133873 2014-06-13 12:04:34 -0700 AX: Crash at WebCore::AXObjectCache::textChanged 2014-06-16 14:02:08 -0700 1 1 1 Unclassified WebKit Accessibility 528+ (Nightly build) All All RESOLVED FIXED InRadar P2 Normal --- 1 cfleizach cfleizach aboxhall apinheiro commit-queue ddkilzer dmazzoni jcraig jdiggs koivisto mario samuel_white webkit-bug-importer oldest_to_newest 1015492 0 cfleizach 2014-06-13 12:04:34 -0700 Thread 0: 0 libsystem_kernel.dylib 0x0000000198be9cc0 mach_msg_trap + 8 1 CoreFoundation 0x000000018c1a6ca8 __CFRunLoopServiceMachPort + 180 (CFRunLoop.c:2257) 2 CoreFoundation 0x000000018c1a4e9c __CFRunLoopRun + 932 (CFRunLoop.c:2492) 3 CoreFoundation 0x000000018c0e5b34 CFRunLoopRunSpecific + 448 (CFRunLoop.c:2681) 4 GraphicsServices 0x0000000191ab782c GSEventRunModal + 164 (GSEvent.c:2129) 5 UIKit 0x000000018f1240e4 UIApplicationMain + 1152 (UIApplication.m:2431) 6 MobileSafari 0x000000010003d2ec main + 1900 (main.m:205) 7 libdyld.dylib 0x0000000198b07a9c start + 0 Thread 1: 0 libsystem_kernel.dylib 0x0000000198be9ac8 kevent64 + 8 1 libdispatch.dylib 0x0000000198aedd74 _dispatch_mgr_thread + 48 (source.c:2309) Thread 2 name: WebThread Thread 2 Crashed: 0 WebCore 0x0000000195ade3f0 WebCore::AXObjectCache::textChanged(WebCore::AccessibilityObject*) + 32 (AXObjectCache.cpp:599) 1 WebCore 0x0000000195adec04 WebCore::AXObjectCache::handleAttributeChanged(WebCore::QualifiedName const&, WebCore::Element*) + 108 (AXObjectCache.cpp:586) 2 WebCore 0x0000000195798734 WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::AttributeModificationReason) + 944 (Element.cpp:1062) 3 WebCore 0x0000000195797748 WebCore::Element::addAttributeInternal(WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::SynchronizationOfLazyAttribute) + 172 (Element.cpp:3078) 4 WebCore 0x000000019579742c WebCore::Element::setAttributeInternal(unsigned int, WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::SynchronizationOfLazyAttribute) + 80 (Element.cpp:990) 5 WebCore 0x000000019579d08c WebCore::Element::setAttribute(WTF::AtomicString const&, WTF::AtomicString const&, int&) + 304 (Element.cpp:965) 6 WebCore 0x000000019579cec0 WebCore::jsElementPrototypeFunctionSetAttribute(JSC::ExecState*) + 664 (JSElement.cpp:1808) 7 ??? 0x0000000102ef403c 0 + 4344201276 8 WebCore 0x0000000195795580 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) + 544 (JSMainThreadExecState.h:64) 9 WebCore 0x0000000195794f40 WebCore::ScheduledAction::execute(WebCore::Document*) + 136 (ScheduledAction.cpp:132) 10 WebCore 0x0000000195794364 WebCore::DOMTimer::fired() + 540 (DOMTimer.cpp:183) 11 WebCore 0x0000000195793d90 WebCore::ThreadTimers::sharedTimerFiredInternal() + 148 (ThreadTimers.cpp:143) 12 WebCore 0x0000000195793cd0 WebCore::timerFired(__CFRunLoopTimer*, void*) + 32 (SharedTimerIOS.mm:62) 13 CoreFoundation 0x000000018c1a7688 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 24 (CFRunLoop.c:1604) 14 CoreFoundation 0x000000018c1a72f8 __CFRunLoopDoTimer + 800 (CFRunLoop.c:2090) 15 CoreFoundation 0x000000018c1a5020 __CFRunLoopRun + 1320 (CFRunLoop.c:2218) 16 CoreFoundation 0x000000018c0e5b34 CFRunLoopRunSpecific + 448 (CFRunLoop.c:2681) 17 WebCore 0x0000000195850b98 RunWebThread(void*) + 468 (WebCoreThread.mm:667) 18 libsystem_pthread.dylib 0x0000000198c841ac _pthread_body + 164 (pthread.c:629) 19 libsystem_pthread.dylib 0x0000000198c84104 _pthread_start + 136 (pthread.c:654) 20 libsystem_pthread.dylib 0x0000000198c817ac thread_start + 0 <rdar://problem/15414279> 1015493 1 233066 cfleizach 2014-06-13 12:08:26 -0700 Created attachment 233066 patch 1015942 2 233066 enrica 2014-06-16 13:30:25 -0700 Comment on attachment 233066 patch Seems reasonable to me. 1015943 3 233066 cfleizach 2014-06-16 13:31:17 -0700 Comment on attachment 233066 patch thanks! 1015953 4 233066 commit-queue 2014-06-16 14:02:04 -0700 Comment on attachment 233066 patch Clearing flags on attachment: 233066 Committed r170026: <http://trac.webkit.org/changeset/170026> 1015954 5 commit-queue 2014-06-16 14:02:08 -0700 All reviewed patches have been landed. Closing bug. 233066 2014-06-13 12:08:26 -0700 2014-06-16 14:02:04 -0700 patch patch text/plain 1737 cfleizach SW5kZXg6IFNvdXJjZS9XZWJDb3JlL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBTb3VyY2UvV2Vi Q29yZS9DaGFuZ2VMb2cJKHJldmlzaW9uIDE2OTk0MikKKysrIFNvdXJjZS9XZWJDb3JlL0NoYW5n ZUxvZwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDIxIEBACisyMDE0LTA2LTEzICBDaHJpcyBG bGVpemFjaCAgPGNmbGVpemFjaEBhcHBsZS5jb20+CisKKyAgICAgICAgQVg6IENyYXNoIGF0IFdl YkNvcmU6OkFYT2JqZWN0Q2FjaGU6OnRleHRDaGFuZ2VkCisgICAgICAgIGh0dHBzOi8vYnVncy53 ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xMzM4NzMKKworICAgICAgICBSZXZpZXdlZCBieSBO T0JPRFkgKE9PUFMhKS4KKworICAgICAgICBUaGlzIGxvb2tzIGxpa2UgYSB2ZXJ5IHNpbWlsYXIg cHJvYmxlbSB0byAKKyAgICAgICAgaHR0cHM6Ly9idWdzLndlYmtpdC5vcmcvc2hvd19idWcuY2dp P2lkPTEzMzgyNQorCisgICAgICAgIFRoZSBvYmplY3QgaXMgYmVpbmcgY3JlYXRlZCBhbmQgZGVh bGxvY2F0ZWQgYWxtb3N0IHJpZ2h0IGF3YXkgYmVjYXVzZSBjYWxsaW5nIGFjY2Vzc2liaWxpdHlJ c0lnbm9yZWQgdHJpZ2dlcnMKKyAgICAgICAgYSBkZWZlcnJlZCBsYXlvdXQgdGhhdCBpbnZhbGlk YXRlcyB0aGUgYXNzb2NpYXRlZCByZW5kZXIgZWxlbWVudC4KKworICAgICAgICBEZXNwaXRlIG15 IGJlc3QgZWZmb3J0cywgSSBjb3VsZCBub3QgY29tZSB1cCB3aXRoIGEgd2F5IHRvIHJlcHJvZHVj ZSB0aGlzIGluIGEgbGF5b3V0IHRlc3QuCisKKyAgICAgICAgKiBhY2Nlc3NpYmlsaXR5L0FYT2Jq ZWN0Q2FjaGUuY3BwOgorICAgICAgICAoV2ViQ29yZTo6QVhPYmplY3RDYWNoZTo6Z2V0T3JDcmVh dGUpOgorCiAyMDE0LTA2LTEzICBBbmRlcnMgQ2FybHNzb24gIDxhbmRlcnNjYUBhcHBsZS5jb20+ CiAKICAgICAgICAgQWRkIGEgSFRUUEhlYWRlck1hcDo6ZmluZCBvdmVybG9hZCB0aGF0IHRha2Vz IGEgSFRUUEhlYWRlck5hbWUKSW5kZXg6IFNvdXJjZS9XZWJDb3JlL2FjY2Vzc2liaWxpdHkvQVhP YmplY3RDYWNoZS5jcHAKPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYkNvcmUvYWNjZXNzaWJpbGl0 eS9BWE9iamVjdENhY2hlLmNwcAkocmV2aXNpb24gMTY5NzQ3KQorKysgU291cmNlL1dlYkNvcmUv YWNjZXNzaWJpbGl0eS9BWE9iamVjdENhY2hlLmNwcAkod29ya2luZyBjb3B5KQpAQCAtNDAzLDcg KzQwMywxMSBAQAogICAgIG5ld09iai0+aW5pdCgpOwogICAgIGF0dGFjaFdyYXBwZXIobmV3T2Jq LmdldCgpKTsKICAgICBuZXdPYmotPnNldExhc3RLbm93bklzSWdub3JlZFZhbHVlKG5ld09iai0+ YWNjZXNzaWJpbGl0eUlzSWdub3JlZCgpKTsKLQorICAgIC8vIFNvbWV0aW1lcyBhc2tpbmcgYWNj ZXNzaWJpbGl0eUlzSWdub3JlZCgpIHdpbGwgY2F1c2UgdGhlIG5ld09iamVjdCB0byBiZSBkZWFs bG9jYXRlZCwgYW5kIHRoZW4KKyAgICAvLyBpdCB3aWxsIGRpc2FwcGVhciB3aGVuIHRoaXMgZnVu Y3Rpb24gaXMgZmluaXNoZWQsIGxlYWRpbmcgdG8gYSB1c2UtYWZ0ZXItZnJlZS4KKyAgICBpZiAo bmV3T2JqLT5pc0RldGFjaGVkKCkpCisgICAgICAgIHJldHVybiBudWxscHRyOworICAgIAogICAg IHJldHVybiBuZXdPYmouZ2V0KCk7CiB9CiAK