Open Bug 1569642 Opened 6 years ago Updated 2 years ago

Assertion failure: mNextEndRef == aFirstNewContent, at /builds/worker/workspace/build/src/dom/base/nsRange.cpp:603

Tracking

()

Status:

NEW

Tracking Flags:

Tracking

Status

firefox70

---

affected

People

(Reporter: jkratzer, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: assertion, testcase, Whiteboard: [bugmon:confirmed])

Attachments

(1 file)

testcase.html 6 years ago Jason Kratzer [:jkratzer] 739 bytes, text/html		Details

Jason Kratzer [:jkratzer]

Reporter

Description

•

6 years ago

Attached file testcase.html — Details

Testcase found while fuzzing mozilla-central rev 50df4b75c9b6.

Assertion failure: mNextEndRef == aFirstNewContent, at /builds/worker/workspace/build/src/dom/base/nsRange.cpp:603

rax = 0x000055ca9fa4b180   rdx = 0x0000000000000000
rcx = 0x00007fc79a310675   rbx = 0x00007fc78b7b0340
rsi = 0x00007fc7a5d5e8b0   rdi = 0x00007fc7a5d5d680
rbp = 0x00007ffce819eed0   rsp = 0x00007ffce819eeb0
r8 = 0x00007fc7a5d5e8b0    r9 = 0x00007fc7a6ec8780
r10 = 0x0000000000000000   r11 = 0x0000000000000000
r12 = 0x00007fc78b7b0390   r13 = 0x00007fc78b7e7400
r14 = 0x00007fc78b765c00   r15 = 0x00007fc78b7e7400
rip = 0x00007fc7955c846f
OS|Linux|0.0.0 Linux 4.18.0-25-generic #26~18.04.1-Ubuntu SMP Thu Jun 27 07:28:31 UTC 2019 x86_64
CPU|amd64|family 6 model 94 stepping 3|1
GPU|||
Crash|SIGSEGV|0x0|0
0|0|libxul.so|nsRange::ContentAppended(nsIContent*)|hg:hg.mozilla.org/mozilla-central:dom/base/nsRange.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|581|0x0
0|1|libxul.so|nsNodeUtils::ContentAppended(nsIContent*, nsIContent*)|hg:hg.mozilla.org/mozilla-central:dom/base/nsNodeUtils.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|178|0x24
0|2|libxul.so|nsINode::InsertChildBefore(nsIContent*, nsIContent*, bool)|hg:hg.mozilla.org/mozilla-central:dom/base/nsINode.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1306|0x8
0|3|libxul.so|nsINode::ReplaceOrInsertBefore(bool, nsINode*, nsINode*, mozilla::ErrorResult&)|hg:hg.mozilla.org/mozilla-central:dom/base/nsINode.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|2398|0x18
0|4|libxul.so|mozilla::InsertNodeTransaction::DoTransaction()|hg:hg.mozilla.org/mozilla-central:dom/base/nsINode.h:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1717|0x17
0|5|libxul.so|mozilla::TransactionManager::BeginTransaction(nsITransaction*, nsISupports*)|hg:hg.mozilla.org/mozilla-central:editor/txmgr/TransactionManager.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|634|0x10
0|6|libxul.so|mozilla::TransactionManager::DoTransaction(nsITransaction*)|hg:hg.mozilla.org/mozilla-central:editor/txmgr/TransactionManager.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|68|0xd
0|7|libxul.so|mozilla::EditorBase::DoTransactionInternal(nsITransaction*)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/EditorBase.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|769|0x13
0|8|libxul.so|mozilla::EditorBase::InsertNodeWithTransaction(nsIContent&, mozilla::EditorDOMPointBase<nsCOMPtr<nsINode>, nsCOMPtr<nsIContent> > const&)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/EditorBase.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1434|0xb
0|9|libxul.so|mozilla::EditorBase::InsertTextWithTransaction(mozilla::dom::Document&, nsTSubstring<char16_t> const&, mozilla::EditorDOMPointBase<nsINode*, nsIContent*> const&, mozilla::EditorDOMPointBase<nsINode*, nsIContent*>*)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/EditorBase.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|2676|0x16
0|10|libxul.so|mozilla::TextEditRules::WillInsertText(mozilla::EditSubAction, bool*, bool*, nsTSubstring<char16_t> const*, nsTSubstring<char16_t>*, int)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditRules.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|806|0x19
0|11|libxul.so|mozilla::TextEditRules::WillDoAction(mozilla::EditSubActionInfo&, bool*, bool*)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditRules.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|301|0x22
0|12|libxul.so|mozilla::TextEditor::InsertTextAsSubAction(nsTSubstring<char16_t> const&)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditor.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1032|0x20
0|13|libxul.so|mozilla::TextEditor::ReplaceSelectionAsSubAction(nsTSubstring<char16_t> const&)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditor.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1251|0x5
0|14|libxul.so|mozilla::TextEditor::SetTextAsSubAction(nsTSubstring<char16_t> const&)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditor.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1229|0xf
0|15|libxul.so|mozilla::TextEditor::SetTextAsAction(nsTSubstring<char16_t> const&, nsIPrincipal*)|hg:hg.mozilla.org/mozilla-central:editor/libeditor/TextEditor.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1111|0xb
0|16|libxul.so|nsTextEditorState::SetValue(nsTSubstring<char16_t> const&, nsTSubstring<char16_t> const*, unsigned int)|hg:hg.mozilla.org/mozilla-central:dom/html/nsTextEditorState.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|2394|0x1d
