42919 – crash in insertParagraph in a contentEditable list

Bug 42919 - crash in insertParagraph in a contentEditable list

Summary: crash in insertParagraph in a contentEditable list

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	HTML Editing (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC OS X 10.5

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-07-23 16:43 PDT by Ojan Vafai
Modified:	2010-07-26 11:28 PDT (History)
CC List:	6 users (show)

See Also:

Attachments
test case (154 bytes, text/html) 2010-07-23 16:43 PDT, Ojan Vafai	no flags	Details
Patch (3.70 KB, patch) 2010-07-23 17:46 PDT, Ojan Vafai	darin: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ojan Vafai 2010-07-23 16:43:27 PDT

Created attachment 62473 [details]
test case

See test case. Also, hitting enter crashes.

Comment 1 Ojan Vafai 2010-07-23 17:33:23 PDT

In a debug build we hit an assert: ASSERT(m_refChild->parentNode()->isContentEditable() || !m_refChild->parentNode()->attached());

#0	0x10193ccff in WebCore::InsertNodeBeforeCommand::InsertNodeBeforeCommand at InsertNodeBeforeCommand.cpp:43
#1	0x101520861 in WebCore::InsertNodeBeforeCommand::create at InsertNodeBeforeCommand.h:37
#2	0x101519868 in WebCore::CompositeEditCommand::insertNodeBefore at CompositeEditCommand.cpp:136
#3	0x10151a07c in WebCore::CompositeEditCommand::insertNodeAfter at CompositeEditCommand.cpp:150
#4	0x10151c2db in WebCore::CompositeEditCommand::breakOutOfEmptyListItem at CompositeEditCommand.cpp:1047
#5	0x10193d943 in WebCore::InsertParagraphSeparatorCommand::doApply at InsertParagraphSeparatorCommand.cpp:194
#6	0x1017598df in WebCore::EditCommand::apply at EditCommand.cpp:91
#7	0x101517a3e in WebCore::CompositeEditCommand::applyCommandToComposite at CompositeEditCommand.cpp:99
#8	0x102023216 in WebCore::TypingCommand::insertParagraphSeparator at TypingCommand.cpp:376
#9	0x102023699 in WebCore::TypingCommand::doApply at TypingCommand.cpp:268
#10	0x1017598df in WebCore::EditCommand::apply at EditCommand.cpp:91
#11	0x10175995a in WebCore::applyCommand at EditCommand.cpp:212
#12	0x1020238c3 in WebCore::TypingCommand::insertParagraphSeparator at TypingCommand.cpp:231
#13	0x10176a65a in WebCore::executeInsertParagraph at EditorCommand.cpp:533
#14	0x101768566 in WebCore::Editor::Command::execute at EditorCommand.cpp:1554
#15	0x10164e121 in WebCore::Document::execCommand at Document.cpp:3713
#16	0x1019f9255 in WebCore::jsDocumentPrototypeFunctionExecCommand at JSDocument.cpp:1992

Comment 2 Ojan Vafai 2010-07-23 17:34:57 PDT

We're trying to break out of an empty list item, but since the parent list element is the contentEditable element, things go wrong. In this case, we shouldn't break out. We should just split the LI.

Comment 3 Ojan Vafai 2010-07-23 17:46:03 PDT

Created attachment 62478 [details]
Patch

Comment 4 Darin Adler 2010-07-23 20:40:38 PDT

Comment on attachment 62478 [details]
Patch

LayoutTests/editing/execCommand/crash-on-enter-in-contentEditable-list.html:10
 +  \ No newline at end of file
It’s better to have a newline at the end of the file.

Comment 5 Ojan Vafai 2010-07-26 11:28:53 PDT

Committed r64056: <http://trac.webkit.org/changeset/64056>