Bug 234377

Summary: Fix for crash in AXIsolatedObject::textMarkerRangeForNSRange.
Product: WebKit Reporter: Andres Gonzalez <andresg_22>
Component: AccessibilityAssignee: Andres Gonzalez <andresg_22>
Status: RESOLVED FIXED    
Severity: Normal CC: aboxhall, andresg_22, apinheiro, cfleizach, dmazzoni, ews-watchlist, jcraig, jdiggs, samuel_white, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Andres Gonzalez
Reported 2021-12-15 18:28:37 PST
Fix for crash in AXIsolatedObject::textMarkerRangeForNSRange.
Attachments
Patch (2.04 KB, patch)
2021-12-15 18:38 PST, Andres Gonzalez 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-12-15 18:28:49 PST
<rdar://problem/86553198>
Andres Gonzalez
Comment 2 2021-12-15 18:38:46 PST
Created attachment 447310 [details] Patch
Andres Gonzalez
Comment 3 2021-12-15 19:01:01 PST
This is the relevant stack trace: {"symbol":"WTF::RetainPtr<objc_object*>::RetainPtr(objc_object*)","inline":true,"imageIndex":3,"imageOffset":74867,"symbolLocation":13,"sourceLine":181,"sourceFile":"RetainPtr.h"},{"symbol":"WTF::RetainPtr<objc_object*>::operator=(objc_object*)","inline":true,"imageIndex":3,"imageOffset":74867,"symbolLocation":13,"sourceLine":245,"sourceFile":"RetainPtr.h"},{"symbol":"WTR::AccessibilityUIElement::attributeValueForParameter(NSString*, objc_object*) const::$_3::operator()() const","inline":true,"imageIndex":3,"imageOffset":74867,"symbolLocation":51,"sourceLine":329,"sourceFile":"AccessibilityUIElementMac.mm"},{"imageOffset":74867,"sourceLine":53,"sourceFile":"Function.h","symbol":"WTF::Detail::CallableWrapper<WTR::AccessibilityUIElement::attributeValueForParameter(NSString*, objc_object*) const::$_3, void>::call()","imageIndex":3,"symbolLocation":65},{"symbol":"WTF::Function<void ()>::operator()() const","inline":true,"imageIndex":3,"imageOffset":21002,"symbolLocation":9,"sourceLine":82,"sourceFile":"Function.h"},{"symbol":"WTR::AccessibilityController::executeOnAXThreadAndWait(WTF::Function<void ()>&&)::$_0::operator()() const","inline":true,"imageIndex":3,"imageOffset":21002,"symbolLocation":13,"sourceLine":107,"sourceFile":"AccessibilityController.cpp"},{"imageOffset":21002,"sourceLine":53,"sourceFile":"Function.h","symbol":"WTF::Detail::CallableWrapper<WTR::AccessibilityController::executeOnAXThreadAndWait(WTF::Function<void ()>&&)::$_0, void>::call()","imageIndex":3,"symbolLocation":22},{"symbol":"WTF::Function<void ()>::operator()() const","inline":true,"imageIndex":3,"imageOffset":20914,"symbolLocation":10,"sourceLine":82,"sourceFile":"Function.h"},{"imageOffset":20914,"sourceLine":234,"sourceFile":"AccessibilityController.cpp","symbol":"WTR::AXThread::dispatchFunctionsFromAXThread()","imageIndex":3,"symbolLocation":118},{"symbol":"WTR::AXThread::threadRunLoopSourceCallback()","inline":true,"imageIndex":3,"imageOffset":23562,"symbolLocation":16,"sourceLine":178,"sourceFile":"AccessibilityControllerMac.mm"},{"imageOffset":23562,"sourceLine":172,"sourceFile":"AccessibilityControllerMac.mm","symbol":"WTR::AXThread::threadRunLoopSourceCallback(void*)","imageIndex":3,"symbolLocation":26},{"imageOffset":524123,"symbol":"__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__","symbolLocation":17,"imageIndex":2},{"imageOffset":523971,"symbol":"__CFRunLoopDoSource0","symbolLocation":180,"imageIndex":2},{"imageOffset":523325,"symbol":"__CFRunLoopDoSources0","symbolLocation":242,"imageIndex":2},{"imageOffset":517720,"symbol":"__CFRunLoopRun","symbolLocation":892,"imageIndex":2},{"imageOffset":515100,"symbol":"CFRunLoopRunSpecific","symbolLocation":562,"imageIndex":2},{"imageOffset":1072395,"symbol":"CFRunLoopRun","symbolLocation":40,"imageIndex":2},{"imageOffset":23466,"sourceLine":161,"sourceFile":"AccessibilityControllerMac.mm","symbol":"WTR::AXThread::initializeRunLoop()","imageIndex":3,"symbolLocation":212},{"symbol":"WTF::Function<void ()>::operator()() const","inline":true,"imageIndex":4,"imageOffset":388829,"symbolLocation":9,"sourceLine":82,"sourceFile":"Function.h"},{"imageOffset":388829,"sourceLine":191,"sourceFile":"Threading.cpp","symbol":"WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*)","imageIndex":4,"symbolLocation":125},{"imageOffset":398297,"sourceLine":244,"sourceFile":"ThreadingPOSIX.cpp","symbol":"WTF::wtfThreadEntryPoint(void*)","imageIndex":4,"symbolLocation":9},{"imageOffset":25788,"symbol":"_pthread_start","symbolLocation":120,"imageIndex":10},{"imageOffset":7871,"symbol":"thread_start","symbolLocation":15,"imageIndex":10}]}],
EWS
Comment 4 2021-12-15 23:09:31 PST
Committed r287126 (245310@main): <https://commits.webkit.org/245310@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 447310 [details].
Note You need to log in before you can comment on or make changes to this bug.