Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 952a3d64ad9722e20829b5496cb55917b283620d
https://github.com/WebKit/WebKit/commit/952a3d64ad9722e20829b5496cb55917b283620d
Author: Tyler Wilcock <[email protected]>
Date: 2025-12-10 (Wed, 10 Dec 2025)
Changed paths:
M Source/WebCore/accessibility/AXObjectCache.cpp
M Source/WebCore/accessibility/AXObjectCache.h
Log Message:
-----------
AX: It's not safe to immediately call getOrCreate when documents load, as
style or layout can be dirty, causing CheckedPtr<RenderObject> crashes
https://bugs.webkit.org/show_bug.cgi?id=303788
rdar://164973559
Reviewed by Joshua Hoffman.
If layout or style is dirty, getOrCreate is not safe to call, as doing so holds
various CheckedPtr<RenderObject>s on
the stack that can be destroyed and cause a crash.
This commit adds AXObjectCache::m_deferredNotifications for notifications we
want to post when we know style and
layout is clean.
* Source/WebCore/accessibility/AXObjectCache.cpp:
(WebCore::AXObjectCache::onTopDocumentLoaded):
(WebCore::AXObjectCache::onNonTopDocumentLoaded):
(WebCore::AXObjectCache::performDeferredCacheUpdate):
(WebCore::AXObjectCache::handleDeferredNotification):
(WebCore::AXObjectCache::postDeferredNotificationIfNecessary):
* Source/WebCore/accessibility/AXObjectCache.h:
(WebCore::DeferredNotificationData::DeferredNotificationData):
Canonical link: https://commits.webkit.org/304272@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
