Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

conhost crash (unknown cause) with UIA text range at {0, -1} #7664

Closed
DHowett opened this issue Sep 18, 2020 · 4 comments · Fixed by #7677
Closed

conhost crash (unknown cause) with UIA text range at {0, -1} #7664

DHowett opened this issue Sep 18, 2020 · 4 comments · Fixed by #7677
Assignees
@carlos-zamora
Labels
Area-Accessibility Issues related to accessibility Issue-Bug It either shouldn't be doing this or needs an investigation. Priority-1 A description (P1) Product-Conhost For issues in the Console codebase Resolution-Fix-Committed Fix is checked in, but it might be 3-4 weeks until a release. Severity-Crash Crashes are real bad news.
Milestone
Windows vNext

Comments

@DHowett
Copy link
Member

DHowett commented Sep 18, 2020
edited
Loading

x x x x x x x x x xz
8 conhost!Microsoft::Console::Types::Viewport::WalkInBoundsCircular   0x0000000000000031       viewport.cpp   411
9 conhost!Microsoft::Console::Types::Viewport::WalkInBounds   0x0000000000000019       viewport.cpp   383
10 conhost!TextBuffer::_GetWordEndForAccessibility   0x0000000000000092       textbuffer.cpp   1141
11 conhost!Microsoft::Console::Types::UiaTextRangeBase::ExpandToEnclosingUnit   0x00000000000001C0       uiatextrangebase.cpp   271
12 uiautomationcore!ProviderCallouts::ExpandToEnclosingUnit   0x0000000000000043       ProviderCallouts.h   1362
13 uiautomationcore!RemotePatternStub::TextRange_ExpandToEnclosingUnit
@DHowett DHowett added Product-Conhost For issues in the Console codebase Issue-Bug It either shouldn't be doing this or needs an investigation. Area-Accessibility Issues related to accessibility Severity-Crash Crashes are real bad news. Priority-1 A description (P1) zInbox Bug labels Sep 18, 2020
@DHowett DHowett added this to the Windows vNext milestone Sep 18, 2020
@ghost ghost added the Needs-Triage It's a new issue that the core contributor team needs to triage at the next triage meeting label Sep 18, 2020
@ghost ghost closed this as completed Sep 18, 2020
@ghost ghost added the Needs-Author-Feedback The original author of the issue/PR needs to come back and respond to something label Sep 18, 2020
@ghost
Copy link

ghost commented Sep 18, 2020

Hi! Thanks for attempting to open an issue. Unfortunately, you didn't write anything in the body which makes it impossible to understand your concern. You are welcome to fix up the issue and try again by opening another issue with the body filled out.

@ghost ghost added Needs-Attention The core contributors need to come back around and look at this ASAP. and removed Needs-Author-Feedback The original author of the issue/PR needs to come back and respond to something labels Sep 18, 2020
@DHowett DHowett reopened this Sep 18, 2020
@ghost ghost closed this as completed Sep 18, 2020
@ghost ghost added the Needs-Author-Feedback The original author of the issue/PR needs to come back and respond to something label Sep 18, 2020
@ghost
Copy link

ghost commented Sep 18, 2020

Hi! Thanks for attempting to open an issue. Unfortunately, you didn't write anything in the body which makes it impossible to understand your concern. You are welcome to fix up the issue and try again by opening another issue with the body filled out.

@DHowett DHowett reopened this Sep 18, 2020
@DHowett DHowett removed Needs-Attention The core contributors need to come back around and look at this ASAP. Needs-Author-Feedback The original author of the issue/PR needs to come back and respond to something Needs-Triage It's a new issue that the core contributor team needs to triage at the next triage meeting labels Sep 18, 2020
@carlos-zamora carlos-zamora mentioned this issue Sep 18, 2020
Merged
@ghost ghost added the In-PR This issue has a related PR label Sep 18, 2020
@ghost ghost closed this as completed in #7677 Sep 23, 2020
@ghost ghost added Resolution-Fix-Committed Fix is checked in, but it might be 3-4 weeks until a release. and removed In-PR This issue has a related PR labels Sep 23, 2020
ghost pushed a commit that referenced this issue Sep 23, 2020
@carlos-zamora
Fix A11y EndExclusive Error for Move & Expand (#7677)
40893b2 
`EndExclusive` represents the end of the buffer. This is designed to not
point to any data on the buffer. UiaTextRange would point to this
`EndExclusive` and then attempt to move based on it. However, since it
does not point to any data, it could experience undefined behavior or
(inevitably) crash from running out of bounds.

This PR specifically checks for expansion and movement at that point,
and prevents us from moving beyond it. There are plans in the future to
define the "end" as the last character in the buffer. Until then, this
solution will suffice and provide correct behavior that doesn't crash.

## Validation Steps Performed
Performed the referenced bugs' repro steps and added test coverage.

Closes MSFT-20458595
Closes #7663
Closes #7664
DHowett pushed a commit that referenced this issue Oct 19, 2020
@carlos-zamora @DHowett
Fix A11y EndExclusive Error for Move & Expand (#7677)
cf81d8c 
`EndExclusive` represents the end of the buffer. This is designed to not
point to any data on the buffer. UiaTextRange would point to this
`EndExclusive` and then attempt to move based on it. However, since it
does not point to any data, it could experience undefined behavior or
(inevitably) crash from running out of bounds.

This PR specifically checks for expansion and movement at that point,
and prevents us from moving beyond it. There are plans in the future to
define the "end" as the last character in the buffer. Until then, this
solution will suffice and provide correct behavior that doesn't crash.

## Validation Steps Performed
Performed the referenced bugs' repro steps and added test coverage.

Closes MSFT-20458595
Closes #7663
Closes #7664

(cherry picked from commit 40893b2)
@ghost
Copy link

ghost commented Nov 11, 2020

🎉This issue was addressed in #7677, which has now been successfully released as Windows Terminal v1.4.3141.0.:tada:

Handy links:

@ghost
Copy link

ghost commented Nov 11, 2020

🎉This issue was addressed in #7677, which has now been successfully released as Windows Terminal Preview v1.5.3142.0.:tada:

Handy links:

This issue was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carlos-zamora carlos-zamora

Labels
Area-Accessibility Issues related to accessibility Issue-Bug It either shouldn't be doing this or needs an investigation. Priority-1 A description (P1) Product-Conhost For issues in the Console codebase Resolution-Fix-Committed Fix is checked in, but it might be 3-4 weeks until a release. Severity-Crash Crashes are real bad news.
Projects
None yet
Milestone
Windows vNext
Development

Successfully merging a pull request may close this issue.

Fix A11y EndExclusive Error for Move & Expand microsoft/terminal
2 participants
@DHowett @carlos-zamora