New issue
Advanced search Search tips

Issue 923567 link

Starred by 2 users
Status: Fixed
Owner:
thestig@chromium.org
Closed: Today
Components:
EstimatedDays: ----
NextAction: 2019-02-20
OS: Chrome
Pri: 3
Type: Bug
Team-Accessibility



Sign in to add a comment

Crash in extensions::AutomationInternalCustomBindings::GetParent()

Project Member Reported by thestig@chromium.org, Jan 18 (4 days ago) 
Chrome Version: 72.x, but the same crash exists in Chrome 65.
OS: ChromeOS

Not sure how this happened, but I was using ChromeVox. I got crash report 6b7b4720578ca45e, which has this stack trace:

Thread 0 (id: 0x0x00000dc0) CRASHED [SIGSEGV /SEGV_MAPERR @ 0x00000018 ]

0x000062d8e49c1901	(chrome -ax_node.h:45 )	extensions::AutomationInternalCustomBindings::GetParent(ui::AXNode*, extensions::AutomationAXTreeWrapper**) const
0x000062d8e49c179e	(chrome -automation_internal_custom_bindings.cc:90 )	extensions::(anonymous namespace)::ComputeGlobalNodeBounds(extensions::AutomationAXTreeWrapper*, ui::AXNode*, gfx::RectF, bool*, bool)
0x000062d8e49c6bf8	(chrome -automation_internal_custom_bindings.cc:657 )	std::__1::__function::__func<extensions::AutomationInternalCustomBindings::AddRoutes()::$_16, std::__1::allocator<extensions::AutomationInternalCustomBindings::AddRoutes()::$_16>, void (v8::Isolate*, v8::ReturnValue<v8::Value>, extensions::AutomationAXTreeWrapper*, ui::AXNode*)>::operator()(v8::Isolate*&&, v8::ReturnValue<v8::Value>&&, extensions::AutomationAXTreeWrapper*&&, ui::AXNode*&&)
0x000062d8e49c23ae	(chrome -functional:1913 )	extensions::(anonymous namespace)::NodeIDWrapper::Run(v8::FunctionCallbackInfo<v8::Value> const&)
...

Comment 1 by thestig@chromium.org, Jan 18 (4 days ago)

Owner: thestig@chromium.org
Status: Started (was: Untriaged)
Speculative fix: https://chromium-review.googlesource.com/1423464
Project Member

Comment 2 by bugdroid1@chromium.org, Today (11 hours ago) 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/303488d7338769d9b9ce2d5d7b7862a9be78d211

commit 303488d7338769d9b9ce2d5d7b7862a9be78d211
Author: Lei Zhang <thestig@chromium.org>
Date: Tue Jan 22 18:23:22 2019

Speculative fix for crashes inside ComputeGlobalNodeBounds().

Add a missing nullptr check.

BUG= 923567 
TBR=halliwell@chromium.org

Change-Id: I7394709e436fdb99dd933c787f15f2c06da994a7
Reviewed-on: https://chromium-review.googlesource.com/c/1423464
Reviewed-by: Lei Zhang <thestig@chromium.org>
Reviewed-by: Luke Halliwell <halliwell@chromium.org>
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/master@{#624841}
[modify] https://crrev.com/303488d7338769d9b9ce2d5d7b7862a9be78d211/chrome/renderer/extensions/automation_internal_custom_bindings.cc
[modify] https://crrev.com/303488d7338769d9b9ce2d5d7b7862a9be78d211/chromecast/renderer/extensions/automation_internal_custom_bindings.cc

Comment 3 by thestig@chromium.org, Today (11 hours ago)

Status: Fixed (was: Started)

Comment 4 by thestig@chromium.org, Today (11 hours ago)

NextAction: 2019-02-20
Will check back in a month and see if there are any new crashes with this signature.

Sign in to add a comment