This bug was filed from the Socorro interface and is report bp-2bcffa8a-e508-46b2-bb26-db07c2170130. ============================================================= This crash occurs if I view a commit in one of my GitHub projects.
Alex, this looks like it fallls in your court.
Status: UNCONFIRMED → NEW
Component: Disability Access → Disability Access APIs
Ever confirmed: true
Product: Firefox → Core
I'm also using the GitHub accessibility fixes Greasemonkey script, specifically this one: https://raw.githubusercontent.com/nvaccess/axSGrease/13d47a65aa30637679a847c964d59e572cc81ac6/GitHubA11yFixes.user.js
Tyler, I see you've been using Firefox 50 for this. Firefox 51 came out a week ago. Can you still reproduce the crash with that version, too?
(In reply to Marco Zehe (:MarcoZ) from comment #3) > Tyler, I see you've been using Firefox 50 for this. Firefox 51 came out a > week ago. Can you still reproduce the crash with that version, too? I'm using 51.0.1 according to Help/About, and it still crashes. I haven't received any update notifications since I created the bug.
All right. Am I right in assuming that the version you're using is a bit outdated? The commit ID seems to point to a version that is almost a year old.
I meant the version of the GreaseMonkey script, sorry!
(In reply to Marco Zehe (:MarcoZ) from comment #6) > I meant the version of the GreaseMonkey script, sorry! It is. I matched the same version I was running with the file on GitHub in case something changed in a newer version which would stop the crash.
(In reply to tspivey from comment #2) > I'm also using the GitHub accessibility fixes Greasemonkey script, > specifically this one: > https://raw.githubusercontent.com/nvaccess/axSGrease/ > 13d47a65aa30637679a847c964d59e572cc81ac6/GitHubA11yFixes.user.js could you please share exact steps to reproduce?
(In reply to alexander :surkov from comment #8) > could you please share exact steps to reproduce? STR, from a new profile: 1. Install Greasemonkey from addons. 2. Install this old version of the GitHub a11y fixes script by opening the page (the latest as of now won't crash): https://raw.githubusercontent.com/nvaccess/axSGrease/13d47a65aa30637679a847c964d59e572cc81ac6/GitHubA11yFixes.user.js 3. Sign in to GitHub. 4. Open any commit, example from one of my repos: https://github.com/tspivey/classicSelection/commit/3777951339fa1b1e95ab097ef9cbac38279b724d Or this one from NVDA: https://github.com/nvaccess/nvda/commit/08af4cef7e83fa33ada0678b495af44b00d8c843
here's what happens here, when aria-owns refers to a child inaccessible span, then aria-owns processing makes this span accessible and the span steals children from the owner, which breaks our moving logic. despite the fix may be straightforward, it'd be good to have something to avoid cases like this in the future.
Created attachment 8832952 [details] [diff] [review] patch
Assignee: nobody → surkov.alexander
Attachment #8832952 - Flags: review?(yzenevich)
Attachment #8832952 - Flags: review?(yzenevich) → review+
https://hg.mozilla.org/integration/mozilla-inbound/rev/8518a4c295122b90473a24b396102ed5453fcb62 Bug 1334972 - crash when aria-owned child takes children from its parent, r=yzen
Status: NEW → RESOLVED
Last Resolved: a year ago
status-firefox54: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla54
Please request Aurora/Beta approval on this when you get a chance.
status-firefox51: --- → wontfix
status-firefox52: --- → affected
status-firefox53: --- → affected
Comment on attachment 8832952 [details] [diff] [review] patch Approval Request Comment [Feature/Bug causing the regression]:unknown [User impact if declined]:crashes [Is this code covered by automated tests?]:yes [Has the fix been verified in Nightly?]:yes [Needs manual test from QE? If yes, steps to reproduce]: comment #9 [List of other uplifts needed for the feature/fix]:no [Is the change risky?]:fair risk [Why is the change risky/not risky?]:simple change in complicated code [String changes made/needed]:no
Attachment #8832952 - Flags: approval-mozilla-aurora?
Attachment #8832952 - Flags: approval-mozilla-beta?
Comment on attachment 8832952 [details] [diff] [review] patch Fix a crash. Aurora53+.
Attachment #8832952 - Flags: approval-mozilla-aurora? → approval-mozilla-aurora+
status-firefox53: affected → fixed
Comment on attachment 8832952 [details] [diff] [review] patch let's get this fix in 52.0b5
Attachment #8832952 - Flags: approval-mozilla-beta? → approval-mozilla-beta+
status-firefox52: affected → fixed
status-firefox-esr52: --- → fixed
You need to log in before you can comment on or make changes to this bug.