AX: Crash in setTextMarkerDataWithCharacterOffset
authorn_wang@apple.com <n_wang@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Jan 2016 20:53:31 +0000 (20:53 +0000)
committern_wang@apple.com <n_wang@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 22 Jan 2016 20:53:31 +0000 (20:53 +0000)
commitc7c9c8a9b52388719b724a21208098c61b719a59
tree3cc9370e4597232aaed080e9b02f4067e5573ca4
parent892eff9ec29f48831409a169237ab4e05176115c
AX: Crash in setTextMarkerDataWithCharacterOffset
https://bugs.webkit.org/show_bug.cgi?id=153365
<rdar://problem/24287924>

Reviewed by Chris Fleizach.

Source/WebCore:

Sometimes when we try to create a text marker range from a stale text marker with a removed
node, it will cause crash. Fixed it by adding a null check for the AccessibilityObject we
create in setTextMarkerDataWithCharacterOffset.

Test: accessibility/text-marker/text-marker-range-with-removed-node-crash.html

* accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::setTextMarkerDataWithCharacterOffset):

LayoutTests:

* accessibility/text-marker/text-marker-range-with-removed-node-crash-expected.txt: Added.
* accessibility/text-marker/text-marker-range-with-removed-node-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195468 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/accessibility/text-marker/text-marker-range-with-removed-node-crash-expected.txt [new file with mode: 0644]
LayoutTests/accessibility/text-marker/text-marker-range-with-removed-node-crash.html [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/accessibility/AXObjectCache.cpp