Bug 199061

Summary: REGRESSION(r245912): Crash in TextIterator::range via visiblePositionForIndexUsingCharacterIterator
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: AccessibilityAssignee: Ryosuke Niwa <rniwa>
Status: RESOLVED FIXED    
Severity: Normal CC: agomez, cfleizach, jcraig, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar, Regression
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=199431
Attachments:
Description Flags
Fixes the bug wenson_hsieh: review+

Description Ryosuke Niwa 2019-06-20 00:01:49 PDT 
e.g.
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   com.apple.WebCore             	0x00007fff488112cd WebCore::TextIterator::range() const + 61
1   com.apple.WebCore             	0x00007fff488110ec WebCore::CharacterIterator::range() const + 28
2   com.apple.WebCore             	0x00007fff49a2cb6a WebCore::visiblePositionForIndexUsingCharacterIterator(WebCore::Node&, int) + 2090
3   com.apple.WebCore             	0x00007fff4967a49e WebCore::AccessibilityRenderObject::visiblePositionForIndex(int) const + 174
4   com.apple.WebCore             	0x00007fff49647d93 WebCore::AXObjectCache::characterOffsetForIndex(int, WebCore::AccessibilityObject const*) + 67
5   com.apple.WebCore             	0x00007fff4966a11f WebCore::AccessibilityObject::rangeForPlainTextRange(WebCore::PlainTextRange const&) const + 191

<rdar://problem/51765259>
Comment 1 Ryosuke Niwa 2019-06-20 00:07:54 PDT 
Created attachment 372543 [details]
Fixes the bug
Comment 2 chris fleizach 2019-06-20 00:12:29 PDT 
(In reply to Ryosuke Niwa from comment #1)
> Created attachment 372543 [details]
> Fixes the bug

Thanks for handling this Ryosuke.
Comment 3 Ryosuke Niwa 2019-06-20 14:42:52 PDT 
Committed r246653: <https://trac.webkit.org/changeset/246653>