On master (247b0314320d499ae788b6ea993aa1d98e2d607e / r250962), WebKitGTK build. Running this test-case: https://cs.chromium.org/chromium/src/third_party/blink/web_tests/editing/execCommand/crash-object-cloning.html?rcl=753caf715d8f30f0c673f1b4b36dadfc75c3201f Asserts like: ASSERTION FAILED: canHaveChildrenForEditing(parent) ../../Source/WebCore/editing/CompositeEditCommand.cpp(580) : void WebCore::CompositeEditCommand::appendNode(WTF::Ref<WebCore::Node, WTF::DumbPtrTraits<WebCore::Node> >&&, WTF::Ref<WebCore::ContainerNode, WTF::DumbPtrTraits<WebCore::ContainerNode> >&&) 1 0x7fd5ea9b53d3 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(WTFCrash+0x9) [0x7fd5ea9b53d3] 2 0x7fd5f665e5f2 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN3WTF15CrashOnOverflow10overflowedEv+0) [0x7fd5f665e5f2] 3 0x7fd5fa242b85 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20CompositeEditCommand10appendNodeEON3WTF3RefINS_4NodeENS1_13DumbPtrTraitsIS3_EEEEONS2_INS_13ContainerNodeENS4_IS8_EEEE+0x5b) [0x7fd5fa242b85] 4 0x7fd5fa2467a8 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20CompositeEditCommand29cloneParagraphUnderNewElementERKNS_8PositionES3_PNS_4NodeEPNS_7ElementE+0x32a) [0x7fd5fa2467a8] 5 0x7fd5fa246fd9 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20CompositeEditCommand23moveParagraphWithClonesERKNS_15VisiblePositionES3_PNS_7ElementEPNS_4NodeE+0x213) [0x7fd5fa246fd9] 6 0x7fd5f8c37f2b /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20IndentOutdentCommand20indentIntoBlockquoteERKNS_8PositionES3_RN3WTF6RefPtrINS_7ElementENS4_13DumbPtrTraitsIS6_EEEE+0x373) [0x7fd5f8c37f2b] 7 0x7fd5f8c3906c /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20IndentOutdentCommand11formatRangeERKNS_8PositionES3_S3_RN3WTF6RefPtrINS_7ElementENS4_13DumbPtrTraitsIS6_EEEE+0x62) [0x7fd5f8c3906c] 8 0x7fd5fa234f12 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore24ApplyBlockElementCommand15formatSelectionERKNS_15VisiblePositionES3_+0x9d8) [0x7fd5fa234f12] 9 0x7fd5f8c38fed /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20IndentOutdentCommand15formatSelectionERKNS_15VisiblePositionES3_+0x39) [0x7fd5f8c38fed] 10 0x7fd5fa23420a /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore24ApplyBlockElementCommand7doApplyEv+0x33a) [0x7fd5fa23420a] 11 0x7fd5fa241cd3 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore20CompositeEditCommand5applyEv+0xf5) [0x7fd5fa241cd3] 12 0x7fd5f8c2568f /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xcba268f) [0x7fd5f8c2568f] 13 0x7fd5f8c2962a /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZNK7WebCore6Editor7Command7executeERKN3WTF6StringEPNS_5EventE+0xdc) [0x7fd5f8c2962a] 14 0x7fd5f8a14268 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore8Document11execCommandERKN3WTF6StringEbS4_+0x56) [0x7fd5f8a14268] 15 0x7fd5f7722694 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xb69f694) [0x7fd5f7722694] 16 0x7fd5f773c1b6 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xb6b91b6) [0x7fd5f773c1b6] 17 0x7fd5f7722702 /home/emilio/src/WebKit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(_ZN7WebCore38jsDocumentPrototypeFunctionExecCommandEPN3JSC14JSGlobalObjectEPNS0_9CallFrameE+0x23) [0x7fd5f7722702] 18 0x7fd594ffa16b [0x7fd594ffa16b]
<rdar://problem/56271283>
To Merge to fix this - https://src.chromium.org/viewvc/blink?view=revision&revision=187132
Committed 257465@main (ef64a1c22827): <https://commits.webkit.org/257465@main> Reviewed commits have been landed. Closing PR #7113 and removing active labels.