0|17|libxul.so|mozilla::dom::HTMLTextAreaElement::SetValueInternal(nsTSubstring<char16_t> const&, unsigned int)|hg:hg.mozilla.org/mozilla-central:dom/html/HTMLTextAreaElement.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|282|0x14
0|18|libxul.so|mozilla::dom::HTMLTextAreaElement::Reset()|hg:hg.mozilla.org/mozilla-central:dom/html/HTMLTextAreaElement.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|651|0x10
0|19|libxul.so|mozilla::dom::HTMLTextAreaElement::ContentChanged(nsIContent*)|hg:hg.mozilla.org/mozilla-central:dom/html/HTMLTextAreaElement.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|847|0x8
0|20|libxul.so|nsNodeUtils::ContentAppended(nsIContent*, nsIContent*)|hg:hg.mozilla.org/mozilla-central:dom/base/nsNodeUtils.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|178|0x24
0|21|libxul.so|nsINode::InsertChildBefore(nsIContent*, nsIContent*, bool)|hg:hg.mozilla.org/mozilla-central:dom/base/nsINode.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1306|0x8
0|22|libxul.so|mozilla::dom::Text::SplitText(unsigned int, mozilla::ErrorResult&)|hg:hg.mozilla.org/mozilla-central:dom/base/Text.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|56|0x24
0|23|libxul.so|mozilla::dom::Text_Binding::splitText|s3:gecko-generated-sources:7b96b8386d65b44874a5198f9e6cfa86d1bfb3211a9bbc3d298d847f4d4f3f0f2b7c26012958f0d699ff8ebe4f4c756166f641701d6dde8471839750d68fd85d/dom/bindings/TextBinding.cpp:|54|0x12
0|24|libxul.so|bool mozilla::dom::binding_detail::GenericMethod<mozilla::dom::binding_detail::NormalThisPolicy, mozilla::dom::binding_detail::ThrowExceptions>(JSContext*, unsigned int, JS::Value*)|hg:hg.mozilla.org/mozilla-central:dom/bindings/BindingUtils.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|3181|0x24
0|25|libxul.so|CallJSNative(JSContext*, bool (*)(JSContext*, unsigned int, JS::Value*), JS::CallArgs const&)|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|448|0x16
0|26|libxul.so|js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct)|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|540|0x12
0|27|libxul.so|InternalCall|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|595|0xd
0|28|libxul.so|Interpret|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|599|0xf
0|29|libxul.so|js::RunScript(JSContext*, js::RunState&)|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|425|0xb
0|30|libxul.so|js::InternalCallOrConstruct(JSContext*, JS::CallArgs const&, js::MaybeConstruct)|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|568|0xf
0|31|libxul.so|InternalCall|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|595|0xd
0|32|libxul.so|js::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, js::AnyInvokeArgs const&, JS::MutableHandle<JS::Value>)|hg:hg.mozilla.org/mozilla-central:js/src/vm/Interpreter.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|611|0x5
0|33|libxul.so|JS::Call(JSContext*, JS::Handle<JS::Value>, JS::Handle<JS::Value>, JS::HandleValueArray const&, JS::MutableHandle<JS::Value>)|hg:hg.mozilla.org/mozilla-central:js/src/jsapi.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|2660|0x1c
0|34|libxul.so|mozilla::dom::EventListener::HandleEvent(JSContext*, JS::Handle<JS::Value>, mozilla::dom::Event&, mozilla::ErrorResult&)|s3:gecko-generated-sources:9ca8646d8042e9b4b76d2e1b358b984be17743b71b832c0897d61bb500e0fecbe38fa54273dc522878c87fcb2c9bfd274a8190c7bc56fbbb58cb3ca68462e527/dom/bindings/EventListenerBinding.cpp:|52|0x5
0|35|libxul.so|mozilla::EventListenerManager::HandleEventSubType(mozilla::EventListenerManager::Listener*, mozilla::dom::Event*, mozilla::dom::EventTarget*)|s3:gecko-generated-sources:f3d9c01258576daaac3afc4fb3b283652e7f1168abb5287eff6775451ebd0ab6a0e4c8d88d3a67f7147042501bc091c6dfed25b4b8ccf4e4f420897b8d0ba906/dist/include/mozilla/dom/EventListenerBinding.h:|66|0x1c
0|36|libxul.so|mozilla::EventListenerManager::HandleEventInternal(nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event**, mozilla::dom::EventTarget*, nsEventStatus*, bool)|hg:hg.mozilla.org/mozilla-central:dom/events/EventListenerManager.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1223|0x19
0|37|libxul.so|mozilla::EventTargetChainItem::HandleEvent(mozilla::EventChainPostVisitor&, mozilla::ELMCreationDetector&)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|351|0x6
0|38|libxul.so|mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|551|0x12
0|39|libxul.so|mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1048|0x1a
0|40|libxul.so|nsGlobalWindowInner::FireFrameLoadEvent(bool)|hg:hg.mozilla.org/mozilla-central:dom/base/nsGlobalWindowInner.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1956|0x23
0|41|libxul.so|nsGlobalWindowInner::PostHandleEvent(mozilla::EventChainPostVisitor&)|hg:hg.mozilla.org/mozilla-central:dom/base/nsGlobalWindowInner.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|2041|0x8
0|42|libxul.so|mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|554|0xb
0|43|libxul.so|mozilla::EventTargetChainItem::HandleEventTargetChain(nsTArray<mozilla::EventTargetChainItem>&, mozilla::EventChainPostVisitor&, mozilla::EventDispatchingCallback*, mozilla::ELMCreationDetector&)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|631|0x5
