| Summary: | AccessibilityObject::FocusedUIElement should not call AXObjectCache::focusedUIElementForPage that can return an isolated object. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Andres Gonzalez <andresg_22> | ||||
| Component: | New Bugs | Assignee: | Andres Gonzalez <andresg_22> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | aboxhall, apinheiro, cfleizach, dmazzoni, ews-watchlist, jcraig, jdiggs, samuel_white, webkit-bug-importer | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=219290 | ||||||
| Attachments: |
|
||||||
|
Description
Andres Gonzalez
2020-11-21 13:59:16 PST
Created attachment 414770 [details]
Patch
This is the infinite recursion this problem causes when building the isolated tree:
frame #9263: 0x0000000302678948 WebCore`WebCore::AXIsolatedTree::create(axObjectCache=0x0000000325e59400) at AXIsolatedTree.cpp:102:15
frame #9264: 0x00000003025ba23c WebCore`WebCore::AXObjectCache::generateIsolatedTree(this=0x0000000325e59400) const at AXObjectCache.cpp:3168:12
frame #9265: 0x00000003025e6cf1 WebCore`WebCore::AXObjectCache::getOrCreateIsolatedTree(this=0x00007ffee8f07ce0) const::$_4::operator()() const at AXObjectCache.cpp:792:20
frame #9266: 0x00000003025abc7d WebCore`WTF::RefPtr<WebCore::AXIsolatedTree, WTF::RawPtrTraits<WebCore::AXIsolatedTree>, WTF::DefaultRefDerefTraits<WebCore::AXIsolatedTree> > WebCore::Accessibility::retrieveValueFromMainThread<WTF::RefPtr<WebCore::AXIsolatedTree, WTF::RawPtrTraits<WebCore::AXIsolatedTree>, WTF::DefaultRefDerefTraits<WebCore::AXIsolatedTree> >, WebCore::AXObjectCache::getOrCreateIsolatedTree(lambda=0x00007ffee8f07ce0) const::$_4>(WebCore::AXObjectCache::getOrCreateIsolatedTree() const::$_4&&) at AccessibilityObjectInterface.h:1570:16
frame #9267: 0x00000003025a93e3 WebCore`WebCore::AXObjectCache::getOrCreateIsolatedTree(this=0x0000000325e59400) const at AXObjectCache.cpp:791:16
frame #9268: 0x00000003025a9279 WebCore`WebCore::AXObjectCache::isolatedTreeFocusedObject(this=0x0000000325e59400) at AXObjectCache.cpp:401:21
frame #9269: 0x00000003025a96e6 WebCore`WebCore::AXObjectCache::focusedUIElementForPage(this=0x0000000325e59400, page=0x0000000325ff8000) at AXObjectCache.cpp:438:16
frame #9270: 0x0000000302620d9b WebCore`WebCore::AccessibilityObject::focusedUIElement(this=0x000000032b147f00) const at AccessibilityObject.cpp:2552:51
frame #9271: 0x000000030262ff2e WebCore`WebCore::AccessibilityRenderObject::isTabItemSelected(this=0x000000032b147f00) const at AccessibilityRenderObject.cpp:1798:77
frame #9272: 0x000000030262fdd8 WebCore`WebCore::AccessibilityRenderObject::isSelected(this=0x000000032b147f00) const at AccessibilityRenderObject.cpp:1776:24
frame #9273: 0x000000030260e4d2 WebCore`WebCore::AccessibilityNodeObject::selectedTabItem(this=0x000000032b1d3f80) at AccessibilityNodeObject.cpp:938:65
frame #9274: 0x000000030266ada9 WebCore`WebCore::AXIsolatedObject::initializeAttributeData(this=0x000000032b137690, object=0x000000032b1d3f80, isRoot=false) at AXIsolatedObject.cpp:158:63
frame #9275: 0x0000000302668797 WebCore`WebCore::AXIsolatedObject::AXIsolatedObject(this=0x000000032b137690, object=0x000000032b1d3f80, tree=0x0000000325ec7578, parentID=4) at AXIsolatedObject.cpp:46:9
frame #9276: 0x000000030266e9fd WebCore`WebCore::AXIsolatedObject::AXIsolatedObject(this=0x000000032b137690, object=0x000000032b1d3f80, tree=0x0000000325ec7578, parentID=4) at AXIsolatedObject.cpp:43:1
frame #9277: 0x000000030266ea5b WebCore`WebCore::AXIsolatedObject::create(object=0x000000032b1d3f80, tree=0x0000000325ec7578, parentID=4) at AXIsolatedObject.cpp:55:26
frame #9278: 0x0000000302679bf7 WebCore`WebCore::AXIsolatedTree::createSubtree(this=0x0000000325ec7578, axObject=0x000000032b1d3f80, parentID=4, attachWrapper=true) at AXIsolatedTree.cpp:202:19
frame #9279: 0x0000000302679dbd WebCore`WebCore::AXIsolatedTree::createSubtree(this=0x0000000325ec7578, axObject=0x000000032b19b400, parentID=3, attachWrapper=true) at AXIsolatedTree.cpp:221:22
frame #9280: 0x0000000302679dbd WebCore`WebCore::AXIsolatedTree::createSubtree(this=0x0000000325ec7578, axObject=0x0000000325e65e10, parentID=0, attachWrapper=true) at AXIsolatedTree.cpp:221:22
frame #9281: 0x0000000302678db1 WebCore`WebCore::AXIsolatedTree::generateSubtree(this=0x0000000325ec7578, axObject=0x0000000325e65e10, axParent=0x0000000000000000, attachWrapper=true) at AXIsolatedTree.cpp:189:19
frame #9282: 0x0000000302678948 WebCore`WebCore::AXIsolatedTree::create(axObjectCache=0x0000000325e59400) at AXIsolatedTree.cpp:102:15
frame #9283: 0x00000003025ba23c WebCore`WebCore::AXObjectCache::generateIsolatedTree(this=0x0000000325e59400) const at AXObjectCache.cpp:3168:12
frame #9284: 0x00000003025e6cf1 WebCore`WebCore::AXObjectCache::getOrCreateIsolatedTree(this=0x00007ffee8f0bfc0) const::$_4::operator()() const at AXObjectCache.cpp:792:20
frame #9285: 0x00000003025abc7d WebCore`WTF::RefPtr<WebCore::AXIsolatedTree, WTF::RawPtrTraits<WebCore::AXIsolatedTree>, WTF::DefaultRefDerefTraits<WebCore::AXIsolatedTree> > WebCore::Accessibility::retrieveValueFromMainThread<WTF::RefPtr<WebCore::AXIsolatedTree, WTF::RawPtrTraits<WebCore::AXIsolatedTree>, WTF::DefaultRefDerefTraits<WebCore::AXIsolatedTree> >, WebCore::AXObjectCache::getOrCreateIsolatedTree(lambda=0x00007ffee8f0bfc0) const::$_4>(WebCore::AXObjectCache::getOrCreateIsolatedTree() const::$_4&&) at AccessibilityObjectInterface.h:1570:16
frame #9286: 0x00000003025a93e3 WebCore`WebCore::AXObjectCache::getOrCreateIsolatedTree(this=0x0000000325e59400) const at AXObjectCache.cpp:791:16
Committed r270154: <https://trac.webkit.org/changeset/270154> All reviewed patches have been landed. Closing bug and clearing flags on attachment 414770 [details]. |