Bug 19703 - Crash in WebCore::InsertNodeBeforeCommand::doUnapply()
Summary: Crash in WebCore::InsertNodeBeforeCommand::doUnapply()
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: All OS X 10.5
: P2 Normal
Assignee: Darin Adler
URL: http://www.mozilla.org/editor/midasdemo/
Keywords: GoogleBug, InRadar
: 20676 (view as bug list)
Depends on:
Reported: 2008-06-20 19:07 PDT by Ojan Vafai
Modified: 2008-12-23 13:43 PST (History)
4 users (show)

See Also:

crash log (40.38 KB, text/plain)
2008-07-28 13:28 PDT, Robert Blaut
no flags Details
patch (142.80 KB, patch)
2008-12-22 16:01 PST, Darin Adler
sullivan: review+
Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ojan Vafai 2008-06-20 19:07:56 PDT
Go to http://www.mozilla.org/editor/midasdemo/.
1. Click on the "View HTML Source" checkbox
2. Type in "<blockquote>foo</blockquote>"
3. Uncheck the view html source checkbox.
4. Place your cursor in or after the word foo.
5. Hit ctrl+z once or twice.

Crashes every time. I tried coming up with something more reduced, but couldn't.
Comment 1 Robert Blaut 2008-07-28 13:28:01 PDT
Comment 2 Robert Blaut 2008-07-28 13:28:28 PDT
Created attachment 22526 [details]
crash log
Comment 3 David Harrison 2008-11-04 14:15:02 PST
In a debug build of TOT, this hits an assert

ASSERTION FAILED: m_refChild->parentNode()
(...WebCore/editing/InsertNodeBeforeCommand.cpp:59 virtual void WebCore::InsertNodeBeforeCommand::doUnapply())
Comment 4 David Harrison 2008-11-04 14:18:10 PST
Comment 5 Darin Adler 2008-12-22 15:21:14 PST
*** Bug 20676 has been marked as a duplicate of this bug. ***
Comment 6 Darin Adler 2008-12-22 16:01:27 PST
Created attachment 26218 [details]
Comment 7 John Sullivan 2008-12-23 12:12:55 PST
Comment on attachment 26218 [details]

Two comments:

1) my eyes have gone partly numb reviewing this patch, so I'm not 100% confident that I would have noticed minor errors
2) it's not obvious from these changes whether the various vaguely-specified bug reports have actually been fixed

But still, I didn't see any actual problems, and I saw lots of robustification. r=me assuming it passes the current layout tests.

Comment 8 Darin Adler 2008-12-23 13:43:50 PST

OK. I believe that fixes the bug. Now we need some more testing to see if the crash is truly gone and also to see if all those duplicates were really duplicates.