0|44|libxul.so|mozilla::EventDispatcher::Dispatch(nsISupports*, nsPresContext*, mozilla::WidgetEvent*, mozilla::dom::Event*, nsEventStatus*, mozilla::EventDispatchingCallback*, nsTArray<mozilla::dom::EventTarget*>*)|hg:hg.mozilla.org/mozilla-central:dom/events/EventDispatcher.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1048|0x1a
0|45|libxul.so|nsDocumentViewer::LoadComplete(nsresult)|hg:hg.mozilla.org/mozilla-central:layout/base/nsDocumentViewer.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1147|0x29
0|46|libxul.so|nsDocShell::EndPageLoad(nsIWebProgress*, nsIChannel*, nsresult)|hg:hg.mozilla.org/mozilla-central:docshell/base/nsDocShell.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|6693|0x14
0|47|libxul.so|nsDocShell::OnStateChange(nsIWebProgress*, nsIRequest*, unsigned int, nsresult)|hg:hg.mozilla.org/mozilla-central:docshell/base/nsDocShell.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|6493|0x18
0|48|libxul.so|nsDocLoader::DoFireOnStateChange(nsIWebProgress*, nsIRequest*, int&, nsresult)|hg:hg.mozilla.org/mozilla-central:uriloader/base/nsDocLoader.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1333|0x64
0|49|libxul.so|nsDocLoader::doStopDocumentLoad(nsIRequest*, nsresult)|hg:hg.mozilla.org/mozilla-central:uriloader/base/nsDocLoader.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|892|0x2a
0|50|libxul.so|nsDocLoader::DocLoaderIsEmpty(bool)|hg:hg.mozilla.org/mozilla-central:uriloader/base/nsDocLoader.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|726|0x15
0|51|libxul.so|nsDocLoader::OnStopRequest(nsIRequest*, nsresult)|hg:hg.mozilla.org/mozilla-central:uriloader/base/nsDocLoader.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|614|0x16
0|52|libxul.so|mozilla::net::nsLoadGroup::RemoveRequest(nsIRequest*, nsISupports*, nsresult)|hg:hg.mozilla.org/mozilla-central:netwerk/base/nsLoadGroup.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|568|0x17
0|53|libxul.so|mozilla::dom::Document::DoUnblockOnload()|hg:hg.mozilla.org/mozilla-central:dom/base/Document.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|10745|0x20
0|54|libxul.so|mozilla::dom::Document::UnblockOnload(bool)|hg:hg.mozilla.org/mozilla-central:dom/base/Document.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|10677|0x5
0|55|libxul.so|mozilla::dom::Document::DispatchContentLoadedEvents()|hg:hg.mozilla.org/mozilla-central:dom/base/Document.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|7151|0xd
0|56|libxul.so|mozilla::detail::RunnableMethodImpl<mozilla::dom::Document*, void (mozilla::dom::Document::*)(), true, (mozilla::RunnableKind)0>::Run()|hg:hg.mozilla.org/mozilla-central:xpcom/threads/nsThreadUtils.h:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1176|0x13
0|57|libxul.so|mozilla::SchedulerGroup::Runnable::Run()|hg:hg.mozilla.org/mozilla-central:xpcom/threads/SchedulerGroup.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|295|0x15
0|58|libxul.so|nsThread::ProcessNextEvent(bool, bool*)|hg:hg.mozilla.org/mozilla-central:xpcom/threads/nsThread.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|1224|0x15
0|59|libxul.so|NS_ProcessNextEvent(nsIThread*, bool)|hg:hg.mozilla.org/mozilla-central:xpcom/threads/nsThreadUtils.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|486|0x11
0|60|libxul.so|mozilla::ipc::MessagePump::Run(base::MessagePump::Delegate*)|hg:hg.mozilla.org/mozilla-central:ipc/glue/MessagePump.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|88|0xa
0|61|libxul.so|MessageLoop::RunInternal()|hg:hg.mozilla.org/mozilla-central:ipc/chromium/src/base/message_loop.cc:50df4b75c9b6c7fec8c8c4685fd188634d193e75|315|0x17
0|62|libxul.so|MessageLoop::Run()|hg:hg.mozilla.org/mozilla-central:ipc/chromium/src/base/message_loop.cc:50df4b75c9b6c7fec8c8c4685fd188634d193e75|290|0x8
0|63|libxul.so|nsBaseAppShell::Run()|hg:hg.mozilla.org/mozilla-central:widget/nsBaseAppShell.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|137|0xd
0|64|libxul.so|XRE_RunAppShell()|hg:hg.mozilla.org/mozilla-central:toolkit/xre/nsEmbedFunctions.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|919|0x11
0|65|libxul.so|mozilla::ipc::MessagePumpForChildProcess::Run(base::MessagePump::Delegate*)|hg:hg.mozilla.org/mozilla-central:ipc/glue/MessagePump.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|238|0x5
0|66|libxul.so|MessageLoop::RunInternal()|hg:hg.mozilla.org/mozilla-central:ipc/chromium/src/base/message_loop.cc:50df4b75c9b6c7fec8c8c4685fd188634d193e75|315|0x17
0|67|libxul.so|MessageLoop::Run()|hg:hg.mozilla.org/mozilla-central:ipc/chromium/src/base/message_loop.cc:50df4b75c9b6c7fec8c8c4685fd188634d193e75|290|0x8
0|68|libxul.so|XRE_InitChildProcess(int, char**, XREChildData const*)|hg:hg.mozilla.org/mozilla-central:toolkit/xre/nsEmbedFunctions.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|754|0xc
0|69|firefox-bin|content_process_main(mozilla::Bootstrap*, int, char**)|hg:hg.mozilla.org/mozilla-central:ipc/contentproc/plugin-container.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|56|0x14
0|70|firefox-bin|main|hg:hg.mozilla.org/mozilla-central:browser/app/nsBrowserApp.cpp:50df4b75c9b6c7fec8c8c4685fd188634d193e75|267|0x12
0|71|libc-2.27.so||||0x21b97
0|72|firefox-bin|MOZ_ReportCrash|hg:hg.mozilla.org/mozilla-central:mfbt/Assertions.h:50df4b75c9b6c7fec8c8c4685fd188634d193e75|184|0x5

