Bug 254375

e.g. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 JavaScriptCore 0x13f5b287e WTFCrash + 14 (Assertions.cpp:327) 1 WebCore 0x1567ef6fb WTFCrashWithInfo(int, char const*, char const*, int) + 27 (Assertions.h:758) 2 WebCore 0x15a329345 WebCore::CompositeEditCommand::moveParagraph(WebCore::VisiblePosition const&, WebCore::VisiblePosition const&, WebCore::VisiblePosition const&, bool, bool) + 181 (CompositeEditCommand.cpp:1444) 3 WebCore 0x15a3ae01f WebCore::InsertListCommand::listifyParagraph(WebCore::VisiblePosition const&, WebCore::QualifiedName const&) + 2399 (InsertListCommand.cpp:436) 4 WebCore 0x15a3acd54 WebCore::InsertListCommand::doApplyForSingleParagraph(bool, WebCore::HTMLQualifiedName const&, WebCore::SimpleRange&) + 2148 (InsertListCommand.cpp:287) 5 WebCore 0x15a3ac4b7 WebCore::InsertListCommand::doApply() + 2503 (InsertListCommand.cpp:209) 6 WebCore 0x15a30ea1f WebCore::CompositeEditCommand::apply() + 431 (CompositeEditCommand.cpp:398) 7 WebCore 0x15a394a2d WebCore::executeInsertOrderedList(WebCore::LocalFrame&, WebCore::Event*, WebCore::EditorCommandSource, WTF::String const&) + 157 (EditorCommand.cpp:519) 8 WebCore 0x15a36ac24 WebCore::Editor::Command::execute(WTF::String const&, WebCore::Event*) const + 212 (EditorCommand.cpp:1923) 9 WebCore 0x15a05a869 WebCore::Document::execCommand(WTF::String const&, bool, WTF::String const&) + 265 (Document.cpp:6105) 10 WebCore 0x15739a8d9 WebCore::jsDocumentPrototypeFunction_execCommandBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSDocument*) + 1593 (JSDocument.cpp:6449) 11 WebCore 0x15739a26e long long WebCore::IDLOperation<WebCore::JSDocument>::call<&(WebCore::jsDocumentPrototypeFunction_execCommandBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSDocument*)), (WebCore::CastedThisErrorBehavior)0>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*) + 670 (JSDOMOperation.h:63) 12 WebCore 0x1573832e4 WebCore::jsDocumentPrototypeFunction_execCommand(JSC::JSGlobalObject*, JSC::CallFrame*) + 36 (JSDocument.cpp:6454) 13 ??? 0x5297a2e0c1b8 ??? 14 JavaScriptCore 0x13fd6d55c llint_entry + 148024 (LowLevelInterpreter.asm:1191) 15 JavaScriptCore 0x13fd6d55c llint_entry + 148024 (LowLevelInterpreter.asm:1191) 16 JavaScriptCore 0x13fd4901d vmEntryToJavaScript + 286 (LowLevelInterpreter64.asm:368) 17 JavaScriptCore 0x140e6ecdb JSC::Interpreter::executeCallImpl(JSC::VM&, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1627 (Interpreter.cpp:1117) 18 JavaScriptCore 0x140e6ede0 JSC::Interpreter::executeCall(JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 112 (Interpreter.cpp:1126) 19 JavaScriptCore 0x14111881d JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 205 (CallData.cpp:57) 20 JavaScriptCore 0x1411188fd JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 205 (CallData.cpp:64) 21 JavaScriptCore 0x141118bbd JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 125 (CallData.cpp:85) 22 WebCore 0x1597fe43c WebCore::JSExecState::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 252 (JSExecState.h:91) 23 WebCore 0x15981dda5 WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) + 2149 (JSEventListener.cpp:220) 24 WebCore 0x15a16a89e WebCore::EventTarget::innerInvokeEventListeners(WebCore::Event&, WTF::Vector<WTF::RefPtr<WebCore::RegisteredEventListener, WTF::RawPtrTraits<WebCore::RegisteredEventListener>, WTF::DefaultRefDerefTraits<WebCore::RegisteredEventListener> >, 1ul, WTF::CrashOnOverflow, 2ul, WTF::FastMalloc>, WebCore::EventTarget::EventInvokePhase) + 1022 (EventTarget.cpp:372) 25 WebCore 0x15a15d71b WebCore::EventTarget::fireEventListeners(WebCore::Event&, WebCore::EventTarget::EventInvokePhase) + 395 (EventTarget.cpp:304) 26 WebCore 0x15aeb3619 WebCore::LocalDOMWindow::dispatchEvent(WebCore::Event&, WebCore::EventTarget*) + 505 (LocalDOMWindow.cpp:2384) 27 WebCore 0x15aebe5dd WebCore::LocalDOMWindow::dispatchLoadEvent() + 429 (LocalDOMWindow.cpp:2332) 28 WebCore 0x15a046724 WebCore::Document::dispatchWindowLoadEvent() + 132 (Document.cpp:5330) 29 WebCore 0x15a0462ed WebCore::Document::implicitClose() + 621 (Document.cpp:3344) 30 WebCore 0x15ac7e3fb WebCore::FrameLoader::checkCallImplicitClose() + 155 (FrameLoader.cpp:995) 31 WebCore 0x15ac7dec1 WebCore::FrameLoader::checkCompleted() + 433 (FrameLoader.cpp:936) 32 WebCore 0x15ac7c13b WebCore::FrameLoader::finishedParsing() + 283 (FrameLoader.cpp:843) 33 WebCore 0x15a05ce32 WebCore::Document::finishedParsing() + 738 (Document.cpp:6438) 34 WebCore 0x15a79ba88 WebCore::HTMLConstructionSite::finishedParsing() + 24 (HTMLConstructionSite.cpp:448) 35 WebCore 0x15a806730 WebCore::HTMLTreeBuilder::finished() + 256 (HTMLTreeBuilder.cpp:3026) 36 WebCore 0x15a7a3193 WebCore::HTMLDocumentParser::end() + 243 (HTMLDocumentParser.cpp:446) 37 WebCore 0x15a7a1061 WebCore::HTMLDocumentParser::attemptToRunDeferredScriptsAndEnd() + 289 (HTMLDocumentParser.cpp:455) 38 WebCore 0x15a7a0d99 WebCore::HTMLDocumentParser::prepareToStopParsing() + 281 (HTMLDocumentParser.cpp:150) 39 WebCore 0x15a7a31ff WebCore::HTMLDocumentParser::attemptToEnd() + 63 (HTMLDocumentParser.cpp:467) 40 WebCore 0x15a7a32cb WebCore::HTMLDocumentParser::finish() + 59 (HTMLDocumentParser.cpp:495) 41 WebCore 0x15ac18a7a WebCore::DocumentWriter::end() + 378 (DocumentWriter.cpp:323) <rdar://106816068>