Bug 85793 - Caret is not rendered in empty inline contenteditable elements
Summary: Caret is not rendered in empty inline contenteditable elements
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: HTML Editing (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Shezan Baig
URL:
Keywords:
Depends on: 88493
Blocks:
  Show dependency treegraph
 
Reported: 2012-05-07 05:19 PDT by micke
Modified: 2012-06-08 18:57 PDT (History)
9 users (show)

See Also:

Attachments
test to demonstrate the problem (533 bytes, text/html)
2012-05-07 05:19 PDT, micke 		no flags Details
Patch (13.56 KB, patch)
2012-05-21 14:27 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Archive of layout-test-results from ec2-cr-linux-03 (800.76 KB, application/zip)
2012-05-21 18:37 PDT, WebKit Review Bot 		no flags Details
Patch (with svg rebaseline) (118.45 KB, patch)
2012-06-06 11:28 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Patch (with changes from comment 7 and comment 8) (15.79 KB, patch)
2012-06-06 13:59 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Patch (with UNUSED_PARAM for inlineBox) (15.85 KB, patch)
2012-06-06 14:18 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Patch (using ASSERT_UNUSED) (15.81 KB, patch)
2012-06-06 14:44 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Patch (without firstChild assertion) (16.07 KB, patch)
2012-06-07 14:00 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Patch (with change from comment 21) (16.10 KB, patch)
2012-06-08 12:23 PDT, Shezan Baig 		no flags Details | Formatted Diff | Diff
Show Obsolete (7) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description micke 2012-05-07 05:19:13 PDT 
Created attachment 140512 [details]
test to demonstrate the problem

A contenteditable field with style display:inline does not render a caret when it is empty. As soon as you start typing, the caret will be displayed, but if all characters are deleted, it will disappear again. 
If the field has display:block or display:inline-block, the caret is rendered correctly.

See attached file for demo.

Tested in Chromium in Debian Wheezy: 18.0.1025.151 (Developer Build 85dfed9 Linux) Debian wheezy/sid
Comment 1 Alexey Proskuryakov 2012-05-07 10:23:13 PDT 
See also: bug 20129.
Comment 2 Shezan Baig 2012-05-07 13:45:43 PDT 
When the element is not empty, RenderText::localCaretRect is used to compute the caret location.

When the element is empty, RenderObject::localCaretRect is used, which returns an empty rect.  The renderer used in this case is a RenderInline, which doesn't override 'localCaretRect' from RenderObject.

It looks like we need to add an implementation of RenderInline::localCaretRect.  I'm guessing it will be very similar to RenderText::localCaretRect.  I'll start experimenting with this.
Comment 3 Shezan Baig 2012-05-21 14:27:29 PDT 
Created attachment 143096 [details]
Patch
Comment 4 WebKit Review Bot 2012-05-21 18:37:38 PDT 
Comment on attachment 143096 [details]
Patch

Attachment 143096 [details] did not pass chromium-ews (chromium-xvfb):
Output: http://queues.webkit.org/results/12730835

New failing tests:
svg/wicd/test-rightsizing-b.xhtml
editing/style/text-indent.html
svg/zoom/page/zoom-background-image-tiled.html
svg/animations/svgnumberoptionalnumber-animation-1.html
Comment 5 WebKit Review Bot 2012-05-21 18:37:43 PDT 
Created attachment 143163 [details]
Archive of layout-test-results from ec2-cr-linux-03

The attached test failures were seen while running run-webkit-tests on the chromium-ews.
Bot: ec2-cr-linux-03  Port: <class 'webkitpy.common.config.ports.ChromiumXVFBPort'>  Platform: Linux-2.6.35-28-virtual-x86_64-with-Ubuntu-10.10-maverick
Comment 6 Shezan Baig 2012-06-06 11:28:56 PDT 
Created attachment 146073 [details]
Patch (with svg rebaseline)

I'm not entirely sure why this change would have any effect on the svg tests.  I don't notice any differences in the rebaselined images, but I'm attaching the rebaseline anyway.
Comment 7 Ryosuke Niwa 2012-06-06 12:06:18 PDT 
Comment on attachment 146073 [details]
Patch (with svg rebaseline)

View in context: https://bugs.webkit.org/attachment.cgi?id=146073&action=review

Why are you rebaselining the SVG test!?

