Bug 219477 - Fix for crash handling NSAccessibilityInsertionPointLineNumberAttribute for text fields in isolated tree mode.
Summary: Fix for crash handling NSAccessibilityInsertionPointLineNumberAttribute for t...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Andres Gonzalez
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-12-02 19:31 PST by Andres Gonzalez
Modified: 2020-12-03 06:09 PST (History)
9 users (show)

See Also:

Attachments
Patch (7.97 KB, patch)
2020-12-02 19:46 PST, Andres Gonzalez 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andres Gonzalez 2020-12-02 19:31:27 PST 
Fix for crash handling NSAccessibilityInsertionPointLineNumberAttribute for text fields in isolated tree mode.
Comment 1 Andres Gonzalez 2020-12-02 19:46:31 PST 
Backtrace of the assert crash:
(lldb) bt
* thread #13, name = 'com.apple.accessibility.secondary', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
  * frame #0: 0x0000000655fca2ee JavaScriptCore`::WTFCrash() at Assertions.cpp:295:35
    frame #1: 0x000000063697825b WebCore`WTFCrashWithInfo((null)=1371, (null)="./accessibility/isolatedtree/AXIsolatedObject.cpp", (null)="virtual int WebCore::AXIsolatedObject::lineForPosition(const WebCore::VisiblePosition &) const", (null)=938) at Assertions.h:671:5
    frame #2: 0x000000063909e0bb WebCore`WebCore::AXIsolatedObject::lineForPosition(this=0x00000006698f09d8, position=0x000070000d88f7b8) const at AXIsolatedObject.cpp:1371:5
    frame #3: 0x000000063b8237db WebCore`-[WebAccessibilityObjectWrapper accessibilityAttributeValue:](self=0x00007fb167e50c20, _cmd="accessibilityAttributeValue:", attributeName="AXInsertionPointLineNumber") at WebAccessibilityObjectWrapperMac.mm:2293:45
    frame #4: 0x00007fff22e1cd05 AppKit`NSAccessibilityGetObjectForAttributeUsingLegacyAPI + 343
    frame #5: 0x00007fff233b976f AppKit`___NSAccessibilityEntryPointValueForAttribute_block_invoke.811 + 2544
    frame #6: 0x00007fff233b5083 AppKit`NSAccessibilityPerformEntryPointObject + 16
    frame #7: 0x00007fff23076b6e AppKit`_NSAccessibilityEntryPointValueForAttribute + 168
    frame #8: 0x00007fff231ae741 AppKit`-[NSObject(NSAccessibilityInternal) _accessibilityValueForAttribute:clientError:] + 341
    frame #9: 0x00007fff231b36f2 AppKit`CopyAppKitUIElementAttributeValueNoCatch + 98
    frame #10: 0x00007fff231b06a7 AppKit`CopyAttributeValue + 142
    frame #11: 0x00007fff257e1b7b HIServices`_AXXMIGCopyAttributeValue + 409
    frame #12: 0x00007fff2580383b HIServices`_XCopyAttributeValue + 443
    frame #13: 0x00007fff257c2854 HIServices`mshMIGPerform + 174
    frame #14: 0x00007fff20561178 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 41
    frame #15: 0x00007fff20561055 CoreFoundation`__CFRunLoopDoSource1 + 595
    frame #16: 0x00007fff2055f6f9 CoreFoundation`__CFRunLoopRun + 2402
    frame #17: 0x00007fff2055e6be CoreFoundation`CFRunLoopRunSpecific + 563
    frame #18: 0x00007fff257e52b9 HIServices`axThreadEntry + 127
    frame #19: 0x00007fff20467950 libsystem_pthread.dylib`_pthread_start + 224
    frame #20: 0x00007fff2046347b libsystem_pthread.dylib`thread_start + 15
(lldb)
Comment 2 Andres Gonzalez 2020-12-02 19:46:44 PST 
Created attachment 415271 [details]
Patch
Comment 3 chris fleizach 2020-12-02 19:59:07 PST 
Comment on attachment 415271 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=415271&action=review

> Source/WebCore/accessibility/isolatedtree/AXIsolatedObject.h:-385
> -    unsigned selectionStart() const override { return 0; }

Can we remove the todo
Comment 4 EWS 2020-12-03 06:08:36 PST 
Committed r270393: <https://trac.webkit.org/changeset/270393>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 415271 [details].
Comment 5 Radar WebKit Bug Importer 2020-12-03 06:09:19 PST 
<rdar://problem/71934386>