RESOLVED FIXED 155943
AX: Crash when AX trying to create element for an old auto fill element 
https://bugs.webkit.org/show_bug.cgi?id=155943
Summary AX: Crash when AX trying to create element for an old auto fill element
chris fleizach
Reported 2016-03-28 00:17:13 PDT
AX code can access an auto fill element that is still there as a Node, but has no renderer, and then add it to its child list as an empty refPtr Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x00007fff9d11a403 WebCore::AccessibilityRenderObject::addChildren() + 355 1 com.apple.WebCore 0x00007fff9d108c52 WebCore::AccessibilityObject::updateChildrenIfNecessary() + 66 2 com.apple.WebCore 0x00007fff9d10460d WebCore::AccessibilityObject::updateBackingStore() + 77 3 com.apple.WebCore 0x00007fff9dea6dfd -[WebAccessibilityObjectWrapperBase updateObjectBackingStore] + 61 4 com.apple.WebCore 0x00007fff9deb6ff7 -[WebAccessibilityObjectWrapper accessibilityIsIgnored] + 23 5 com.apple.AppKit 0x00007fff93d5adbe NSAccessibilityEntryPointIsAccessibilityElement + 231 6 com.apple.AppKit 0x00007fff93dc5101 NSAccessibilityPostNotificationForObservedElementWithUserInfo + 215 7 com.apple.WebCore 0x00007fff9d18ee7f WebCore::AXObjectCache::postPlatformNotification(WebCore::AccessibilityObject*, <rdar://problem/25350155>
Attachments
patch (4.50 KB, patch)
2016-03-28 00:45 PDT, chris fleizach 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
chris fleizach
Comment 1 2016-03-28 00:45:25 PDT
Created attachment 275018 [details] patch
WebKit Commit Bot
Comment 2 2016-03-28 17:58:22 PDT
Comment on attachment 275018 [details] patch Clearing flags on attachment: 275018 Committed r198769: <http://trac.webkit.org/changeset/198769>
WebKit Commit Bot
Comment 3 2016-03-28 17:58:25 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.