Bug 224262 - REGRESSION(r274812): Release assert in Document::updateLayout() after calling focus({preventScroll: true}) on a textarea
Summary: REGRESSION(r274812): Release assert in Document::updateLayout() after calling...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Ryosuke Niwa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-04-06 20:30 PDT by Ryosuke Niwa
Modified: 2021-04-07 00:42 PDT (History)
9 users (show)

See Also:


Attachments
Fixes the crash (6.41 KB, patch)
2021-04-06 22:27 PDT, Ryosuke Niwa
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Ryosuke Niwa 2021-04-06 20:30:28 PDT
e.g.

ASSERTION FAILED: isSafeToUpdateStyleOrLayout(*this)
./dom/Document.cpp(2176) : void WebCore::Document::updateLayout()
1   0x3bd844de9 WTFCrash
2   0x3bd844e09 WTFCrashWithSecurityImplication
3   0x3a375c9ea WebCore::Document::updateLayout()
4   0x3a375e272 WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks)
5   0x3a3b1d560 WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&)
6   0x3a3b1d40a WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
7   0x3a3b1db5b WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
8   0x3a1057907 WebCore::VisibleSelection::visibleStart() const
9   0x3a3a944c3 WebCore::FrameSelection::recomputeCaretRect()
10  0x3a3a8e1bb WebCore::FrameSelection::updateAppearance()
11  0x3a3a8dead WebCore::FrameSelection::updateAndRevealSelection(WebCore::AXTextStateChangeIntent const&)
12  0x3a3a6dce2 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, WTF::OptionSet<WebCore::FrameSelection::SetSelectionOption>, WebCore::AXTextStateChangeIntent, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity)
13  0x3a3a8bd55 WebCore::FrameSelection::moveWithoutValidationTo(WebCore::Position const&, WebCore::Position const&, bool, bool, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
14  0x3a3d3547d WebCore::HTMLTextFormControlElement::setSelectionRange(int, int, WebCore::TextFieldSelectionDirection, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
15  0x3a3d3635b WebCore::HTMLTextAreaElement::setValueCommon(WTF::String const&)
16  0x3a3d33ff4 WebCore::HTMLTextAreaElement::setNonDirtyValue(WTF::String const&)
17  0x3a3d33cee WebCore::HTMLTextAreaElement::childrenChanged(WebCore::ContainerNode::ChildChange const&)
18  0x3a36fcf77 WebCore::ContainerNode::removeAllChildrenWithScriptAssertion(WebCore::ContainerNode::ChildChange::Source, WebCore::ContainerNode::DeferChildrenChanged)
19  0x3a3703ac6 WebCore::ContainerNode::replaceChildren(WTF::Vector<WTF::Variant<WTF::RefPtr<WebCore::Node, WTF::RawPtrTraits<WebCore::Node>, WTF::DefaultRefDerefTraits<WebCore::Node> >, WTF::String>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&)

<rdar://76269714>
Comment 1 Ryosuke Niwa 2021-04-06 22:27:41 PDT
Created attachment 425355 [details]
Fixes the crash
Comment 2 Ryosuke Niwa 2021-04-07 00:42:48 PDT
Comment on attachment 425355 [details]
Fixes the crash

Clearing flags on attachment: 425355

Committed r275591 (236236@main): <https://commits.webkit.org/236236@main>
Comment 3 Ryosuke Niwa 2021-04-07 00:42:51 PDT
All reviewed patches have been landed.  Closing bug.