311427 2026-04-03 10:56:56 -0700 AX: Opendeck crashes webkitgtk with Orca running 2026-04-06 02:08:11 -0700 1 1 1 Unclassified WebKit Accessibility WebKit Nightly Build All All NEW InRadar P2 Normal --- 1 mgorse webkit-unassigned andresg_22 webkit-bug-importer oldest_to_newest 2196632 0 mgorse 2026-04-03 10:56:56 -0700 With the latest code from the webkitglib/2.52 branch, starting opendeck and pressing tab + shift tab a few times gives this crash: (gdb) bt full #0 WTFCrash () at ../../../Source/WTF/wtf/Assertions.cpp:380 #1 0x00007f942eeae77e in WTF::CrashOnOverflow::crash () at WTF/Headers/wtf/CheckedArithmetic.h:110 #2 0x00007f942eeae769 in WTF::CrashOnOverflow::overflowed () at WTF/Headers/wtf/CheckedArithmetic.h:103 #3 0x00007f94349e5c78 in WTF::Vector<unsigned int, 128ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::at (this=0x7ffd4ad67140, i=119) at WTF/Headers/wtf/Vector.h:746 #4 0x00007f94349e5191 in WTF::Vector<unsigned int, 128ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>::operator[] (this=0x7ffd4ad67140, i=119) at WTF/Headers/wtf/Vector.h:751 #5 0x00007f94349dd6b5 in WebCore::UTF16OffsetToUTF8 (mapping=WTF::Vector of length 10, capacity 128 = {...}, offset=119) at ../../../Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp:257 #6 0x00007f94349dedfd in WebCore::AccessibilityObjectAtspi::textAtOffset (this=0x7f941885aa00, offset=1, granularity=WebCore::AccessibilityObjectAtspi::TextGranularity::LineStart, startOffset=@0x7ffd4ad675d4: 0, endOffset=@0x7ffd4ad675d0: 0) at ../../../Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp:482 mapping = WTF::Vector of length 10, capacity 128 = {0, 1, 2, 3, 4, 5, 6, 7, 8, 9} utf16Offset = 1 boundaryOffset = {m_x = 119, m_y = 120} utf16Text = Python Exception <class 'TypeError'>: can't concat str to bytes utf8Text = Python Exception <class 'ValueError'>: chr() arg not in range(0x110000) length = 9 substring = std::unique_ptr<char> = {get() = 0x0} #7 0x00007f94349dbd0c in operator() (__closure=0x0, methodName=0x7b4a620 "GetStringAtOffset", parameters=0x7864dd0, invocation=0x7c94900, userData=0x7f941885aa00) at ../../../Source/WebCore/accessibility/atspi/AccessibilityObjectTextAtspi.cpp:96 end = 0 offset = 1 granularityType = 3 start = 0 text = Python Exception <class 'ValueError'>: chr() arg not in range(0x110000) atspiObject = {static isRef = <optimized out>, m_ptr = 0x7f941885aa00} I think that offset values are being calculated incorrectly for the given text, eventually leading to an out-of-range vector look-up. 2196633 1 webkit-bug-importer 2026-04-03 10:57:02 -0700 <rdar://problem/174025357> 2197190 2 mgorse 2026-04-06 01:56:14 -0700 I just updated opendeck to 2.11.0, which has several accessibility improvements, and now I am no longer to reproduce the crash that I was seeing before. I'll need to track this down better. 2197193 3 mgorse 2026-04-06 02:08:11 -0700 Actually, looking at this more, I do still encounter the crash using 2.11.0. If I press tab a few times, then focusing the control past "search actions" triggers it. Sorry for the noise.