> Source/WebCore/rendering/RenderBoxModelObject.cpp:3036
> +    x = min(x, max(width - borderRight() - paddingRight() - caretWidth, ZERO_LAYOUT_UNIT));

Should we extract width - (borderRight() + paddingRight()) - caretWidth as a local variable somewhere?
Note that it's used in alignRight.

> Source/WebCore/rendering/RenderInline.cpp:239
> +    // This will only be called if the RenderInline is empty.
> +    // Otherwise, RenderText::localCaretRect will be called.

Should we also assert the incoming InlineBox* is empty?

> LayoutTests/editing/selection/caret-in-empty-inline-expected.txt:5
> + PASS caretRect.left is 8

Why do we have a space here?
Comment 8 Robert Hogan 2012-06-06 12:57:46 PDT 
Comment on attachment 146073 [details]
Patch (with svg rebaseline)

View in context: https://bugs.webkit.org/attachment.cgi?id=146073&action=review

> Source/WebCore/rendering/RenderInline.cpp:248
> +    if (InlineBox* firstBox = firstLineBox())
> +        caretRect.moveBy(roundedLayoutPoint(firstBox->topLeft()));

I'm pretty sure <span id="testInline" CONTENTEDITABLE></span> doesn't create a line box, so can you comment why this code is necessary? Or maybe a test to cover it?

>> LayoutTests/editing/selection/caret-in-empty-inline-expected.txt:5
>> + PASS caretRect.left is 8
> 
> Why do we have a space here?

I'm guessing that's the <span>. A <br> before the console element should get rid of it I guess.
Comment 9 Shezan Baig 2012-06-06 13:59:21 PDT 
Created attachment 146103 [details]
Patch (with changes from comment 7 and comment 8)
Comment 10 Shezan Baig 2012-06-06 14:08:04 PDT 
Comment on attachment 146103 [details]
Patch (with changes from comment 7 and comment 8)

obsoleting because of unused param
Comment 11 Shezan Baig 2012-06-06 14:18:04 PDT 
Created attachment 146109 [details]
Patch (with UNUSED_PARAM for inlineBox)
Comment 12 Ryosuke Niwa 2012-06-06 14:25:06 PDT 
Comment on attachment 146109 [details]
Patch (with UNUSED_PARAM for inlineBox)

View in context: https://bugs.webkit.org/attachment.cgi?id=146109&action=review

> Source/WebCore/rendering/RenderInline.cpp:245
> +#if ASSERT_DISABLED
> +    UNUSED_PARAM(inlineBox);
> +#else
> +    ASSERT(!inlineBox);
> +#endif

Use ASSERT_UNUSED instead.
Comment 13 Shezan Baig 2012-06-06 14:27:08 PDT 
Comment on attachment 146109 [details]
Patch (with UNUSED_PARAM for inlineBox)

to use ASSERT_UNUSED
Comment 14 Shezan Baig 2012-06-06 14:44:44 PDT 
Created attachment 146114 [details]
Patch (using ASSERT_UNUSED)
Comment 15 WebKit Review Bot 2012-06-06 20:11:29 PDT 
Comment on attachment 146114 [details]
Patch (using ASSERT_UNUSED)

Clearing flags on attachment: 146114

Committed r119668: <http://trac.webkit.org/changeset/119668>
Comment 16 WebKit Review Bot 2012-06-06 20:11:35 PDT 
All reviewed patches have been landed.  Closing bug.
Comment 17 WebKit Review Bot 2012-06-06 21:14:35 PDT 
Re-opened since this is blocked by 88493
Comment 18 Ryosuke Niwa 2012-06-06 21:20:47 PDT 
Comment on attachment 146114 [details]
Patch (using ASSERT_UNUSED)

