| Summary: | Fix for crash handling NSAccessibilityInsertionPointLineNumberAttribute for text fields in isolated tree mode. | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Andres Gonzalez <andresg_22> | ||||
| Component: | New Bugs | Assignee: | Andres Gonzalez <andresg_22> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | aboxhall, apinheiro, cfleizach, dmazzoni, ews-watchlist, jcraig, jdiggs, samuel_white, webkit-bug-importer | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
|
Description
Andres Gonzalez
2020-12-02 19:31:27 PST
Backtrace of the assert crash:
(lldb) bt
* thread #13, name = 'com.apple.accessibility.secondary', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
* frame #0: 0x0000000655fca2ee JavaScriptCore`::WTFCrash() at Assertions.cpp:295:35
frame #1: 0x000000063697825b WebCore`WTFCrashWithInfo((null)=1371, (null)="./accessibility/isolatedtree/AXIsolatedObject.cpp", (null)="virtual int WebCore::AXIsolatedObject::lineForPosition(const WebCore::VisiblePosition &) const", (null)=938) at Assertions.h:671:5
frame #2: 0x000000063909e0bb WebCore`WebCore::AXIsolatedObject::lineForPosition(this=0x00000006698f09d8, position=0x000070000d88f7b8) const at AXIsolatedObject.cpp:1371:5
frame #3: 0x000000063b8237db WebCore`-[WebAccessibilityObjectWrapper accessibilityAttributeValue:](self=0x00007fb167e50c20, _cmd="accessibilityAttributeValue:", attributeName="AXInsertionPointLineNumber") at WebAccessibilityObjectWrapperMac.mm:2293:45
frame #4: 0x00007fff22e1cd05 AppKit`NSAccessibilityGetObjectForAttributeUsingLegacyAPI + 343
frame #5: 0x00007fff233b976f AppKit`___NSAccessibilityEntryPointValueForAttribute_block_invoke.811 + 2544
frame #6: 0x00007fff233b5083 AppKit`NSAccessibilityPerformEntryPointObject + 16
frame #7: 0x00007fff23076b6e AppKit`_NSAccessibilityEntryPointValueForAttribute + 168
frame #8: 0x00007fff231ae741 AppKit`-[NSObject(NSAccessibilityInternal) _accessibilityValueForAttribute:clientError:] + 341
frame #9: 0x00007fff231b36f2 AppKit`CopyAppKitUIElementAttributeValueNoCatch + 98
frame #10: 0x00007fff231b06a7 AppKit`CopyAttributeValue + 142
frame #11: 0x00007fff257e1b7b HIServices`_AXXMIGCopyAttributeValue + 409
frame #12: 0x00007fff2580383b HIServices`_XCopyAttributeValue + 443
frame #13: 0x00007fff257c2854 HIServices`mshMIGPerform + 174
frame #14: 0x00007fff20561178 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 41
frame #15: 0x00007fff20561055 CoreFoundation`__CFRunLoopDoSource1 + 595
frame #16: 0x00007fff2055f6f9 CoreFoundation`__CFRunLoopRun + 2402
frame #17: 0x00007fff2055e6be CoreFoundation`CFRunLoopRunSpecific + 563
frame #18: 0x00007fff257e52b9 HIServices`axThreadEntry + 127
frame #19: 0x00007fff20467950 libsystem_pthread.dylib`_pthread_start + 224
frame #20: 0x00007fff2046347b libsystem_pthread.dylib`thread_start + 15
(lldb)
Created attachment 415271 [details]
Patch
Comment on attachment 415271 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=415271&action=review > Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.h:-385 > - unsigned selectionStart() const override { return 0; } Can we remove the todo Committed r270393: <https://trac.webkit.org/changeset/270393> All reviewed patches have been landed. Closing bug and clearing flags on attachment 415271 [details]. |