Crash in mozilla::a11y::AccessibleWrap::GetIAccessibleFor

RESOLVED FIXED

Status

()

Core
Disability Access APIs
--
critical
RESOLVED FIXED
a year ago
10 months ago

People

(Reporter: calixte, Assigned: yzen)

Tracking

(Blocks: 1 bug, {crash})

52 Branch
Unspecified
Windows 10
crash
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox54 fixed)

Details

(Whiteboard: [clouseau], crash signature)

(Reporter)

Description

a year ago
This bug was filed from the Socorro interface and is 
report bp-1e9034de-8895-4d7b-a480-6c8f22170125.
=============================================================

There are 18 crashes in nightly 54.0a1, the build-id is 20170125030214.
In analyzing the backtrace, the patch [1] to fix bug 1332444 could have introduce this regression.

[1] https://hg.mozilla.org/mozilla-central/rev?node=f04c1c83233ce74b2ab56d802885901738e48ab5
(Reporter)

Updated

a year ago
Flags: needinfo?(yzenevich)
Flags: needinfo?(tbsaunde+mozbugs)
(Reporter)

Updated

a year ago
Crash Signature: [@ mozilla::a11y::AccessibleWrap::GetIAccessibleFor] → [@ mozilla::a11y::AccessibleWrap::GetIAccessibleFor] [@ mozilla::a11y::ProxyAccessible::GetCOMInterface]
(Reporter)

Updated

a year ago
Crash Signature: [@ mozilla::a11y::AccessibleWrap::GetIAccessibleFor] [@ mozilla::a11y::ProxyAccessible::GetCOMInterface] → [@ mozilla::a11y::AccessibleWrap::GetIAccessibleFor] [@ mozilla::a11y::ProxyAccessible::GetCOMInterface] [@ GetProxiedAccessibleInSubtree]
This stack overflow looks a lot like bug 1308397. Some failure case is not properly handled, and it runs into a circle.
Flags: needinfo?(aklotz)
(Assignee)

Updated

a year ago
Depends on: 1333406
Flags: needinfo?(yzenevich)
Flags: needinfo?(tbsaunde+mozbugs)
I found a way to reproduce this crash, see report bp-70b9db1d-95ab-4100-b0b1-274862170127.

1. With NVDA running, open taz.de/Politik/Deutschland/!p4616/.
2. Find the link "Gesellschaft" inside the big list of categories and sub categories such as "Politik", "Öko" etc., and when focused, press Ctrl+Enter to open in a new tab.
3. When this page loads, crash. The URL is: https://taz.de/Gesellschaft/!p4611/.

This happens to me every time.
(Assignee)

Comment 3

a year ago
(In reply to Marco Zehe (:MarcoZ) from comment #2)
> I found a way to reproduce this crash, see report
> bp-70b9db1d-95ab-4100-b0b1-274862170127.
> 
> 1. With NVDA running, open taz.de/Politik/Deutschland/!p4616/.
> 2. Find the link "Gesellschaft" inside the big list of categories and sub
> categories such as "Politik", "Öko" etc., and when focused, press Ctrl+Enter
> to open in a new tab.
> 3. When this page loads, crash. The URL is:
> https://taz.de/Gesellschaft/!p4611/.
> 
> This happens to me every time.

Thanks Marco, I believe a patch in bug 1333406 fixes the issue, just in case here's a try run:

https://treeherder.mozilla.org/#/jobs?repo=try&revision=b5b8b4aa7fc7e088dfc829a8681aaf6dfd9691e4
https://archive.mozilla.org/pub/firefox/try-builds/yura.zenevich@gmail.com-b5b8b4aa7fc7e088dfc829a8681aaf6dfd9691e4/
Assignee: nobody → yzenevich
(In reply to Yura Zenevich [:yzen] from comment #3)
> (In reply to Marco Zehe (:MarcoZ) from comment #2)
> > I found a way to reproduce this crash, see report
> > bp-70b9db1d-95ab-4100-b0b1-274862170127.
> > 
> > 1. With NVDA running, open taz.de/Politik/Deutschland/!p4616/.
> > 2. Find the link "Gesellschaft" inside the big list of categories and sub
> > categories such as "Politik", "Öko" etc., and when focused, press Ctrl+Enter
> > to open in a new tab.
> > 3. When this page loads, crash. The URL is:
> > https://taz.de/Gesellschaft/!p4611/.
> > 
> > This happens to me every time.
> 
> Thanks Marco, I believe a patch in bug 1333406 fixes the issue, just in case

I now get a different crash, see bug 1334966.
The GetIAccessibleFor and GetCOMInterface signatures were fixed by bug 1333406, however there are still stack overflows at GetProxiedAccessibleInSubtree.
Flags: needinfo?(aklotz)
Whiteboard: [clouseau]
(Assignee)

Comment 6

a year ago
I think this can be closed now..?
Status: NEW → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
status-firefox54: affected → fixed
Blocks: 1396527
You need to log in before you can comment on or make changes to this bug.