RESOLVED FIXED 184049
Executing "insertunorderedlist" while selecting a contenteditable element inside a shadow dom hangs the browser 
https://bugs.webkit.org/show_bug.cgi?id=184049
Summary Executing "insertunorderedlist" while selecting a contenteditable element ins...
tvanderlippe
Reported 2018-03-27 11:13:43 PDT
Created attachment 336598 [details] Reproduction case Steps to reproduce the problem: 1. Create an element with a shadow dom 2. In the shadow dom, create an element with contenteditable 3. Select all text in the contenteditable element 4. Execute "insertunorderedlist" (a couple of times) In the supplied test case the first text is without shadow dom, while the second text is within shadow dom. What is the expected behavior? The behavior is the same as in the non-shadow dom version, it create 3 bullet points for each line or removes all bullet points from all lines. What went wrong? The browser tab hangs and is completely unresponsive. Indeterminate spinner is running forever
Attachments
Reproduction case (926 bytes, text/html)
2018-03-27 11:13 PDT, tvanderlippe 		no flags
Details
Reduction (440 bytes, text/html)
2018-11-13 11:08 PST, Ryosuke Niwa 		no flags
Details
Fixes the hang (8.89 KB, patch)
2018-11-28 19:44 PST, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Added the forgotten tests (8.89 KB, patch)
2018-11-28 19:45 PST, Ryosuke Niwa 		no flags
DetailsFormatted DiffDiff
Added the forgotten tests (10.65 KB, patch)
2018-11-28 19:46 PST, Ryosuke Niwa 		koivisto: review+
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2018-03-27 15:36:58 PDT
<rdar://problem/38931033>
Ryosuke Niwa
Comment 2 2018-11-12 18:41:47 PST
Hm... I can't reproduce this problem with STP70. Can you still reproduce the issue? Please feel free to re-open the bug if you can.
tvanderlippe
Comment 3 2018-11-13 10:43:36 PST
I am not yet on Mojave, so I am unable to run on STP70. It was still broken on STP69 on High Sierra. Hopefully I can verify this soon after upgrading.
Ryosuke Niwa
Comment 4 2018-11-13 10:58:05 PST
Hm... I don't think there was any change between STP69 and STP70 in this area. In fact, it works just fine in STP68 for me. Oh, I see, you'd have to select the entire list. Now I can reproduce it!
Ryosuke Niwa
Comment 5 2018-11-13 11:08:19 PST
Looks like TextIterator is getting stuck: 1213 WebCore::JSExecState::profiledEvaluate(JSC::ExecState*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) (in WebCore) + 84 [0x10be059a4] 1213 JSC::evaluate(JSC::ExecState*, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) (in JavaScriptCore) + 287 [0x578a193df] 1213 JSC::Interpreter::executeProgram(JSC::SourceCode const&, JSC::ExecState*, JSC::JSObject*) (in JavaScriptCore) + 11170 [0x57887a1e2] 1213 vmEntryToJavaScript (in JavaScriptCore) + 200 [0x57835d029] 1213 llint_entry (in JavaScriptCore) + 26835 [0x578363ab6] 1213 ??? (in <unknown binary>) [0x48e61f28177] 1213 WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) (in WebCore) + 533 [0x10b4807d5] 1213 WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) (in WebCore) + 73 [0x10b480999] 1213 WebCore::executeInsertOrderedList(WebCore::Frame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) (in WebCore) + 48 [0x10c0ba740] 1213 WebCore::CompositeEditCommand::apply() (in WebCore) + 268 [0x10b439c5c] 959 WebCore::InsertListCommand::doApply() (in WebCore) + 879 [0x10c0cab2f] ! 702 WebCore::indexForVisiblePosition(WebCore::VisiblePosition const&, WTF::RefPtr<WebCore::ContainerNode, WTF::DumbPtrTraits<WebCore::ContainerNode> >&) (in WebCore) + 386 [0x10c09d1f2] ! : 455 WebCore::TextIterator::rangeLength(WebCore::Range const*, bool) (in WebCore) + 36 [0x10b436e84] ! : | 191 WebCore::TextIterator::init() (in WebCore) + 386 [0x10c0e84e2] ! : | + 46 WebCore::TextIterator::advance() (in WebCore) + 436 [0x10b3aa644]
Ryosuke Niwa
Comment 6 2018-11-13 11:08:41 PST
Created attachment 354684 [details] Reduction
Ryosuke Niwa
Comment 7 2018-11-28 19:44:57 PST
Created attachment 355964 [details] Fixes the hang
Ryosuke Niwa
Comment 8 2018-11-28 19:45:49 PST
Created attachment 355965 [details] Added the forgotten tests
Ryosuke Niwa
Comment 9 2018-11-28 19:46:27 PST
Created attachment 355966 [details] Added the forgotten tests
Ryosuke Niwa
Comment 10 2018-11-29 13:50:45 PST
Committed r238693: <https://trac.webkit.org/changeset/238693>
Note You need to log in before you can comment on or make changes to this bug.