HP Secure Browser support (#16377): Detect & prevent infinite loop in iterUIARangeByUnit #16394
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link to issue number:
#16377
Summary of the issue:
We're experiencing NVDA locking up trying to infinitely split some text ranges, for example on www.bat.org when it tries to split the range representing "Submit" button into individual characters.
NVDA hangs completely in this scenario and has to be forcibly killed.
If the offending split is attempted, the hang always happens. Secure Browser seems to be provoking this split more, but we've also seen that in normal chromium-based browsers when using UIA instead of IAccessible2. This could be due to significant timing differences etc, as the virtualized browser has higher overhead.
Typical repro scenario involves navigating to www.bat.org then duplicating the tab & closing some of the dupes, until NVDA attempts the split and hangs.
Description of user facing changes
Detect & prevent the infinite loop so that NVDA remains responsive
Description of development approach
This is likely a deficiency in UIA text range implementation on the chromium side, as I don't see anything obviously wrong with the algorithm in iterRangeByUnit which is doing the split. Rewriting this UIA algorithm in C++ and running against offending website also hangs, always, in regular Google Chrome, Edge, and Secure Browser.
At the cost of extra Compare COM call we can detect that chromium is yielding same range infinitely, and therefore detect & shortcircuit the infinite loop on the NVDA side.
Testing strategy:
Manual testing
Known issues with pull request:
N/A
Code Review Checklist: