> 1 com.apple.WebCore 0x7fff900a5e6e -[AccessibilityObjectWrapper remoteAccessibilityParentObject] + 0x4e 2 com.apple.WebCore 0x7fff9005f9af -[AccessibilityObjectWrapper scrollViewParent] + 0x7f 3 com.apple.WebCore 0x7fff9003023d -[AccessibilityObjectWrapper accessibilityAttributeValue:] + 0xcd 4 com.apple.AppKit 0x7fff8ec7b26d -[NSObject(NSRemoteUIElementAccessibility) accessibilityPresenterProcessIdentifier] + 0x7a 5 com.apple.AppKit 0x7fff8e6b5bb9 NSAccessibilityCreateAXUIElementRef + 0x36a 6 com.apple.AppKit 0x7fff8e6b611b ConvertOutgoingValue + 0x50e 7 com.apple.AppKit 0x7fff8e6b5caf ConvertOutgoingValue + 0xa2 8 com.apple.AppKit 0x7fff8e6b630d ConvertOutgoingValueForAttribute + 0x1bd 9 com.apple.AppKit 0x7fff8e6b6360 CopyAppKitUIElementAttributeValueNoCatch + 0x48 10 com.apple.AppKit 0x7fff8e6b3d51 CopyAttributeValue + 0x13c 11 com.apple.HIServices 0x7fff8b0c956f _AXXMIGCopyAttributeValue + 0xe1 12 com.apple.HIServices 0x7fff8b0d2876 _XCopyAttributeValue + 0x26b 13 com.apple.HIServices 0x7fff8b0ae182 mshMIGPerform + 0x234 14 com.apple.CoreFoundation 0x7fff887e3abc __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE1_PERFORM_FUNCTION__ + 0x2c 15 com.apple.CoreFoundation 0x7fff887e37eb __CFRunLoopDoSource1 + 0x9b 16 com.apple.CoreFoundation 0x7fff88819f27 __CFRunLoopRun + 0x767 17 com.apple.CoreFoundation 0x7fff88819486 CFRunLoopRunSpecific + 0xe6 18 com.apple.HIToolbox 0x7fff876c44d3 RunCurrentEventLoopInMode + 0x115 19 com.apple.HIToolbox 0x7fff876cb781 ReceiveNextEventCommon + 0x163 20 com.apple.HIToolbox 0x7fff876cb60e BlockUntilNextEventMatchingListInMode + 0x3e 21 com.apple.AppKit 0x7fff8e41be31 _DPSNextEvent + 0x293 22 com.apple.AppKit 0x7fff8e41b735 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 0x87 23 com.apple.AppKit 0x7fff8e418071 -[NSApplication run] + 0x1d6 24 com.apple.WebKit2 0x7fff84b5963b WebKit::WebProcessMain(WebKit::CommandLine const&) + 0x229 25 com.apple.WebKit2 0x7fff84b3fc30 WebKitMain + 0x110 26 com.apple.WebProcess 0x109d9ce56 main + 0x0 (/SourceCache/WebKit2/WebKit2-7534.53.1/mac/MainMac.cpp:68) 27 com.apple.WebProcess 0x109d9cd64 start + 0x0
It appears that in RemoteAXObjectRef WebFrameLoaderClient::accessibilityRemoteObject() we are not checking whether the page is nil
Created attachment 163471 [details] patch for landing
Comment on attachment 163471 [details] patch for landing View in context: https://bugs.webkit.org/attachment.cgi?id=163471&action=review > Source/WebCore/accessibility/mac/WebAccessibilityObjectWrapper.mm:1393 > + Document* document = m_object->document(); I wanted to separate these calls out so 1) we don't end up calling document() three times. 2) If the crash is actually in this method (which I don't think is the case), it will be easier to determine which line
rdar://11638298
Comment on attachment 163471 [details] patch for landing thanks!
Comment on attachment 163471 [details] patch for landing Clearing flags on attachment: 163471 Committed r131834: <http://trac.webkit.org/changeset/131834>
All reviewed patches have been landed. Closing bug.