Bug 133873

Summary: AX: Crash at WebCore::AXObjectCache::textChanged
Product: WebKit Reporter: chris fleizach <cfleizach>
Component: AccessibilityAssignee: chris fleizach <cfleizach>
Status: RESOLVED FIXED    
Severity: Normal CC: aboxhall, apinheiro, commit-queue, ddkilzer, dmazzoni, jcraig, jdiggs, koivisto, mario, samuel_white, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: All   
OS: All   
Attachments:
Description Flags
patch none

chris fleizach
Reported 2014-06-13 12:04:34 PDT
Thread 0: 0 libsystem_kernel.dylib 0x0000000198be9cc0 mach_msg_trap + 8 1 CoreFoundation 0x000000018c1a6ca8 __CFRunLoopServiceMachPort + 180 (CFRunLoop.c:2257) 2 CoreFoundation 0x000000018c1a4e9c __CFRunLoopRun + 932 (CFRunLoop.c:2492) 3 CoreFoundation 0x000000018c0e5b34 CFRunLoopRunSpecific + 448 (CFRunLoop.c:2681) 4 GraphicsServices 0x0000000191ab782c GSEventRunModal + 164 (GSEvent.c:2129) 5 UIKit 0x000000018f1240e4 UIApplicationMain + 1152 (UIApplication.m:2431) 6 MobileSafari 0x000000010003d2ec main + 1900 (main.m:205) 7 libdyld.dylib 0x0000000198b07a9c start + 0 Thread 1: 0 libsystem_kernel.dylib 0x0000000198be9ac8 kevent64 + 8 1 libdispatch.dylib 0x0000000198aedd74 _dispatch_mgr_thread + 48 (source.c:2309) Thread 2 name: WebThread Thread 2 Crashed: 0 WebCore 0x0000000195ade3f0 WebCore::AXObjectCache::textChanged(WebCore::AccessibilityObject*) + 32 (AXObjectCache.cpp:599) 1 WebCore 0x0000000195adec04 WebCore::AXObjectCache::handleAttributeChanged(WebCore::QualifiedName const&, WebCore::Element*) + 108 (AXObjectCache.cpp:586) 2 WebCore 0x0000000195798734 WebCore::Element::attributeChanged(WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::AttributeModificationReason) + 944 (Element.cpp:1062) 3 WebCore 0x0000000195797748 WebCore::Element::addAttributeInternal(WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::SynchronizationOfLazyAttribute) + 172 (Element.cpp:3078) 4 WebCore 0x000000019579742c WebCore::Element::setAttributeInternal(unsigned int, WebCore::QualifiedName const&, WTF::AtomicString const&, WebCore::Element::SynchronizationOfLazyAttribute) + 80 (Element.cpp:990) 5 WebCore 0x000000019579d08c WebCore::Element::setAttribute(WTF::AtomicString const&, WTF::AtomicString const&, int&) + 304 (Element.cpp:965) 6 WebCore 0x000000019579cec0 WebCore::jsElementPrototypeFunctionSetAttribute(JSC::ExecState*) + 664 (JSElement.cpp:1808) 7 ??? 0x0000000102ef403c 0 + 4344201276 8 WebCore 0x0000000195795580 WebCore::ScheduledAction::executeFunctionInContext(JSC::JSGlobalObject*, JSC::JSValue, WebCore::ScriptExecutionContext*) + 544 (JSMainThreadExecState.h:64) 9 WebCore 0x0000000195794f40 WebCore::ScheduledAction::execute(WebCore::Document*) + 136 (ScheduledAction.cpp:132) 10 WebCore 0x0000000195794364 WebCore::DOMTimer::fired() + 540 (DOMTimer.cpp:183) 11 WebCore 0x0000000195793d90 WebCore::ThreadTimers::sharedTimerFiredInternal() + 148 (ThreadTimers.cpp:143) 12 WebCore 0x0000000195793cd0 WebCore::timerFired(__CFRunLoopTimer*, void*) + 32 (SharedTimerIOS.mm:62) 13 CoreFoundation 0x000000018c1a7688 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 24 (CFRunLoop.c:1604) 14 CoreFoundation 0x000000018c1a72f8 __CFRunLoopDoTimer + 800 (CFRunLoop.c:2090) 15 CoreFoundation 0x000000018c1a5020 __CFRunLoopRun + 1320 (CFRunLoop.c:2218) 16 CoreFoundation 0x000000018c0e5b34 CFRunLoopRunSpecific + 448 (CFRunLoop.c:2681) 17 WebCore 0x0000000195850b98 RunWebThread(void*) + 468 (WebCoreThread.mm:667) 18 libsystem_pthread.dylib 0x0000000198c841ac _pthread_body + 164 (pthread.c:629) 19 libsystem_pthread.dylib 0x0000000198c84104 _pthread_start + 136 (pthread.c:654) 20 libsystem_pthread.dylib 0x0000000198c817ac thread_start + 0 <rdar://problem/15414279>
Attachments
patch (1.70 KB, patch)
2014-06-13 12:08 PDT, chris fleizach 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
chris fleizach
Comment 1 2014-06-13 12:08:26 PDT
Created attachment 233066 [details] patch
Enrica Casucci
Comment 2 2014-06-16 13:30:25 PDT
Comment on attachment 233066 [details] patch Seems reasonable to me.
chris fleizach
Comment 3 2014-06-16 13:31:17 PDT
Comment on attachment 233066 [details] patch thanks!
WebKit Commit Bot
Comment 4 2014-06-16 14:02:04 PDT
Comment on attachment 233066 [details] patch Clearing flags on attachment: 233066 Committed r170026: <http://trac.webkit.org/changeset/170026>
WebKit Commit Bot
Comment 5 2014-06-16 14:02:08 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.