46662 – CrashTracer: 1,803 crashes in Safari at com.apple.WebCore: -[AccessibilityObjectWrapper accessibilityIsIgnored] + 56

RESOLVED FIXED 46662

CrashTracer: 1,803 crashes in Safari at com.apple.WebCore: -[AccessibilityObjectWrapper accessibilityIsIgnored] + 56

https://bugs.webkit.org/show_bug.cgi?id=46662

Summary CrashTracer: 1,803 crashes in Safari at com.apple.WebCore: -[AccessibilityObj...

chris fleizach

Reported 2010-09-27 15:20:36 PDT

54 com.apple.WebCore: -[AccessibilityObjectWrapper accessibilityIsIgnored] + 56 <== 54 com.apple.AppKit: NSAccessibilityPostNotificationForObservedElement + 99 54 com.apple.WebCore: WebCore::AXObjectCache::postPlatformNotification + 234 54 com.apple.WebCore: WebCore::AXObjectCache::notificationPostTimerFired + 76 54 com.apple.WebCore: WebCore::ThreadTimers::sharedTimerFiredInternal + 151 54 com.apple.WebCore: WebCore::timerFired + 53 54 com.apple.CoreFoundation: __CFRunLoopRun + 6488 54 com.apple.CoreFoundation: CFRunLoopRunSpecific + 575 54 com.apple.HIToolbox: RunCurrentEventLoopInMode + 333 49 com.apple.HIToolbox: ReceiveNextEventCommon + 310 | 49 com.apple.HIToolbox: BlockUntilNextEventMatchingListInMode + 59 | 49 com.apple.AppKit: _DPSNextEvent + 708 | 49 com.apple.AppKit: -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155 | 49 com.apple.Safari: -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] | 47 com.apple.AppKit: -[NSApplication run] + 395 | | 47 com.apple.AppKit: NSApplicationMain + 364 | | 47 com.apple.Safari: start | pruning: 1 com.apple.AppKit: -[NSScroller trackKnob:] + 1959 | pruning: 1 com.apple.AppKit: -[NSScrollView scrollWheel:] + 711 pruning: 5 com.apple.HIToolbox: ReceiveNextEventCommon + 148

Attachments
patch (13.83 KB, patch) 2010-09-27 16:03 PDT, chris fleizach	bdakin: review+	Details Formatted Diff Diff
View All Add attachment proposed patch, testcase, etc.

chris fleizach

Comment 1 2010-09-27 15:21:26 PDT

The problem is that when posting a notification after a timer callback, an updateLayout can be called which invalidates the object that initiated the updateLayout.

chris fleizach

Comment 2 2010-09-27 15:21:53 PDT

rdar://8203386

chris fleizach

Comment 3 2010-09-27 16:03:59 PDT

Created attachment 68984 [details] patch

Beth Dakin

Comment 4 2010-09-27 17:28:17 PDT

Comment on attachment 68984 [details] patch Awesome! I don't love the name prepareAccessibilityMethod, but I'm not sure I have a better suggestion. What about something like updateObjectBackingStore? Is that too specific? Anyway, I don't think the title *needs* to change, but I thought I would mention it.

chris fleizach

Comment 5 2010-09-27 17:29:32 PDT

we can go with updateObjectBackingStore

chris fleizach

Comment 6 2010-09-27 17:44:35 PDT

http://trac.webkit.org/changeset/68461

Note You need to log in before you can comment on or make changes to this bug.

Status RESOLVED

Resolution FIXED

Priority P2

Severity Normal

Classification Unclassified

Version 528+ (Nightly build)

Hardware PC

OS OS X 10.5

Product WebKit

Component Accessibility

Assignee

chris fleizach

Reported

2010-09-27 15:20 PDT

Modified

2010-09-27 17:44 PDT History

CC List

1 user Show

URL

Keywords InRadar

Depends on

Blocks