Bug 19703 - Crash in WebCore::InsertNodeBeforeCommand::doUnapply()
Summary: Crash in WebCore::InsertNodeBeforeCommand::doUnapply()
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: All OS X 10.5
: P2 Normal
Assignee: Darin Adler
URL: http://www.mozilla.org/editor/midasdemo/
Keywords: GoogleBug, InRadar
: 20676 (view as bug list)
Depends on:
Blocks:
 
Reported: 2008-06-20 19:07 PDT by Ojan Vafai
Modified: 2008-12-23 13:43 PST (History)
4 users (show)

See Also:

Attachments
crash log (40.38 KB, text/plain)
2008-07-28 13:28 PDT, Robert Blaut 		no flags Details
patch (142.80 KB, patch)
2008-12-22 16:01 PST, Darin Adler 		sullivan: review+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ojan Vafai 2008-06-20 19:07:56 PDT 
Go to http://www.mozilla.org/editor/midasdemo/.
1. Click on the "View HTML Source" checkbox
2. Type in "<blockquote>foo</blockquote>"
3. Uncheck the view html source checkbox.
4. Place your cursor in or after the word foo.
5. Hit ctrl+z once or twice.

Crashes every time. I tried coming up with something more reduced, but couldn't.
Comment 1 Robert Blaut 2008-07-28 13:28:01 PDT 
Confirmed.
Comment 2 Robert Blaut 2008-07-28 13:28:28 PDT 
Created attachment 22526 [details]
crash log
Comment 3 David Harrison 2008-11-04 14:15:02 PST 
In a debug build of TOT, this hits an assert

ASSERTION FAILED: m_refChild->parentNode()
(...WebCore/editing/InsertNodeBeforeCommand.cpp:59 virtual void WebCore::InsertNodeBeforeCommand::doUnapply())
Comment 4 David Harrison 2008-11-04 14:18:10 PST 
rdar://4059423
Comment 5 Darin Adler 2008-12-22 15:21:14 PST 
*** Bug 20676 has been marked as a duplicate of this bug. ***
Comment 6 Darin Adler 2008-12-22 16:01:27 PST 
Created attachment 26218 [details]
patch
Comment 7 John Sullivan 2008-12-23 12:12:55 PST 
Comment on attachment 26218 [details]
patch

Two comments:

1) my eyes have gone partly numb reviewing this patch, so I'm not 100% confident that I would have noticed minor errors
2) it's not obvious from these changes whether the various vaguely-specified bug reports have actually been fixed

But still, I didn't see any actual problems, and I saw lots of robustification. r=me assuming it passes the current layout tests.

John
Comment 8 Darin Adler 2008-12-23 13:43:50 PST 
http://trac.webkit.org/changeset/39456

OK. I believe that fixes the bug. Now we need some more testing to see if the crash is truly gone and also to see if all those duplicates were really duplicates.