HP Secure Browser support (#16377): Detect & prevent infinite loop in iterUIARangeByUnit #16394
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
… loop in iterUIARangeByUnit Summary of the issue: We're experiencing NVDA locking up trying to infinitely split some text ranges, for example on www.bat.org when it tries to split the range representing "Submit" button into individual characters. NVDA hangs completely in this scenario and has to be forcibly killed. If the offending split is attempted, the hang always happens. Secure Browser seems to be provoking this split more, but we've also seen that in normal chromium-based browsers when using UIA instead of IAccessible2. This could be due to significant timing differences etc, as the virtualized browser has higher overhead. Typical repro scenario involves navigating to www.bat.org then duplicating the tab & closing some of the dupes, until NVDA attempts the split and hangs. Description of user facing changes: Detect & prevent the infinite loop so that NVDA remains responsive Description of development approach: This is likely a deficiency in UIA text range implementation on the chromium side, as I don't see anything obviously wrong with the algorithm in iterRangeByUnit which is doing the split. Rewriting this UIA algorithm in C++ and running against offending website also hangs, always, in regular Google Chrome, Edge, and Secure Browser. At the cost of extra Compare COM call we can detect that chromium is yielding same range infinitely, and therefore detect & shortcircuit the infinite loop on the NVDA side.
seanbudd
added
the
conceptApproved
seanbudd
approved these changes
Apr 16, 2024
tomaszw
pushed a commit
to tomaszw/nvda-hp
that referenced
this pull request
Apr 17, 2024
…access#16395 Summary of the issue: Changelog entries are missing for nvaccess#16392 nvaccess#16393 nvaccess#16394 nvaccess#16395 Description of user facing changes: Added Changelog entries Description of development approach: N/A
5 tasks
tomaszw
pushed a commit
to tomaszw/nvda-hp
that referenced
this pull request
Apr 17, 2024
…access#16395 Summary of the issue: Changelog entries are missing for nvaccess#16392 nvaccess#16393 nvaccess#16394 nvaccess#16395 Description of user facing changes: Added Changelog entries Description of development approach: N/A
tomaszw
pushed a commit
to tomaszw/nvda-hp
that referenced
this pull request
Apr 17, 2024
…access#16395 Summary of the issue: Changelog entries are missing for nvaccess#16392 nvaccess#16393 nvaccess#16394 nvaccess#16395 Description of user facing changes: Added Changelog entries Description of development approach: N/A
seanbudd
added a commit
that referenced
this pull request
Apr 18, 2024
* Changelog entries for #16392 #16393 #16394 #16395 Summary of the issue: Changelog entries are missing for #16392 #16393 #16394 #16395 Description of user facing changes: Added Changelog entries Description of development approach: N/A * Apply suggestions from code review --------- Co-authored-by: Tomasz Wroblewski <tomasz.wroblewski@hp.com> Co-authored-by: Sean Budd <seanbudd123@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link to issue number:
#16377
Summary of the issue:
We're experiencing NVDA locking up trying to infinitely split some text ranges, for example on www.bat.org when it tries to split the range representing "Submit" button into individual characters.
NVDA hangs completely in this scenario and has to be forcibly killed.
If the offending split is attempted, the hang always happens. Secure Browser seems to be provoking this split more, but we've also seen that in normal chromium-based browsers when using UIA instead of IAccessible2. This could be due to significant timing differences etc, as the virtualized browser has higher overhead.
Typical repro scenario involves navigating to www.bat.org then duplicating the tab & closing some of the dupes, until NVDA attempts the split and hangs.
Description of user facing changes
Detect & prevent the infinite loop so that NVDA remains responsive
Description of development approach
This is likely a deficiency in UIA text range implementation on the chromium side, as I don't see anything obviously wrong with the algorithm in iterRangeByUnit which is doing the split. Rewriting this UIA algorithm in C++ and running against offending website also hangs, always, in regular Google Chrome, Edge, and Secure Browser.
At the cost of extra Compare COM call we can detect that chromium is yielding same range infinitely, and therefore detect & shortcircuit the infinite loop on the NVDA side.
Testing strategy:
Manual testing
Known issues with pull request:
N/A
Code Review Checklist: