151034 – ASSERTION FAILED: m_refChild->parentNode() in WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand

Bug 151034 - ASSERTION FAILED: m_refChild->parentNode() in WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand

Summary: ASSERTION FAILED: m_refChild->parentNode() in WebCore::InsertNodeBeforeComman...

Status:	RESOLVED WORKSFORME

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	HTML Editing (show other bugs)
Version:	WebKit Local Build
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:	116980
	Show dependency tree / graph

Reported:	2015-11-09 09:26 PST by Renata Hodovan
Modified:	2016-08-04 18:02 PDT (History)
CC List:	3 users (show)

See Also:

Attachments
Test (210 bytes, text/html) 2015-11-09 09:26 PST, Renata Hodovan	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Renata Hodovan 2015-11-09 09:26:58 PST

Created attachment 265061 [details]
Test

Load the attached test with debug MiniBrowser:

<html hidden>
<style>
*  {
    display:-webkit-grid;
}
</style>
<script>
    document.designMode = 'on';
    document.execCommand('selectAll', null);
    document.execCommand("insertParagraph" , null)
</script>


OS: Ubuntu 14.10 x86_64
Checked build: debug EFL
Checked version: 9fa8210


Backtrace:

ASSERTION FAILED: m_refChild->parentNode()
../../Source/WebCore/editing/InsertNodeBeforeCommand.cpp(46) : WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand(WTF::RefPtr<WebCore::Node>&&, WTF::RefPtr<WebCore::Node>&&, WebCore::ShouldAssumeContentIsAlwaysEditable, WebCore::EditAction)
1   0x7f674c106e17 WTFCrash
2   0x7f675354bedc WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand(WTF::RefPtr<WebCore::Node>&&, WTF::RefPtr<WebCore::Node>&&, WebCore::ShouldAssumeContentIsAlwaysEditable, WebCore::EditAction)
3   0x7f675353a8ab WebCore::InsertNodeBeforeCommand::create(WTF::RefPtr<WebCore::Node>&&, WTF::RefPtr<WebCore::Node>&&, WebCore::ShouldAssumeContentIsAlwaysEditable, WebCore::EditAction)
4   0x7f675352f8b9 WebCore::CompositeEditCommand::insertNodeBefore(WTF::PassRefPtr<WebCore::Node>, WTF::PassRefPtr<WebCore::Node>, WebCore::ShouldAssumeContentIsAlwaysEditable)
5   0x7f675354adfc WebCore::InsertLineBreakCommand::doApply()
6   0x7f675352f05e WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand>)
7   0x7f675354d330 WebCore::InsertParagraphSeparatorCommand::doApply()
8   0x7f675352f05e WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand>)
9   0x7f67523dd271 WebCore::TypingCommand::insertParagraphSeparator()
10  0x7f67523dca08 WebCore::TypingCommand::doApply()
11  0x7f675352ed8a WebCore::CompositeEditCommand::apply()
12  0x7f675352eb3b WebCore::applyCommand(WTF::PassRefPtr<WebCore::CompositeEditCommand>)
13  0x7f67523dc61a WebCore::TypingCommand::insertParagraphSeparator(WebCore::Document&, unsigned int)
14  0x7f6752394288
15  0x7f6752397cde WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const
16  0x7f675223c46d WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&)
17  0x7f675396e06b WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*)
18  0x7f66f3fff0c8
Aborted (core dumped)

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f674c106e1c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
321     *(int *)(uintptr_t)0xbbadbeef = 0;
#0  0x00007f674c106e1c in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:321
#1  0x00007f675354bedc in WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand(WTF::RefPtr<WebCore::Node>&&, WTF::RefPtr<WebCore::Node>&&, WebCore::ShouldAssumeContentIsAlwaysEditable, WebCore::EditAction) (this=0x7f673a3bea80, insertChild=<unknown type in webkit/WebKitBuild/Debug/lib/libewebkit2.so.1, CU 0x482db288, DIE 0x48302077>, refChild=<unknown type in webkit/WebKitBuild/Debug/lib/libewebkit2.so.1, CU 0x482db288, DIE 0x4830207c>, shouldAssumeContentIsAlwaysEditable=WebCore::DoNotAssumeContentIsAlwaysEditable, editingAction=WebCore::EditActionUnspecified) at ../../Source/WebCore/editing/InsertNodeBeforeCommand.cpp:46
#2  0x00007f675353a8ab in WebCore::InsertNodeBeforeCommand::create(WTF::RefPtr<WebCore::Node>&&, WTF::RefPtr<WebCore::Node>&&, WebCore::ShouldAssumeContentIsAlwaysEditable, WebCore::EditAction) (childToInsert=<unknown type in webkit/WebKitBuild/Debug/lib/libewebkit2.so.1, CU 0x47e7cb28, DIE 0x47f576f2>, childToInsertBefore=<unknown type in webkit/WebKitBuild/Debug/lib/libewebkit2.so.1, CU 0x47e7cb28, DIE 0x47f576f7>, shouldAssumeContentIsAlwaysEditable=WebCore::DoNotAssumeContentIsAlwaysEditable, editingAction=WebCore::EditActionUnspecified) at ../../Source/WebCore/editing/InsertNodeBeforeCommand.h:38
#3  0x00007f675352f8b9 in WebCore::CompositeEditCommand::insertNodeBefore (this=0x7f673a3be8c0, insertChild=..., refChild=..., shouldAssumeContentIsAlwaysEditable=WebCore::DoNotAssumeContentIsAlwaysEditable) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:345
#4  0x00007f675354adfc in WebCore::InsertLineBreakCommand::doApply (this=0x7f673a3be8c0) at ../../Source/WebCore/editing/InsertLineBreakCommand.cpp:123
#5  0x00007f675352f05e in WebCore::CompositeEditCommand::applyCommandToComposite (this=0x7f673a3b53c0, prpCommand=...) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:278
#6  0x00007f675354d330 in WebCore::InsertParagraphSeparatorCommand::doApply (this=0x7f673a3b53c0) at ../../Source/WebCore/editing/InsertParagraphSeparatorCommand.cpp:176
#7  0x00007f675352f05e in WebCore::CompositeEditCommand::applyCommandToComposite (this=0x7f673a2dd000, prpCommand=...) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:278
#8  0x00007f67523dd271 in WebCore::TypingCommand::insertParagraphSeparator (this=0x7f673a2dd000) at ../../Source/WebCore/editing/TypingCommand.cpp:398
#9  0x00007f67523dca08 in WebCore::TypingCommand::doApply (this=0x7f673a2dd000) at ../../Source/WebCore/editing/TypingCommand.cpp:275
#10 0x00007f675352ed8a in WebCore::CompositeEditCommand::apply (this=0x7f673a2dd000) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:227
#11 0x00007f675352eb3b in WebCore::applyCommand (command=...) at ../../Source/WebCore/editing/CompositeEditCommand.cpp:186
#12 0x00007f67523dc61a in WebCore::TypingCommand::insertParagraphSeparator (document=..., options=0) at ../../Source/WebCore/editing/TypingCommand.cpp:222
#13 0x00007f6752394288 in WebCore::executeInsertParagraph (frame=...) at ../../Source/WebCore/editing/EditorCommand.cpp:524
#14 0x00007f6752397cde in WebCore::Editor::Command::execute (this=0x7fffa7e05df0, parameter=..., triggeringEvent=0x0) at ../../Source/WebCore/editing/EditorCommand.cpp:1703
#15 0x00007f675223c46d in WebCore::Document::execCommand (this=0x7f673a026a40, commandName=..., userInterface=false, value=...) at ../../Source/WebCore/dom/Document.cpp:4657
#16 0x00007f675396e06b in WebCore::jsDocumentPrototypeFunctionExecCommand (state=0x7fffa7e05ec0) at DerivedSources/WebCore/JSDocument.cpp:5066
#17 0x00007f66f3fff0c8 in ?? ()
#18 0x00007fffa7e05f30 in ?? ()
#19 0x00007f674c0af5e4 in llint_entry () from webkit/WebKitBuild/Debug/lib/libjavascriptcore_efl.so.1

Comment 1 Manuel Rego Casasnovas 2015-11-09 13:21:03 PST

I can reproduce the same crash using "display: flex;" or even "display: block;".

So, it seems not directly related to CSS Grid Layout code.

Comment 2 Brent Fulgham 2016-08-04 18:02:03 PDT

This does not reproduce under r204037. If you believe there is still a problem, please reopen the bug and attach a revised test case.