New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 880654 link

Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Sep 13
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 1
Type: Bug
Team-Accessibility



Sign in to add a comment

DCHECK failure in AXPosition::CreatePositionInTextObject()

Project Member Reported by thestig@chromium.org, Sep 5

Issue description

Chrome Version: r588553
OS: Chrome for Chrome OS on Linux

What steps will reproduce the problem?
(1) Enable ChromeVox with ctrl + alt + z
(2) Visit chrome://flags
(3) ???
(4) DCHECK tab crash

Not sure how sequence trigged the crash. :(

[1:1:0904/175635.510034:FATAL:ax_position.cc(123)] Check failed: position.IsValid(). 
#0 0x563923bc68ec base::debug::StackTrace::StackTrace()
#1 0x563923b311bb logging::LogMessage::~LogMessage()
#2 0x563928da4555 blink::AXPosition::CreatePositionInTextObject()
#3 0x563928dcd627 blink::AXNodeObject::Markers()
#4 0x5639275b29d7 blink::WebAXObject::Markers()
#5 0x563927941cff content::BlinkAXTreeSource::SerializeNode()
#6 0x563927810bd5 ui::AXTreeSerializer<>::SerializeChangedNodes()
#7 0x563927809d29 ui::AXTreeSerializer<>::SerializeChanges()
#8 0x56392780cc7f content::RenderAccessibilityImpl::SendPendingAccessibilityEvents()
#9 0x563920dd9f17 _ZN4base8internal7InvokerINS0_9BindStateIMN3net16HostResolverImpl8ProcTaskEFvvEJNS_7WeakPtrIS5_EEEEEFvvEE7RunOnceEPNS0_13BindStateBaseE
#10 0x563923be87d5 base::debug::TaskAnnotator::RunTask()
...

 
Ah ha!

(1) Enable ChromeVox with ctrl + alt + z
(2) Visit chrome://flags
(3) Type in "experime" into the flags search box at the top of the page.
(4) Press ctrl + f
(5) Do find-in-page search for "asd"

Cc: -nek...@chromium.org
Labels: -Pri-3 ReleaseBlock-Beta M-70 Pri-1
Owner: nek...@chromium.org
Status: Assigned (was: Untriaged)
Friendly ping. Checking on the progress of these RBBs, please update with an ETA on fixes if this issue is still an RBB. Otherwise please remove the RBB label. Thanks.
The TextIterator under core/editing/iterators is returning the wrong length for a specific text node. I'll have to dig deeper into TextIterator and see if there are any extra arguments that need to be passed. For the time being, I'll simply return an invalid AXPosition if validations check fail.
Status: Started (was: Assigned)
The root cause of the issue has been identified. Document markers are using DOM relative offsets, but when converted to equivalent markers in the accessibility tree they should adjust their offsets. Patch uploaded.
Project Member

Comment 6 by bugdroid1@chromium.org, Sep 13

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/26dc18f251ff15d3181eae4b4844993949585422

commit 26dc18f251ff15d3181eae4b4844993949585422
Author: Nektarios Paisios <nektar@chromium.org>
Date: Thu Sep 13 16:58:15 2018

Converts from a DOM position to an AXPosition when retrieving document markers

Document markers, such as those used for spelling errors and find matches, use DOM relative character offsets.
In the accessibility tree we need to use offsets that are relative to the layout or the computed name of the node.
For example, white space needs to be collapsed.
We use the new AXPosition class to do the conversion.
This also happens to fix a DCHECK crash.

R=dmazzoni@chromium.org

Bug:  880654 
Change-Id: I870262ad948cbb06a7d7e4ab253c04da2c353e4f
Tested: manually with steps listed in the bug
Reviewed-on: https://chromium-review.googlesource.com/1224653
Commit-Queue: Nektarios Paisios <nektar@chromium.org>
Commit-Queue: Dominic Mazzoni <dmazzoni@chromium.org>
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#591049}
[modify] https://crrev.com/26dc18f251ff15d3181eae4b4844993949585422/third_party/blink/renderer/modules/accessibility/ax_node_object.cc

Status: Fixed (was: Started)
Labels: Merge-TBD
[Auto-generated comment by a script] We noticed that this issue is targeted for M-70; it appears the fix may have landed after branch point, meaning a merge might be required. Please confirm if a merge is required here - if so add Merge-Request-70 label, otherwise remove Merge-TBD label. Thanks.
Project Member

Comment 9 by sheriffbot@chromium.org, Oct 26

Labels: -Merge-TBD

Sign in to add a comment