View in context: https://bugs.webkit.org/attachment.cgi?id=146114&action=review

> Source/WebCore/rendering/RenderInline.cpp:240
> +    ASSERT(!firstChild());

We're hitting this assertion in the following tests:
editing/deleting/delete-block-merge-contents-025.html
editing/selection/mixed-editability-10.html
editing/selection/selection-applet.html
Comment 19 Ryosuke Niwa 2012-06-06 21:27:16 PDT 
See http://build.webkit.org/results/Lion%20Debug%20(Tests)/r119668%20(7409)/results.html for stack traces:

editing/selection/selection-applet.html
0   com.apple.WebCore             	0x000000010af72985 WebCore::RenderInline::localCaretRect(WebCore::InlineBox*, int, WebCore::FractionalLayoutUnit*) + 117 (RenderInline.cpp:240)
1   com.apple.WebCore             	0x000000010b4bc276 WebCore::VisiblePosition::localCaretRect(WebCore::RenderObject*&) const + 262 (VisiblePosition.cpp:618)
2   com.apple.WebCore             	0x000000010a42b1e9 WebCore::CaretBase::updateCaretRect(WebCore::Document*, WebCore::VisiblePosition const&) + 297 (FrameSelection.cpp:1183)
3   com.apple.WebCore             	0x000000010a431c28 WebCore::FrameSelection::localCaretRect() + 376 (FrameSelection.cpp:1241)
4   com.apple.WebCore             	0x000000010a431ea2 WebCore::FrameSelection::recomputeCaretRect() + 178 (FrameSelection.cpp:1294)
5   com.apple.WebCore             	0x000000010a42be3f WebCore::FrameSelection::updateAppearance() + 31 (FrameSelection.cpp:1691)
6   com.apple.WebCore             	0x000000010a42a860 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, unsigned int, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity) + 784 (FrameSelection.cpp:290)
7   com.apple.WebCore             	0x000000010a42a519 WebCore::FrameSelection::moveTo(WebCore::VisiblePosition const&, WebCore::EUserTriggered, WebCore::FrameSelection::CursorAlignOnScroll) + 265 (FrameSelection.cpp:130)
8   com.apple.WebCore             	0x000000010a219ca0 WebCore::DOMSelection::setPosition(WebCore::Node*, int, int&) + 192 (DOMSelection.cpp:283)
9   com.apple.WebCore             	0x000000010a885f3c WebCore::jsDOMSelectionPrototypeFunctionSetPosition(JSC::ExecState*) + 620 (JSDOMSelection.cpp:537)
10  ???                           	0x00005f1303a01265 0 + 104535269839461
11  com.apple.JavaScriptCore      	0x0000000108c20d94 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 84 (JITCode.h:127)
12  com.apple.JavaScriptCore      	0x0000000108c1caaf JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) + 4863 (Interpreter.cpp:1231)
13  com.apple.JavaScriptCore      	0x0000000108b0df3c JSC::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 492 (Completion.cpp:75)
14  com.apple.WebCore             	0x000000010a9eec4d WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 77 (JSMainThreadExecState.h:76)
15  com.apple.WebCore             	0x000000010b163863 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 371 (ScriptController.cpp:145)
16  com.apple.WebCore             	0x000000010b163994 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) + 68 (ScriptController.cpp:162)
17  com.apple.WebCore             	0x000000010b17933f WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 495 (ScriptElement.cpp:295)
18  com.apple.WebCore             	0x000000010b17836d WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1693 (ScriptElement.cpp:240)
19  com.apple.WebCore             	0x000000010a5af643 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 419 (HTMLScriptRunner.cpp:298)
20  com.apple.WebCore             	0x000000010a5af3fc WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 156 (HTMLScriptRunner.cpp:172)
21  com.apple.WebCore             	0x000000010a524445 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 277 (HTMLDocumentParser.cpp:207)
22  com.apple.WebCore             	0x000000010a52452b WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 171 (HTMLDocumentParser.cpp:225)
23  com.apple.WebCore             	0x000000010a523df4 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 420 (HTMLDocumentParser.cpp:263)
24  com.apple.WebCore             	0x000000010a523a55 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 197 (HTMLDocumentParser.cpp:178)
25  com.apple.WebCore             	0x000000010a5249bf WebCore::HTMLDocumentParser::append(WebCore::SegmentedString const&) + 335 (HTMLDocumentParser.cpp:372)
26  com.apple.WebCore             	0x000000010a0ee864 WebCore::DecodedDataDocumentParser::flush(WebCore::DocumentWriter*) + 164 (DecodedDataDocumentParser.cpp:60)
27  com.apple.WebCore             	0x000000010a192273 WebCore::DocumentWriter::end() + 291 (DocumentWriter.cpp:239)
28  com.apple.WebCore             	0x000000010a17289f WebCore::DocumentLoader::finishedLoading() + 207 (DocumentLoader.cpp:300)
29  com.apple.WebCore             	0x000000010ad1be76 WebCore::MainResourceLoader::didFinishLoading(double) + 278 (MainResourceLoader.cpp:545)
30  com.apple.WebCore             	0x000000010b123005 WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) + 53 (ResourceLoader.cpp:436)
31  com.apple.WebCore             	0x000000010b11fc1b -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] + 187 (ResourceHandleMac.mm:861)

