DCHECK hit in Chrome for Android debug build when typing on physical keyboard with virtual keyboard active |
||
Issue descriptionChrome Version: 63.0.3235.0 (Developer Build) unknown 32-bit OS: Android N What steps will reproduce the problem? (1) Set up an Android test device with a physical keyboard and Gboard as the active keyboard. (2) Enable showing the virtual keyboard while the physical keyboard is active. (3) Go to editpad.org. On the physical keyboard, type a letter, then hit "enter" twice. What is the expected result? Shouldn't crash. What happens instead? Hits DCHECK and crashes the renderer. pid: 4707, tid: 4722, name: CrRendererMain >>> org.chromium.chrome:sandboxed_process0 <<< signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr -------- [FATAL:HTMLTextAreaElement.cpp(280)] Check failed: IsHTMLBRElement(node). Stack Trace: RELADDR FUNCTION FILE:LINE 000a65d3 ~LogMessage /usr/local/google/code/clankium/src/base/logging.cc:560 0089d1c1 blink::HTMLTextAreaElement::SubtreeHasChanged() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/html/HTMLTextAreaElement.cpp:280 008f07d9 blink::TextControlInnerEditorElement::DefaultEventHandler(blink::Event*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/html/forms/TextControlInnerElements.cpp:125 00735581 blink::EventDispatcher::DispatchEventPostProcess(blink::Node*, blink::EventDispatchHandlingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:323 ----------------------------------------------------- r0 00000000 r1 00001272 r2 00000006 r3 00000008 r4 e54a3978 r5 00000006 r6 e54a3920 r7 0000010c r8 e54a0494 r9 0000004a sl e54a003c fp 51dc6268 ip 00000002 sp e549ffb8 lr e7fe4507 pc e7fe6d64 Stack Trace: RELADDR FUNCTION FILE:LINE 00049d64 tgkill+12 /system/lib/libc.so 00047503 pthread_kill+34 /system/lib/libc.so 0001d855 raise+10 /system/lib/libc.so 000193a1 __libc_android_abort+34 /system/lib/libc.so 00017014 abort+4 /system/lib/libc.so v------> base::debug::(anonymous namespace)::DebugBreak() /usr/local/google/code/clankium/src/base/debug/debugger_posix.cc:228 00095155 base::debug::BreakDebugger() /usr/local/google/code/clankium/src/base/debug/debugger_posix.cc:258 000a67c1 ~LogMessage /usr/local/google/code/clankium/src/base/logging.cc:791 0089d1bf blink::HTMLTextAreaElement::SubtreeHasChanged() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/html/HTMLTextAreaElement.cpp:280 008f07d9 blink::TextControlInnerEditorElement::DefaultEventHandler(blink::Event*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/html/forms/TextControlInnerElements.cpp:125 00735581 blink::EventDispatcher::DispatchEventPostProcess(blink::Node*, blink::EventDispatchHandlingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:323 00735129 blink::EventDispatcher::Dispatch() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:187 00734a23 blink::EventDispatchMediator::DispatchEvent(blink::EventDispatcher&) const /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatchMediator.cpp:51 00734cdd blink::EventDispatcher::DispatchEvent(blink::Node&, blink::EventDispatchMediator*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:60 0074e361 blink::DispatchEditableContentChangedEvents(blink::Element*, blink::Element*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/Editor.cpp:906 0074e1d7 blink::Editor::AppliedEditing(blink::CompositeEditCommand*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/Editor.cpp:931 00792a77 blink::TypingCommand::InsertLineBreak(blink::EditingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/TypingCommand.cpp:685 00792cc9 blink::TypingCommand::DoApply(blink::EditingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/TypingCommand.cpp:526 0077bcdf blink::CompositeEditCommand::Apply() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/CompositeEditCommand.cpp:151 00792a2d blink::TypingCommand::InsertLineBreak(blink::Document&) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/TypingCommand.cpp:453 0074cff5 blink::Editor::InsertLineBreak() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/Editor.cpp:1088 0074cd81 blink::Editor::HandleTextEvent(blink::TextEvent*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/Editor.cpp:275 009511cb blink::EventHandler::DefaultTextInputEventHandler(blink::TextEvent*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/input/EventHandler.cpp:2037 00735581 blink::EventDispatcher::DispatchEventPostProcess(blink::Node*, blink::EventDispatchHandlingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:323 00735129 blink::EventDispatcher::Dispatch() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:187 00734a23 blink::EventDispatchMediator::DispatchEvent(blink::EventDispatcher&) const /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatchMediator.cpp:51 00734cdd