[Webkit-unassigned] [Bug 187528] New: AX: Crash in accessing AXObjectCache in textMarkerDataForVisiblePosition

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jul 10 10:51:26 PDT 2018 

https://bugs.webkit.org/show_bug.cgi?id=187528

            Bug ID: 187528
           Summary: AX: Crash in accessing AXObjectCache in
                    textMarkerDataForVisiblePosition
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: All
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Accessibility
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: cfleizach at apple.com
                CC: webkit-bug-importer at group.apple.com

<rdar://problem/37231941> CrashTracer: com.apple.WebKit.WebContent.Development at com.apple.WebCore: WebCore::AXObjectCache::get + 75

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x0000000000000020
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [0]

VM Regions Near 0x20:
--> 
    __TEXT                 0000000102505000-0000000102507000 [    8K] r-x/rwx SM=COW  /Volumes/VOLUME/*/WebKit.framework/Versions/A/XPCServices/com.apple.WebKit.WebContent.xpc/Contents/MacOS/com.apple.WebKit.WebContent.Development

Application Specific Information:
CRASHING TEST: accessibility/mac/search-field-cancel-button.html

Thread 0 Crashed:
0   com.apple.WebCore                   0x00000007a0aae5db WebCore::AXObjectCache::get(WebCore::Node*) + 75
1   com.apple.WebCore                   0x00000007a0aadf4b WebCore::AXObjectCache::getOrCreate(WebCore::Node*) + 43
2   com.apple.WebCore                   0x00000007a0ab48e2 WebCore::AXObjectCache::textMarkerDataForVisiblePosition(WebCore::VisiblePosition const&) + 290
3   com.apple.WebCore                   0x00000007a15a7dfe -[WebAccessibilityObjectWrapper textMarkerRangeFromVisiblePositions:endPosition:] + 62
4   com.apple.WebCore                   0x00000007a03401ce WebCore::AXObjectCache::postTextStateChangePlatformNotification(WebCore::AccessibilityObject*, WebCore::AXTextStateChangeIntent const&, WebCore::VisibleSelection const&) + 494
5   com.apple.WebCore                   0x00000007a0ab0c5c WebCore::AXObjectCache::postTextStateChangeNotification(WebCore::AccessibilityObject*, WebCore::AXTextStateChangeIntent const&, WebCore::VisibleSelection const&) + 188
6   com.apple.WebCore                   0x00000007a037bfcb WebCore::FrameSelection::notifyAccessibilityForSelectionChange(WebCore::AXTextStateChangeIntent const&) + 203
7   com.apple.WebCore                   0x00000007a0e02f87 WebCore::FrameSelection::updateAndRevealSelection(WebCore::AXTextStateChangeIntent const&) + 167
8   com.apple.WebCore                   0x00000007a0e087e9 WebCore::FrameSelection::updateAppearanceAfterLayout() + 73
9   com.apple.WebCore                   0x00000007a0040c25 WebCore::FrameView::performPostLayoutTasks() + 37
10  com.apple.WebCore                   0x00000007a109b3ff WebCore::LayoutContext::runOrScheduleAsynchronousTasks() + 239
11  com.apple.WebCore                   0x00000007a10910bc WebCore::LayoutContext::layout() + 1612
12  com.apple.WebCore                   0x00000007a0098070 WebCore::Document::updateLayout() + 256
13  com.apple.WebCore                   0x00000007a0d29e5c WebCore::Document::updateLayoutIgnorePendingStylesheets(WebCore::Document::RunPostLayoutTasks) + 92
14  com.apple.WebCore                   0x00000007a0d55f36 WebCore::Element::boundingClientRect() + 38
1

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20180710/55522ef1/attachment-0001.html>

More information about the webkit-unassigned mailing list