editing/selection/mixed-editability-10.html
0   com.apple.WebCore             	0x000000010b3e7985 WebCore::RenderInline::localCaretRect(WebCore::InlineBox*, int, WebCore::FractionalLayoutUnit*) + 117 (RenderInline.cpp:240)
1   com.apple.WebCore             	0x000000010b931276 WebCore::VisiblePosition::localCaretRect(WebCore::RenderObject*&) const + 262 (VisiblePosition.cpp:618)
2   com.apple.WebCore             	0x000000010a8a01e9 WebCore::CaretBase::updateCaretRect(WebCore::Document*, WebCore::VisiblePosition const&) + 297 (FrameSelection.cpp:1183)
3   com.apple.WebCore             	0x000000010a8a6c28 WebCore::FrameSelection::localCaretRect() + 376 (FrameSelection.cpp:1241)
4   com.apple.WebCore             	0x000000010a8a6ea2 WebCore::FrameSelection::recomputeCaretRect() + 178 (FrameSelection.cpp:1294)
5   com.apple.WebCore             	0x000000010a8a0e3f WebCore::FrameSelection::updateAppearance() + 31 (FrameSelection.cpp:1691)
6   com.apple.WebCore             	0x000000010a8b35f5 WebCore::FrameView::performPostLayoutTasks() + 117 (FrameView.cpp:2353)
7   com.apple.WebCore             	0x000000010a8b303c WebCore::FrameView::layout(bool) + 4012 (FrameView.cpp:1157)
8   com.apple.WebCore             	0x000000010a59dc1e WebCore::Document::updateLayout() + 270 (Document.cpp:1863)
9   com.apple.WebCore             	0x000000010a59dcf5 WebCore::Document::updateLayoutIgnorePendingStylesheets() + 197 (Document.cpp:1896)
10  com.apple.WebCore             	0x000000010b92eaf3 WebCore::VisiblePosition::canonicalPosition(WebCore::Position const&) + 195 (VisiblePosition.cpp:519)
11  com.apple.WebCore             	0x000000010b92e971 WebCore::VisiblePosition::init(WebCore::Position const&, WebCore::EAffinity) + 49 (VisiblePosition.cpp:58)
12  com.apple.WebCore             	0x000000010b92e933 WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity) + 51 (VisiblePosition.cpp:52)
13  com.apple.WebCore             	0x000000010b92e8f3 WebCore::VisiblePosition::VisiblePosition(WebCore::Position const&, WebCore::EAffinity) + 35 (VisiblePosition.cpp:52)
14  com.apple.WebCore             	0x000000010a8a6c11 WebCore::FrameSelection::localCaretRect() + 353 (FrameSelection.cpp:1241)
15  com.apple.WebCore             	0x000000010a8a6ea2 WebCore::FrameSelection::recomputeCaretRect() + 178 (FrameSelection.cpp:1294)
16  com.apple.WebCore             	0x000000010a8a0e3f WebCore::FrameSelection::updateAppearance() + 31 (FrameSelection.cpp:1691)
17  com.apple.WebCore             	0x000000010a89f860 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, unsigned int, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity) + 784 (FrameSelection.cpp:290)
18  com.apple.WebCore             	0x000000010a8a9a70 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, WebCore::TextGranularity) + 48 (FrameSelection.h:143)
19  com.apple.WebCore             	0x000000010a8a0661 WebCore::FrameSelection::setNonDirectionalSelectionIfNeeded(WebCore::VisibleSelection const&, WebCore::TextGranularity, WebCore::FrameSelection::EndPointsAdjustmentMode) + 801 (FrameSelection.cpp:241)
20  com.apple.WebCore             	0x000000010a7d4d20 WebCore::EventHandler::updateSelectionForMouseDownDispatchingSelectStart(WebCore::Node*, WebCore::VisibleSelection const&, WebCore::TextGranularity) + 176 (EventHandler.cpp:414)
21  com.apple.WebCore             	0x000000010a7d591b WebCore::EventHandler::handleMousePressEventSingleClick(WebCore::MouseEventWithHitTestResults const&) + 1243 (EventHandler.cpp:547)
22  com.apple.WebCore             	0x000000010a7d5d3b WebCore::EventHandler::handleMousePressEvent(WebCore::MouseEventWithHitTestResults const&) + 827 (EventHandler.cpp:627)
23  com.apple.WebCore             	0x000000010a7da6b5 WebCore::EventHandler::handleMousePressEvent(WebCore::PlatformMouseEvent const&) + 2325 (EventHandler.cpp:1620)
24  com.apple.WebCore             	0x000000010a7e9c72 WebCore::EventHandler::mouseDown(NSEvent*) + 146 (EventHandlerMac.mm:473)
25  com.apple.WebKit              	0x0000000109c80f37 -[WebHTMLView mouseDown:] + 727 (WebHTMLView.mm:3589)

