Bug 286444

Summary:	AX: Crash in AccessibilityObjectAtspi::focus()
Product:	WebKit	Reporter:	Mike Gorse <mgorse>
Component:	Accessibility	Assignee:	Nobody <webkit-unassigned>
Status:	RESOLVED FIXED
Severity:	Normal	CC:	andresg_22, webkit-bug-importer
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	All
OS:	All

Mike Gorse

Reported 2025-01-23 15:42:19 PST

I just encountered a crash in AccessibilityObjectAtspi::focus (I was trying to select the allow button to authorize a Google account in evolution, with Orca running). The function checks that m_coreObject is not null, but it later calls m_coreObject->updateBackingStore, which can cause m_coreObject to go away. I guess the code needs to check that it is still non-null before trying to query it again.

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2025-01-23 15:42:29 PST

<rdar://problem/143527024>

Mike Gorse

Comment 2 2025-01-28 11:14:31 PST

Pull request: https://github.com/WebKit/WebKit/pull/39635

EWS

Comment 3 2026-04-18 15:19:41 PDT

Committed 311534@main (d7f440a382f0): <https://commits.webkit.org/311534@main> Reviewed commits have been landed. Closing PR #39635 and removing active labels.

Note You need to log in before you can comment on or make changes to this bug.