WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
239909
CrashTracer: com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions
https://bugs.webkit.org/show_bug.cgi?id=239909
Summary
CrashTracer: com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::TextChe...
Devin Rousso
Reported
2022-04-29 13:23:04 PDT
an `NSRangeException` is thrown inside `-[NSConcreteMutableAttributedString addAttribute:value:range:]`
Attachments
Patch
(6.96 KB, patch)
2022-04-29 13:36 PDT
,
Devin Rousso
no flags
Details
Formatted Diff
Diff
Patch
(17.23 KB, patch)
2022-05-16 17:27 PDT
,
Devin Rousso
no flags
Details
Formatted Diff
Diff
Patch
(17.23 KB, patch)
2022-05-16 20:04 PDT
,
Devin Rousso
no flags
Details
Formatted Diff
Diff
Show Obsolete
(3)
View All
Add attachment
proposed patch, testcase, etc.
Devin Rousso
Comment 1
2022-04-29 13:23:23 PDT
<
rdar://problem/87885717
>
Devin Rousso
Comment 2
2022-04-29 13:36:05 PDT
Created
attachment 458605
[details]
Patch
Alexey Proskuryakov
Comment 3
2022-04-29 14:20:25 PDT
Comment on
attachment 458605
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=458605&action=review
> Source/WebCore/ChangeLog:3 > + CrashTracer: com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions
A subtle TextIterator fix like this seems like it strongly requires a regression test.
Devin Rousso
Comment 4
2022-04-29 14:29:21 PDT
Comment on
attachment 458605
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=458605&action=review
>> Source/WebCore/ChangeLog:3 >> + CrashTracer: com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions > > A subtle TextIterator fix like this seems like it strongly requires a regression test.
yeah im working on that now i put this up to let EWS munch on it :)
Darin Adler
Comment 5
2022-04-29 14:53:49 PDT
Comment on
attachment 458605
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=458605&action=review
>>> Source/WebCore/ChangeLog:3 >>> + CrashTracer: com.apple.WebKit.WebContent at com.apple.WebKit: WebKit::TextCheckingControllerProxy::annotatedSubstringBetweenPositions >> >> A subtle TextIterator fix like this seems like it strongly requires a regression test. > > yeah im working on that now > > i put this up to let EWS munch on it :)
I think it would be best to have some TextIterator tests for this bug that do *not* involve NSAttributedString; this underlying issue is not specific to the NSAttributedString code path, and can be tested without involving the NSAttributedString code path. I also think the NSAttributedString code path might benefit from additional defensive range checking rather than relying on the subtle and complex TextIterator machinery to never create something with an incorrect offset. We may want to fix this bug both ways, with: a) defensive code in the code that deals with NSAttributedString that would prevent this kind of incorrect text offset computation from causing a crash, and b) this TextIterator change that gives us a correct result that is valuable in and of itself. Unfortunately the (b) change would make it a little harder to test (a) since we would no longer be able to use this bug to test the defensive checks are necessary.
Devin Rousso
Comment 6
2022-05-16 17:27:30 PDT
Created
attachment 459466
[details]
Patch
Devin Rousso
Comment 7
2022-05-16 17:29:23 PDT
Comment on
attachment 459466
[details]
Patch View in context:
https://bugs.webkit.org/attachment.cgi?id=459466&action=review
> Source/WebCore/editing/TextIterator.cpp:638 > + if (runStart >= runEnd && m_behaviors.contains(TextIteratorBehavior::IgnoresWhiteSpaceAtEndOfRun)) { > + m_textRun = nextTextRun; > + continue; > + }
I think this is actually the correct behavior that should _always_ be used, but since this is a regression I'd rather target my fix to just that and then (perhaps) remove the check later on so that if there is a problem, rollouts are less conflicting (i.e. fixes one bug only to introduce another)
Devin Rousso
Comment 8
2022-05-16 20:04:55 PDT
Created
attachment 459472
[details]
Patch
Devin Rousso
Comment 9
2022-05-17 11:31:44 PDT
Pull request:
https://github.com/WebKit/WebKit/pull/681
EWS
Comment 10
2022-05-27 14:51:15 PDT
Committed
r294955
(
251061@main
): <
https://commits.webkit.org/251061@main
> Reviewed commits have been landed. Closing PR #681 and removing active labels.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug