Bug 224262 - REGRESSION(r274812): Release assert in Document::updateLayout() after calling focus({preventScroll: true}) on a textarea
Summary: REGRESSION(r274812): Release assert in Document::updateLayout() after calling...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Ryosuke Niwa
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2021-04-06 20:30 PDT by Ryosuke Niwa
Modified: 2021-04-07 00:42 PDT (History)
9 users (show)

See Also:

Attachments
Fixes the crash (6.41 KB, patch)
2021-04-06 22:27 PDT, Ryosuke Niwa 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ryosuke Niwa 2021-04-06 20:30:28 PDT 
e.g.

ASSERTION FAILED: isSafeToUpdateStyleOrLayout(*this)
./dom/Document.cpp(2176) : void WebCore::Document::updateLayout()
1   0x3bd844de9 WTFCrash
2   0x3bd844e09 WTFCrashWithSecurityImplication
3   0x3a375c9ea WebCore::Document::updateLayout()
4   0x3a375e272 WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks)
5   0x3a3b1d560 WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&)
6   0x3a3b1d40a WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
7   0x3a3b1db5b WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::Affinity)
8   0x3a1057907 WebCore::VisibleSelection::visibleStart() const
9   0x3a3a944c3 WebCore::FrameSelection::recomputeCaretRect()
10  0x3a3a8e1bb WebCore::FrameSelection::updateAppearance()
11  0x3a3a8dead WebCore::FrameSelection::updateAndRevealSelection(WebCore::AXTextStateChangeIntent const&)
12  0x3a3a6dce2 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, WTF::OptionSet<WebCore::FrameSelection::SetSelectionOption>, WebCore::AXTextStateChangeIntent, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity)
13  0x3a3a8bd55 WebCore::FrameSelection::moveWithoutValidationTo(WebCore::Position const&, WebCore::Position const&, bool, bool, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
14  0x3a3d3547d WebCore::HTMLTextFormControlElement::setSelectionRange(int, int, WebCore::TextFieldSelectionDirection, WebCore::SelectionRevealMode, WebCore::AXTextStateChangeIntent const&)
15  0x3a3d3635b WebCore::HTMLTextAreaElement::setValueCommon(WTF::String const&)
16  0x3a3d33ff4 WebCore::HTMLTextAreaElement::setNonDirtyValue(WTF::String const&)
17  0x3a3d33cee WebCore::HTMLTextAreaElement::childrenChanged(WebCore::ContainerNode::ChildChange const&)
18  0x3a36fcf77 WebCore::ContainerNode::removeAllChildrenWithScriptAssertion(WebCore::ContainerNode::ChildChange::Source, WebCore::ContainerNode::DeferChildrenChanged)
19  0x3a3703ac6 WebCore::ContainerNode::replaceChildren(WTF::Vector<WTF::Variant<WTF::RefPtr<WebCore::Node, WTF::RawPtrTraits<WebCore::Node>, WTF::DefaultRefDerefTraits<WebCore::Node> >, WTF::String>, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&)

<rdar://76269714>
Comment 1 Ryosuke Niwa 2021-04-06 22:27:41 PDT 
Created attachment 425355 [details]
Fixes the crash
Comment 2 Ryosuke Niwa 2021-04-07 00:42:48 PDT 
Comment on attachment 425355 [details]
Fixes the crash

Clearing flags on attachment: 425355

Committed r275591 (236236@main): <https://commits.webkit.org/236236@main>
Comment 3 Ryosuke Niwa 2021-04-07 00:42:51 PDT 
All reviewed patches have been landed.  Closing bug.