 PDT, Renata Hodovan
no flags Details
Test (229 bytes, text/html)
2015-11-06 02:41 PST, Renata Hodovan
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Renata Hodovan 2014-04-01 01:38:36 PDT
Created attachment 228256 [details]
Test case

The failing test:

<head>
   <script>
      function runTest () {
         document.execCommand("selectall", true, null);
         document.execCommand("insertorderedlist", false, null);
      }
   </script>
</head>
<body onload="runTest();" contenteditable="true">
   <video> </video>
   <div>
      <textarea></textarea>
   </div>
</body>y>
</html>


The backtrace:

ASSERTION FAILED: prev != *this
/home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/VisiblePosition.cpp(89) : WebCore::VisiblePosition WebCore::VisiblePosition::previous(WebCore::EditingBoundaryCrossingRule) const
1   0x7ffff5ed9db5 WTFCrash
2   0x7ffff10e335f WebCore::VisiblePosition::previous(WebCore::EditingBoundaryCrossingRule) const
3   0x7ffff10b1e8c WebCore::InsertListCommand::listifyParagraph(WebCore::VisiblePosition const&, WebCore::QualifiedName const&)
4   0x7ffff10b139c WebCore::InsertListCommand::doApplyForSingleParagraph(bool, WebCore::HTMLQualifiedName const&, WebCore::Range*)
5   0x7ffff10b0a21 WebCore::InsertListCommand::doApply()
6   0x7ffff106123d WebCore::CompositeEditCommand::apply()
7   0x7ffff1061031 WebCore::applyCommand(WTF::PassRefPtr<WebCore::CompositeEditCommand>)
8   0x7ffff109a0cb
9   0x7ffff109d1b4 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const
10  0x7ffff0f575dc WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&)
11  0x7ffff1f334f1 WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*)
12  0x7fff9b6cb0b4

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5ed9dba in WTFCrash () at /home/reni2/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333
333	    *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0  0x00007ffff5ed9dba in WTFCrash () at /home/reni2/data/REPOS/webkit_sec/Source/WTF/wtf/Assertions.cpp:333
#1  0x00007ffff10e335f in WebCore::VisiblePosition::previous (this=0x7fffffffb7b0, rule=WebCore::CannotCrossEditingBoundary)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/VisiblePosition.cpp:89
#2  0x00007ffff10b1e8c in WebCore::InsertListCommand::listifyParagraph (this=0x1124410, originalStart=..., listTag=...)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:348
#3  0x00007ffff10b139c in WebCore::InsertListCommand::doApplyForSingleParagraph (this=0x1124410, forceCreateList=false, listTag=..., 
    currentSelection=0x1138530) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:256
#4  0x00007ffff10b0a21 in WebCore::InsertListCommand::doApply (this=0x1124410)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/InsertListCommand.cpp:192
#5  0x00007ffff106123d in WebCore::CompositeEditCommand::apply (this=0x1124410)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/CompositeEditCommand.cpp:227
#6  0x00007ffff1061031 in WebCore::applyCommand (command=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/CompositeEditCommand.cpp:182
#7  0x00007ffff109a0cb in WebCore::executeInsertOrderedList (frame=...) at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/EditorCommand.cpp:551
#8  0x00007ffff109d1b4 in WebCore::Editor::Command::execute (this=0x7fffffffbc50, parameter=..., triggeringEvent=0x0)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/editing/EditorCommand.cpp:1741
#9  0x00007ffff0f575dc in WebCore::Document::execCommand (this=0x9e8ce0, commandName=..., userInterface=false, value=...)
    at /home/reni2/data/REPOS/webkit_sec/Source/WebCore/dom/Document.cpp:4217
#10 0x00007ffff1f334f1 in WebCore::jsDocumentPrototypeFunctionExecCommand (exec=0x7fffffffbd50)
    at /home/reni2/data/REPOS/webkit_sec/WebKitBuild/Debug/DerivedSources/WebCore/JSDocument.cpp:4736
#11 0x00007fff9b6cb0b4 in ?? ()
#12 0x00007fffffffbdb0 in ?? ()
#13 0x00007ffff5ec4fb5 in llint_op_call () from /home/reni2/data/REPOS/webkit_sec/WebKitBuild/Debug/lib/libjavascriptcore_efl.so.0
#14 0x0000000000000000 in ?? ()
Comment 1 Renata Hodovan 2015-11-06 02:41:31 PST
Created attachment 264928 [details]
Test

Replacing the original test case since it doesn't reproduce the issue anymore.
Comment 2 Brent Fulgham 2016-08-03 14:09:33 PDT
This reproduces under r204037.
Comment 3 Radar WebKit Bug Importer 2016-08-03 14:09:49 PDT
<rdar://problem/27685432>
Comment 4 Ahmad Saleem 2023-01-20 09:45:56 PST
This still assert using attached test while using debug build based of WebKit revision 259136@main.