Opened 9 years ago

Closed 8 years ago

#14714 closed Bug (fixed)

[Webkit/Blink] Exception thrown on refocusing blurred inline editor

Reported by: Jakub Ś Owned by: Marek Lewandowski
Priority: Normal Milestone: CKEditor 4.7.0
Component: General Version: 4.0
Keywords: Blink Cc:

Description (last modified by Marek Lewandowski)

Steps to reproduce

  1. Open div area sample.
  2. Clear up the editor content.
  3. Put the selection inside the editor.
  4. Select "Marker" style from a styles dropdown and type some text.
  5. Blur the editor (by clicking outside of the editor).
  6. Click on styles button.
  7. Blur the editor (by clicking outside of the editor).
  8. Click on styles button.

Expected result

No JS error is thrown

Actual result

JS error is thrown:

Uncaught DOMException: Failed to execute 'setStart' on 'Range': The offset 13 is larger than or equal to the node's length (6).

Other details (browser, OS, CKEditor version, installed plugins)

Attachments (1)

2016-07-01_1853.swf (836.1 KB) - added by Jakub Ś 9 years ago.

Download all attachments as: .zip

Change History (18)

Changed 9 years ago by Jakub Ś

Attachment: 2016-07-01_1853.swf added

comment:1 Changed 9 years ago by Jakub Ś

Status: newconfirmed

Please also see the video showing the issue.

comment:2 Changed 9 years ago by Marek Lewandowski

It does not necessarily require you to change tabs. Here'se a simplified TC:

  1. Open div area sample.
  2. Clear up the editor content.
  3. Put the selection inside the editor.
  4. Select "Marker" style from a styles dropdown.
  5. Blur the editor (by clicking outside of the editor).
  6. Click on styles button and apply "Big" style.
Version 0, edited 9 years ago by Marek Lewandowski (next)

comment:3 Changed 8 years ago by Piotrek Koszuliński

The error is thrown when unlocking a selection. The locked one has much higher offsets than the number of typed letters which means that it's a problem with the filling chars. The selection is locked in a DOM with a filling chars, but when it's unlocked, there are no filling chars.

I'm curious how the filling chars behave in other cases. First of all, it's obvious that all this works fine in an iframed editor because there's no selection locking as iframe can keep its own selection. But can we find some cases with inline editables in which unlocking selection works if the selection had filling chars upon lock?

comment:4 in reply to:  3 Changed 8 years ago by kkrzton

Replying to Reinmar:

The error is thrown when unlocking a selection. The locked one has much higher offsets than the number of typed letters which means that it's a problem with the filling chars. The selection is locked in a DOM with a filling chars, but when it's unlocked, there are no filling chars.

It looks like the filling char sequence is removed on editor refocus. The selectionChange event is fired after refocusing and it starts the process of checking and removing filling chars (https://github.com/ckeditor/ckeditor-dev/blob/master/core/selection.js#L859).

comment:5 Changed 8 years ago by Piotrek Koszuliński

Any idea how it works in e.g. tab, and then shift+tab case that it doesn't throw? How is this case different from other ones?

comment:6 Changed 8 years ago by kkrzton

I'm still looking into where is the difference between refocusing with tab/shift+tab and mouse (via dropdown). It works well with tab/shift+tab and also when focusing toolbar (alt+F10) and applying "Big" style using keyboard.

The one strange case is when focusing toolbar (alt+F10) and then using left/right arrows. It should switch between buttons in a toolbar group but instead, focus is set back in the editable area and the above exception is thrown (it happens only in the case which will throw this error ofc). The left/right arrow triggers removeFillingCharSequenceNode function which causes this error.

Last edited 8 years ago by kkrzton (previous) (diff)

comment:7 Changed 8 years ago by kkrzton

It can also be reproduced following the steps:

  1. Open div area sample.
  2. Clear up the editor content.
  3. Put the selection inside the editor.
  4. Select "Marker" style from a styles dropdown and type some text.
  5. Blur the editor (by clicking outside of the editor).
  6. Click on styles button.
  7. Blur the editor (by clicking outside of the editor).
  8. Click on styles button.

It seems like at the first refocus (step 6), removeFillingCharSequenceNode method (which removes filling chars) runs without any error and ranges cache is updated with the proper range. However, after refocusing for the second time (step 8), selection unlocking uses the previous range (with offset involving filling char sequence).

comment:8 Changed 8 years ago by Marek Lewandowski

Milestone: CKEditor 4.7.0

comment:9 Changed 8 years ago by Tade0

While checking one solution to this bug I found another one, that's not related by code, but definitely related from the user's perspective: http://dev.ckeditor.com/ticket/16895#ticket

comment:10 Changed 8 years ago by Tade0

Owner: set to Tade0
Status: confirmedreview

Cherry-picked the changes made by k.krzton on top of major, updated tags.

Changes pushed to branch:t/14714.

comment:11 Changed 8 years ago by Tade0

Status: reviewassigned

comment:12 Changed 8 years ago by Tade0

Status: assignedreview

Added unit tests.

Changes pushed to branch:t/14714.

comment:13 Changed 8 years ago by Marek Lewandowski

Status: reviewreview_failed

Unit tests are failing.

comment:14 Changed 8 years ago by Marek Lewandowski

Owner: changed from Tade0 to Marek Lewandowski
Status: review_failedassigned

I'll take over this issue.

comment:15 Changed 8 years ago by Marek Lewandowski

Tests fixed with git:60b4261ae0.

comment:16 Changed 8 years ago by Marek Lewandowski

Description: modified (diff)
Summary: Divarea - changing tabs and applying styles throws JS error[Webkit/Blink] Exception thrown on refocusing blurred inline editor

Changed reproduce steps in the summary - the former involved some redundant steps. Adding original TC below:

Steps to reproduce

  1. Open two tabs in Chrome or Opera
  2. Open divarea sample and clear editor contents.
  3. Type text, select Big from styles dropdown, type more text, select Small and type more text
  4. Click on another tab, click on tab with editor and select e.g. Typewriter style from dropdown.

Expected result

No JS error is thrown

Actual result

Code: selection.js 
Line: 1921 
Message: Uncaught IndexSizeError: Failed to execute 'setStart' on 'Range': The offset 22 is larger than or equal to the node's length (15).

Code: style.js
Line: 331 
Message: Uncaught TypeError: Cannot read property 'elements' of null

comment:17 Changed 8 years ago by Marek Lewandowski

Resolution: fixed
Status: assignedclosed

Fixed with git:e0e0043f5c.

Note: See TracTickets for help on using tickets.
© 2003 – 2022, CKSource sp. z o.o. sp.k. All rights reserved. | Terms of use | Privacy policy