blink::EventDispatcher::DispatchEvent(blink::Node&, blink::EventDispatchMediator*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:60 00951197 blink::EventHandler::HandleTextInputEvent(WTF::String const&, blink::Event*, blink::TextEventInputType) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/input/EventHandler.cpp:2032 0078455b blink::ExecuteInsertNewline(blink::LocalFrame&, blink::Event*, blink::EditorCommandSource, WTF::String const&) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/EditorCommand.cpp:1025 0078380d blink::Editor::Command::Execute(blink::Event*) const /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/commands/EditorCommand.cpp:3043 007503ed blink::Editor::HandleEditingKeyboardEvent(blink::KeyboardEvent*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/EditorKeyBindings.cpp:58 0075049f blink::Editor::HandleKeyboardEvent(blink::KeyboardEvent*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/editing/EditorKeyBindings.cpp:85 00953827 blink::KeyboardEventManager::DefaultKeyboardEventHandler(blink::KeyboardEvent*, blink::Node*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/input/KeyboardEventManager.cpp:309 00735581 blink::EventDispatcher::DispatchEventPostProcess(blink::Node*, blink::EventDispatchHandlingState*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:323 00735129 blink::EventDispatcher::Dispatch() /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:187 00734a23 blink::EventDispatchMediator::DispatchEvent(blink::EventDispatcher&) const /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatchMediator.cpp:51 00734cdd blink::EventDispatcher::DispatchEvent(blink::Node&, blink::EventDispatchMediator*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/dom/events/EventDispatcher.cpp:60 009536c3 blink::KeyboardEventManager::KeyEvent(blink::WebKeyboardEvent const&) /data/app/org.chromium.chrome-1/lib/arm/libblink_core.cr.so 007e0289 blink::WebViewImpl::HandleKeyEvent(blink::WebKeyboardEvent const&) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/exported/WebViewImpl.cpp:990 00ae1439 blink::PageWidgetDelegate::HandleInputEvent(blink::PageWidgetEventHandler&, blink::WebCoalescedInputEvent const&, blink::LocalFrame*) /data/app/org.chromium.chrome-1/lib/arm/libblink_core.cr.so 007dfb89 blink::WebViewImpl::HandleInputEvent(blink::WebCoalescedInputEvent const&) /usr/local/google/code/clankium/src/third_party/WebKit/Source/core/exported/WebViewImpl.cpp:2067 00b4d601 content::RenderWidgetInputHandler::HandleInputEvent(blink::WebCoalescedInputEvent const&, ui::LatencyInfo const&, base::OnceCallback<void (content::InputEventAckState, ui::LatencyInfo const&, std::__ndk1::unique_ptr<ui::DidOverscrollParams, std::__ndk1::default_delete<ui::DidOverscrollParams> >, base::Optional<cc::TouchAction>)>) /usr/local/google/code/clankium/src/content/renderer/input/render_widget_input_handler.cc:265 00b9fa6d content::RenderWidget::HandleInputEvent(blink::WebCoalescedInputEvent const&, ui::LatencyInfo const&, base::OnceCallback<void (content::InputEventAckState, ui::LatencyInfo const&, std::__ndk1::unique_ptr<ui::DidOverscrollParams, std::__ndk1::default_delete<ui::DidOverscrollParams> >, base::Optional<cc::TouchAction>)>) /usr/local/google/code/clankium/src/content/renderer/render_widget.cc:866 00b9b44b content::RenderViewImpl::HandleInputEvent(blink::WebCoalescedInputEvent const&, ui::LatencyInfo const&, base::OnceCallback<void (content::InputEventAckState, ui::LatencyInfo const&, std::__ndk1::unique_ptr<ui::DidOverscrollParams, std::__ndk1::default_delete<ui::DidOverscrollParams> >, base::Optional<cc::TouchAction>)>) /usr/local/google/code/clankium/src/content/renderer/render_view_impl.cc:2533 00b4bd59 content::MainThreadEventQueue::HandleEventOnMainThread(blink::WebCoalescedInputEvent const&, ui::LatencyInfo const&, base::OnceCallback<void (content::InputEventAckState, ui::LatencyInfo const&, std::__ndk1::unique_ptr<ui::DidOverscrollParams, std::__ndk1::default_delete<ui::DidOverscrollParams> >, base::Optional<cc::TouchAction>)>) /usr/local/google/code/clankium/src/content/renderer/input/main_thread_event_queue.cc:552 00b4c067 content::QueuedWebInputEvent::Dispatch(content::MainThreadEventQueue*) /usr/local/google/code/clankium/src/content/renderer/input/main_thread_event_queue.cc:125 00b4bb31 content::MainThreadEventQueue::DispatchEvents() /usr/local/google/code/clankium/src/content/renderer/input/main_thread_event_queue.cc:425 0008c425 base::OnceCallback<void ()>::Run() && /usr/local/google/code/clankium/src/base/callback.h:64 0009563d base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) /usr/local/google/code/clankium/src/base/debug/task_annotator.cc:57 003166d1 blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue*, bool, blink::scheduler::LazyNow, base::TimeTicks*) /usr/local/google/code/clankium/src/third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:531 