Flags: in-testsuite?

Olli Pettay [:smaug][bugs@pettay.fi]

Updated

•

6 years ago

Component: DOM: Core & HTML → Editor

Olli Pettay [:smaug][bugs@pettay.fi]

Comment 1

•

6 years ago

Makoto, TransactionManager is doing something unexpected I think.

Flags: needinfo?(m_kato)

Olli Pettay [:smaug][bugs@pettay.fi]

Updated

•

6 years ago

Priority: -- → P3

Makoto Kato [:m_kato]

Comment 2

•

6 years ago

(In reply to Olli Pettay [:smaug] from comment #1)

Makoto, TransactionManager is doing something unexpected I think.

Yes, I guess that we might have to optimize SetText translation for this. I seem that Resetting value causes this issue.

Also, this is assertion only, so P3.

Flags: needinfo?(m_kato)

Bugmon [:jkratzer for issues]

Comment 3

•

4 years ago

Bugmon Analysis:
Verified bug as reproducible on mozilla-central 20210224215151-69be3221f49a.

Whiteboard: [bugmon:confirmed]

Kagami Rosylight [:saschanaz] (they/them)

Updated

•

4 years ago

Blocks: 1697620

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Assertion failure: mNextEndRef == aFirstNewContent, at /builds/worker/workspace/build/src/dom/base/nsRange.cpp:603

Categories

(Core :: DOM: Editor, defect, P3)

Tracking

()

People

(Reporter: jkratzer, Unassigned)

References

(Blocks 2 open bugs)

Details

(Keywords: assertion, testcase, Whiteboard: [bugmon:confirmed])

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Comment 1

Updated

Comment 2

Comment 3

Updated

Updated

Updated

Attachment

General

Description

File Name

Content Type