editing/deleting/delete-block-merge-contents-025.html
0   com.apple.WebCore             	0x0000000109b44985 WebCore::RenderInline::localCaretRect(WebCore::InlineBox*, int, WebCore::FractionalLayoutUnit*) + 117 (RenderInline.cpp:240)
1   com.apple.WebCore             	0x000000010a08e276 WebCore::VisiblePosition::localCaretRect(WebCore::RenderObject*&) const + 262 (VisiblePosition.cpp:618)
2   com.apple.WebCore             	0x000000010a08e2a3 WebCore::VisiblePosition::absoluteCaretBounds() const + 35 (VisiblePosition.cpp:623)
3   com.apple.WebCore             	0x0000000108cd4dd3 WebCore::DeleteSelectionCommand::mergeParagraphs() + 1555 (DeleteSelectionCommand.cpp:606)
4   com.apple.WebCore             	0x0000000108cd6361 WebCore::DeleteSelectionCommand::doApply() + 1217 (DeleteSelectionCommand.cpp:814)
5   com.apple.WebCore             	0x0000000108b3733f WebCore::CompositeEditCommand::applyCommandToComposite(WTF::PassRefPtr<WebCore::EditCommand>) + 79 (CompositeEditCommand.cpp:257)
6   com.apple.WebCore             	0x0000000108b39513 WebCore::CompositeEditCommand::deleteSelection(WebCore::VisibleSelection const&, bool, bool, bool, bool, bool) + 227 (CompositeEditCommand.cpp:565)
7   com.apple.WebCore             	0x000000010a07a61f WebCore::TypingCommand::deleteKeyPressed(WebCore::TextGranularity, bool) + 2991 (TypingCommand.cpp:522)
8   com.apple.WebCore             	0x000000010a07c19a WebCore::TypingCommand::doApply() + 218 (TypingCommand.cpp:268)
9   com.apple.WebCore             	0x0000000108b36f1d WebCore::CompositeEditCommand::apply() + 445 (CompositeEditCommand.cpp:205)
10  com.apple.WebCore             	0x000000010a07995a WebCore::TypingCommand::deleteKeyPressed(WebCore::Document*, unsigned int, WebCore::TextGranularity) + 426 (TypingCommand.cpp:125)
11  com.apple.WebCore             	0x0000000108efd7f7 _ZN7WebCoreL13executeDeleteEPNS_5FrameEPNS_5EventENS_19EditorCommandSourceERKN3WTF6StringE + 183 (EditorCommand.cpp:334)
12  com.apple.WebCore             	0x0000000108efc8b0 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 208 (EditorCommand.cpp:1690)
13  com.apple.WebCore             	0x0000000108d0497e WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) + 78 (Document.cpp:4484)
14  com.apple.WebCore             	0x00000001094223dd WebCore::jsDocumentPrototypeFunctionExecCommand(JSC::ExecState*) + 1069 (JSDocument.cpp:2504)
15  ???                           	0x00003d6a62001265 0 + 67527119999589
16  com.apple.JavaScriptCore      	0x00000001077f1d94 JSC::JITCode::execute(JSC::RegisterFile*, JSC::ExecState*, JSC::JSGlobalData*) + 84 (JITCode.h:127)
17  com.apple.JavaScriptCore      	0x00000001077edaaf JSC::Interpreter::execute(JSC::ProgramExecutable*, JSC::ExecState*, JSC::ScopeChainNode*, JSC::JSObject*) + 4863 (Interpreter.cpp:1231)
18  com.apple.JavaScriptCore      	0x00000001076def3c JSC::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 492 (Completion.cpp:75)
19  com.apple.WebCore             	0x00000001095c0c4d WebCore::JSMainThreadExecState::evaluate(JSC::ExecState*, JSC::ScopeChainNode*, JSC::SourceCode const&, JSC::JSValue, JSC::JSValue*) + 77 (JSMainThreadExecState.h:76)
20  com.apple.WebCore             	0x0000000109d35863 WebCore::ScriptController::evaluateInWorld(WebCore::ScriptSourceCode const&, WebCore::DOMWrapperWorld*) + 371 (ScriptController.cpp:145)
21  com.apple.WebCore             	0x0000000109d35994 WebCore::ScriptController::evaluate(WebCore::ScriptSourceCode const&) + 68 (ScriptController.cpp:162)
22  com.apple.WebCore             	0x0000000109d4b33f WebCore::ScriptElement::executeScript(WebCore::ScriptSourceCode const&) + 495 (ScriptElement.cpp:295)
23  com.apple.WebCore             	0x0000000109d4a36d WebCore::ScriptElement::prepareScript(WTF::TextPosition const&, WebCore::ScriptElement::LegacyTypeSupport) + 1693 (ScriptElement.cpp:240)
24  com.apple.WebCore             	0x0000000109181643 WebCore::HTMLScriptRunner::runScript(WebCore::Element*, WTF::TextPosition const&) + 419 (HTMLScriptRunner.cpp:298)
25  com.apple.WebCore             	0x00000001091813fc WebCore::HTMLScriptRunner::execute(WTF::PassRefPtr<WebCore::Element>, WTF::TextPosition const&) + 156 (HTMLScriptRunner.cpp:172)
26  com.apple.WebCore             	0x00000001090f6445 WebCore::HTMLDocumentParser::runScriptsForPausedTreeBuilder() + 277 (HTMLDocumentParser.cpp:207)
27  com.apple.WebCore             	0x00000001090f652b WebCore::HTMLDocumentParser::canTakeNextToken(WebCore::HTMLDocumentParser::SynchronousMode, WebCore::PumpSession&) + 171 (HTMLDocumentParser.cpp:225)
28  com.apple.WebCore             	0x00000001090f5df4 WebCore::HTMLDocumentParser::pumpTokenizer(WebCore::HTMLDocumentParser::SynchronousMode) + 420 (HTMLDocumentParser.cpp:263)
29  com.apple.WebCore             	0x00000001090f5a55 WebCore::HTMLDocumentParser::pumpTokenizerIfPossible(WebCore::HTMLDocumentParser::SynchronousMode) + 197 (HTMLDocumentParser.cpp:178)
30  com.apple.WebCore             	0x00000001090f69bf WebCore::HTMLDocumentParser::append(WebCore::SegmentedString const&) + 335 (HTMLDocumentParser.cpp:372)
31  com.apple.WebCore             	0x0000000108cc0864 WebCore::DecodedDataDocumentParser::flush(WebCore::DocumentWriter*) + 164 (DecodedDataDocumentParser.cpp:60)
32  com.apple.WebCore             	0x0000000108d64273 WebCore::DocumentWriter::end() + 291 (DocumentWriter.cpp:239)
33  com.apple.WebCore             	0x0000000108d4489f WebCore::DocumentLoader::finishedLoading() + 207 (DocumentLoader.cpp:300)
34  com.apple.WebCore             	0x00000001098ede76 WebCore::MainResourceLoader::didFinishLoading(double) + 278 (MainResourceLoader.cpp:545)
35  com.apple.WebCore             	0x0000000109cf5005 WebCore::ResourceLoader::didFinishLoading(WebCore::ResourceHandle*, double) + 53 (ResourceLoader.cpp:436)
36  com.apple.WebCore             	0x0000000109cf1c1b -[WebCoreResourceHandleAsDelegate connectionDidFinishLoading:] + 187 (ResourceHandleMac.mm:861)
37  com.apple.Foundation          	0x00007fff8acf5662 ___NSURLConnectionDidFinishLoading_block_invoke_1 + 122
38  com.apple.Foundation          	0x00007fff8acf55e2 _NSURLConnectionDidFinishLoading + 81
39  com.apple.CFNetwork           	0x00007fff8859b4fe URLConnectionClient::_clientDidFinishLoading(URLConnectionClient::ClientConnectionEventQueue*) + 296
40  com.apple.CFNetwork           	0x00007fff8864b91e URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 862
41  com.apple.CFNetwork           	0x00007fff8864bb0a URLConnectionClient::ClientConnectionEventQueue::processAllEventsAndConsumePayload(XConnectionEventInfo<XClientEvent, XClientEventParams>*, long) + 1354
42  com.apple.CFNetwork           	0x00007fff88576389 URLConnectionClient::processEvents() + 185
43  com.apple.CFNetwork           	0x00007fff8857622e MultiplexerSource::perform() + 212
Comment 20 Shezan Baig 2012-06-07 14:00:57 PDT 
Created attachment 146383 [details]
Patch (without firstChild assertion)