00315585 blink::scheduler::TaskQueueManager::DoWork(bool) /usr/local/google/code/clankium/src/third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:322 0008c425 base::OnceCallback<void ()>::Run() && /usr/local/google/code/clankium/src/base/callback.h:64 0009563d base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) /usr/local/google/code/clankium/src/base/debug/task_annotator.cc:57 000abb35 base::internal::IncomingTaskQueue::RunTask(base::PendingTask*) /usr/local/google/code/clankium/src/base/message_loop/incoming_task_queue.cc:147 000acd4f base::MessageLoop::RunTask(base::PendingTask*) /usr/local/google/code/clankium/src/base/message_loop/message_loop.cc:406 000acfa5 base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) /usr/local/google/code/clankium/src/base/message_loop/message_loop.cc:417 000ad109 base::MessageLoop::DoWork() /usr/local/google/code/clankium/src/base/message_loop/message_loop.cc:524 000ae88b base::MessagePumpDefault::Run(base::MessagePump::Delegate*) /usr/local/google/code/clankium/src/base/message_loop/message_pump_default.cc:37 000acb5f base::MessageLoop::Run() /usr/local/google/code/clankium/src/base/message_loop/message_loop.cc:346 000c4cd7 base::RunLoop::Run() /usr/local/google/code/clankium/src/base/run_loop.cc:118 00ba8e15 content::RendererMain(content::MainFunctionParams const&) /usr/local/google/code/clankium/src/content/renderer/renderer_main.cc:220 00c6ce57 content::ContentMainRunnerImpl::Run() /usr/local/google/code/clankium/src/content/app/content_main_runner.cc:704 0000fed5 service_manager::Main(service_manager::MainParams const&) /usr/local/google/code/clankium/src/services/service_manager/embedder/main.cc:469 v------> content::Start(_JNIEnv*, base::android::JavaParamRef<_jclass*> const&) /usr/local/google/code/clankium/src/content/app/android/content_main.cc:41 00c6c56d Java_org_chromium_content_app_ContentMain_nativeStart /usr/local/google/code/clankium/src/out/Android32/gen/content/public/android/content_jni_headers/content/jni/ContentMain_jni.h:45 00e4eeb5 offset 0xdbd000 /data/app/org.chromium.chrome-1/oat/arm/base.odex
,
Oct 7 2017
Apparently we're adding a span element with \n as the text when the downstream code in HTMLTextAreaElement is expecting a <br> element.
,
Dec 1 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/812d7fc095e9093848a6207eaa635772a7bb52f4 commit 812d7fc095e9093848a6207eaa635772a7bb52f4 Author: Ryan Landay <rlanday@chromium.org> Date: Fri Dec 01 05:04:21 2017 Fix incorrect ending selection after InputMethodController::SetComposition() InputMethodController::SetComposition() works as follows: 1. The current composition range is selected (we don't show this to users). 2. The selection is replaced with the new text, which is left selected. 3. The resulting selection is converted to a composition range, and we change the selection to whatever the IME requested be selected afterwards. Step 2 causes the open TypingCommand's ending selection to be set to the resulting composition range. We need to update it after step 3 to fix two problems: 1. Pressing enter on a physical keyboard on Android with an open composition range causes the text in the composition range to be incorrectly deleted. 2. Pressing Ctrl-Z to undo causes each word to be selected in turn (see video on https://crbug.com/787598). There's another problem with undo on Android, which is that the TypingCommand is closed out after every call to SetComposition() when we select the composition, which means undo only undoes one character at a time. I might fix this in a separate CL. Bug: 787598, 772565 , 772584 Change-Id: I29f09e3c0bd97c6c8e17e5455c5579b53aa34c1b Reviewed-on: https://chromium-review.googlesource.com/783770 Commit-Queue: Ryan Landay <rlanday@chromium.org> Reviewed-by: Changwan Ryu <changwan@chromium.org> Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org> Reviewed-by: Yoshifumi Inoue <yosin@chromium.org> Cr-Commit-Position: refs/heads/master@{#520857} [modify] https://crrev.com/812d7fc095e9093848a6207eaa635772a7bb52f4/content/public/android/java/src/org/chromium/content/browser/input/ImeAdapter.java [modify] https://crrev.com/812d7fc095e9093848a6207eaa635772a7bb52f4/content/public/android/java/src/org/chromium/content/browser/input/ThreadedInputConnection.java [modify] https://crrev.com/812d7fc095e9093848a6207eaa635772a7bb52f4/third_party/WebKit/Source/core/editing/commands/TypingCommand.h [modify] https://crrev.com/812d7fc095e9093848a6207eaa635772a7bb52f4/third_party/WebKit/Source/core/editing/ime/InputMethodController.cpp [modify] https://crrev.com/812d7fc095e9093848a6207eaa635772a7bb52f4/third_party/WebKit/Source/core/editing/ime/InputMethodControllerTest.cpp
,
Dec 1 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by rlanday@chromium.org
, Oct 7 2017