Bug 214017 - Web content process hangs in AccessibilityRenderObject::setSelectedVisiblePositionRange in some corner cases.
Summary: Web content process hangs in AccessibilityRenderObject::setSelectedVisiblePos...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Andres Gonzalez
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-07-06 16:45 PDT by Andres Gonzalez
Modified: 2020-07-07 19:26 PDT (History)
8 users (show)

See Also:

Attachments
Patch (3.22 KB, patch)
2020-07-06 17:05 PDT, Andres Gonzalez 		no flags Details | Formatted Diff | Diff
Patch (11.19 KB, patch)
2020-07-07 10:54 PDT, Andres Gonzalez 		no flags Details | Formatted Diff | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andres Gonzalez 2020-07-06 16:45:07 PDT 
Web content process hangs in AccessibilityRenderObject::setSelectedVisiblePositionRange in some corner cases.
Comment 1 Andres Gonzalez 2020-07-06 16:56:35 PDT 
<rdar://problem/63000006>
Comment 2 Andres Gonzalez 2020-07-06 17:04:44 PDT 
Relevant output from sample:

Sampling process 12998 for 3 seconds with 1 millisecond of run time between samples
Sampling completed, processing symbols...
Analysis of sampling com.apple.WebKit.WebContent.Development (pid 12998) every 1 millisecond
Process:         com.apple.WebKit.WebContent.Development [12998]
Path:            /System/Library/Frameworks/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.Development.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development
Load Address:    0x1058ec000
Identifier:      com.apple.WebKit.WebContent.Development

Call graph:
    2438 Thread_161694   DispatchQueue_1: com.apple.main-thread  (serial)
    + 2438 start  (in libdyld.dylib) + 1  [0x7fff6edd3221]
    +   2438 WebKit::XPCServiceMain(int, char const**)  (in WebKit) + 578  [0x7fff3e059439]
    +     2438 xpc_main  (in libxpc.dylib) + 437  [0x7fff6f046e54]
    +       2438 _xpc_objc_main  (in libxpc.dylib) + 760  [0x7fff6f04738b]
    +         2438 -[NSRunLoop(NSRunLoop) run]  (in Foundation) + 76  [0x7fff2d8fb6a3]
    +           2438 -[NSRunLoop(NSRunLoop) runMode:beforeDate:]  (in Foundation) + 212  [0x7fff2d86a5e0]
    +             2438 CFRunLoopRunSpecific  (in CoreFoundation) + 514  [0x7fff2ad9fe2b]
    +               2438 __CFRunLoopRun  (in CoreFoundation) + 1983  [0x7fff2ada0c58]
    +                 2438 __CFRUNLOOP_IS_SERVICING_THE_MAIN_DISPATCH_QUEUE__  (in CoreFoundation) + 9  [0x7fff2addefcf]
    +                   2438 _dispatch_main_queue_callback_4CF  (in libdispatch.dylib) + 940  [0x7fff6ed882cd]
    +                     2438 _dispatch_client_callout  (in libdispatch.dylib) + 8  [0x7fff6ed7c10f]
    +                       2438 _dispatch_call_block_and_release  (in libdispatch.dylib) + 12  [0x7fff6ed7af2d]
    +                         2438 -[WebAccessibilityObjectWrapper _accessibilitySetValue:forAttribute:]  (in WebCore) + 440  [0x7fff3d89af38]
    +                           2438 WebCore::AccessibilityRenderObject::setSelectedVisiblePositionRange(WebCore::VisiblePositionRange const&) const  (in WebCore) + 945  [0x7fff3c903361]
    +                             2438 WebCore::FrameSelection::moveTo(WebCore::VisiblePosition const&, WebCore::EUserTriggered, WebCore::FrameSelection::CursorAlignOnScroll)  (in WebCore) + 298  [0x7fff3baa17da]
    +                               2438 WebCore::FrameSelection::setSelection(WebCore::VisibleSelection const&, WTF::OptionSet<WebCore::FrameSelection::SetSelectionOption>, WebCore::AXTextStateChangeIntent, WebCore::FrameSelection::CursorAlignOnScroll, WebCore::TextGranularity)  (in WebCore) + 525  [0x7fff3ccef9ad]
    +                                 2438 WebKit::WebPage::sendEditorStateUpdate()  (in WebKit) + 79  [0x7fff3e44011d]
    +                                   2438 WebKit::WebPage::editorState(WebKit::WebPage::ShouldPerformLayout) const  (in WebKit) + 1128  [0x7fff3e43801a]
    +                                     2438 WebKit::WebPage::getPlatformEditorState(WebCore::Frame&, WebKit::EditorState&) const  (in WebKit) + 787  [0x7fff3e2f9701]
    +                                       2438 WebCore::Editor::stringForCandidateRequest() const  (in WebCore) + 123  [0x7fff3cd0d4cb]
    +                                         1930 WebCore::wordRangeFromPosition(WebCore::VisiblePosition const&)  (in WebCore) + 198  [0x7fff3cd87de6]
...
Comment 3 Andres Gonzalez 2020-07-06 17:05:18 PDT 
Created attachment 403639 [details]
Patch
Comment 4 chris fleizach 2020-07-06 17:15:07 PDT 
Comment on attachment 403639 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=403639&action=review

> Source/WebCore/ChangeLog:12
> +        * accessibility/AccessibilityRenderObject.cpp:

any chance to test this?
Comment 5 Andres Gonzalez 2020-07-07 10:54:04 PDT 
Created attachment 403707 [details]
Patch
Comment 6 EWS 2020-07-07 12:50:00 PDT 
Committed r264037: <https://trac.webkit.org/changeset/264037>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 403707 [details].