The assertion is triggered when a RenderInline contains a RenderText, and is at an editable boundary.  For now, I'm just returning an empty caret rect in this case, which matches the previous behavior, however we should probably have another bug for this case.
Comment 21 Ryosuke Niwa 2012-06-08 11:34:10 PDT 
Comment on attachment 146383 [details]
Patch (without firstChild assertion)

View in context: https://bugs.webkit.org/attachment.cgi?id=146383&action=review

> Source/WebCore/rendering/RenderInline.cpp:244
> +    if (firstChild())
> +        // This condition is possible if the RenderInline is at an editing boundary,
> +        // i.e. the VisiblePosition is:
> +        //   <RenderInline editingBoundary=true>|<RenderText> </RenderText></RenderInline>
> +        // FIXME: need to figure out how to make this return a valid rect, note that
> +        // there are no line boxes created in the above case.
> +        return LayoutRect();

You need curly brackets around this.
Comment 22 Shezan Baig 2012-06-08 12:23:42 PDT 
Created attachment 146627 [details]
Patch (with change from comment 21)
Comment 23 WebKit Review Bot 2012-06-08 18:56:58 PDT 
Comment on attachment 146627 [details]
Patch (with change from comment 21)

Clearing flags on attachment: 146627

Committed r119884: <http://trac.webkit.org/changeset/119884>
Comment 24 WebKit Review Bot 2012-06-08 18:57:04 PDT 
All reviewed patches have been landed.  Closing bug.