[linux] Eclipse crashes if gnome-orca is enabled

[nblix]

I'm not sure if this is the right repository to report this issue. If it is not, it would be very nice if you could move this issue to the proper repository.

Because I'm blind I'm using the gnome-orca screen reader on gnome desktop. Unfortunately eclipse crashes in various situations if the screen reader is running. I also had the chance to ask for some sighted assistance to confirm these crashes don't occur if gnome-orca is not enabled. I'm not sure which one was the first version of eclipse that introduced this issue, but it is present in the current and most recent versions.

Also I'm not sure what exactly is causing these crashes. But i will provide some examples below showing how to reproduce them.

I tried some different linux distro / desktop / display server / jdk combinations to make sure, these crashes don't depend on any of them.
Used environments include:

• Fedora 38 with xorg or wayland, JDK 11, 17 and 21,
• Ubuntu 23.04 with gnome on xorg / wayland, JDK 11, 17 and 21
• Debian Bookworm with gnome on xorg and JDK 11, 17 and 21

Examples how to reproduce this behaviour include:

The marketplace:

• press alt + h to go to the help menu
• navigate down to the marketplace client and press enter
• start typing into the search field
• after pressing enter my eclipse crashes the vm all the time

Java Editors auto completion:

• open up a java file in the editor
• start typing any expression
• press ctrl + space to trigger auto completion
• press F2 to set the focus to the suggestions list
• start moving the cursor up and down
• as soon as i start to move the cursor it crashes the vm

After all i have no idea what exactly causes these crashes. The only pattern i recognized is that in the call stacks in the hs_err files there is always something from the swt accessibility stack for gtk.

Please let me know, if you need any further information.

[SyntevoAlex]

Please post your hs_err files.

[nblix]

hs_err_pid18800.log
hs_err_pid19323.log

[nblix]

Just tried again with a completely new installed eclipse on debian (istalled with the official installer using the Java IDE profile). These two crashes occured when i:

• tried to open a java file from the package explorer
• tried to open the marketplace

[SyntevoAlex]

Important parts from the crash logs

Stack: [0x00007fe6574fc000,0x00007fe6575fc000],  sp=0x00007fe6575f7cd0,  free space=1007k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [libgtk-3.so.0+0x34e66d]  gtk_widget_get_parent+0x1d

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J 8311  org.eclipse.swt.internal.accessibility.gtk.ATK.call(JJ)J (0 bytes) @ 0x00007fe6414205ec [0x00007fe6414205a0+0x000000000000004c]
j  org.eclipse.swt.accessibility.AccessibleObject.atkObject_get_parent(J)J+44
v  ~StubRoutines::call_stub
J 4545  org.eclipse.swt.internal.gtk3.GTK3.gtk_main_iteration_do(Z)Z (0 bytes) @ 0x00007fe641198e69 [0x00007fe641198e20+0x0000000000000049]
J 13043 c2 org.eclipse.swt.widgets.Display.readAndDispatch()Z (88 bytes) @ 0x00007fe6410d5834 [0x00007fe6410d5760+0x00000000000000d4]
...

siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x0000000000000001

Stack: [0x00007f90aa584000,0x00007f90aa684000],  sp=0x00007f90aa6805b0,  free space=1009k
Native frames: (J=compiled Java code, j=interpreted, Vv=VM code, C=native code)
C  [libgtk-3.so.0+0x34e66d]  gtk_widget_get_parent+0x1d

Java frames: (J=compiled Java code, j=interpreted, Vv=VM code)
J 8327  org.eclipse.swt.internal.accessibility.gtk.ATK.call(JJ)J (0 bytes) @ 0x00007f90952f71ec [0x00007f90952f71a0+0x000000000000004c]
j  org.eclipse.swt.accessibility.AccessibleObject.atkObject_get_parent(J)J+44
v  ~StubRoutines::call_stub
J 4578  org.eclipse.swt.internal.gtk3.GTK3.gtk_main_do_event(J)V (0 bytes) @ 0x00007f90951a4de9 [0x00007f90951a4da0+0x0000000000000049]
J 4573 c1 org.eclipse.swt.widgets.Display.eventProc(JJ)J (212 bytes) @ 0x00007f908ddf88fc [0x00007f908ddf84c0+0x000000000000043c]
v  ~StubRoutines::call_stub
J 4512  org.eclipse.swt.internal.gtk3.GTK3.gtk_main_iteration_do(Z)Z (0 bytes) @ 0x00007f9095193be9 [0x00007f9095193ba0+0x0000000000000049]
j  org.eclipse.swt.widgets.Display.readAndDispatch()Z+54
...

siginfo: si_signo: 11 (SIGSEGV), si_code: 1 (SEGV_MAPERR), si_addr: 0x0000000400000000

[SyntevoAlex]

We received a few crash reports like this for our product.
The earliest one dated 2023-10-05. This probably means a recent update in Linux caused (or merely triggered) this.
All reports arrived from a single user. On the other hand, it's not that a lot of users use screen readers.

[SyntevoAlex]

The relevant SWT code is

eclipse.platform.swt/bundles/org.eclipse.swt/Eclipse SWT Accessibility/gtk/org/eclipse/swt/accessibility/AccessibleObject.java

Lines 1377 to 1389 in 29baefd

	static long atkObject_get_parent (long atkObject) {
	AccessibleObject object = getAccessibleObject (atkObject);
	if (object != null) {
	if (object.parent != null) {
	return object.parent.atkHandle;
	}
	}
	AtkObjectClass objectClass = getParentAtkObjectClass ();
	if (objectClass.get_parent == 0) return 0;
	long parentResult = ATK.call (objectClass.get_parent, atkObject);
	return parentResult;
	}

I understand it this way:

• argument atkObject arrived from outside our code. It shall be correct.
• We try to call ATK.call (objectClass.get_parent, atkObject) which crashes
• Judging from crazy si_addr values, some of the accessed memory is already freed

Therefore, it looks like a bug in external code.

[SyntevoAlex]

In other words:

• Something, most likely Orca, wants to know more about Accessible for SWT control.
• Specifically, it wants to know what is the parent Accessible for SWT control.
• SWT determines in getAccessibleObject() that it doesn't know this Control. Maybe because it was destroyed already.
• SWT relays request to GTK.
• GTK crashes.

It sounds like SWT doesn't play any role here.

[SyntevoAlex]

I tried to reproduce on Ubuntu 22.04 with Eclipse 2023-09 using both step lists and it's not reproducible.

[SyntevoAlex]

I tried with Ubuntu 23.04 and it's easily reproducible there. Seems like the problem begins between Ubuntu 22.04 and 23.04

[SyntevoAlex]

Native stack for the crash:

#0 gtk_widget_get_parent (widget=0x7ffff2951730) at ../../../gtk/gtkwidget.c:9707
#1 gtk_widget_accessible_get_parent (accessible=0x7ffff294d9f0) at ../../../gtk/a11y/gtkwidgetaccessible.c:177
#2 Java_org_eclipse_swt_internal_accessibility_gtk_ATK_call__JJ()
<java code>
#0  jni_invoke_static (result=0x7ffff0014090, result@entry=0x7ffff67fc0d0, method_id=method_id@entry=0x7ffff07fe7c8, args=0x0, args@entry=0x7ffff67fc100, __the_thread__=__the_thread__@entry=0x7ffff0014090, env=<optimized out>, call_type=JNI_STATIC, receiver=0x0) at src/hotspot/share/utilities/exceptions.hpp:81
#1  0x00007ffff70d6985 in jni_CallStaticLongMethodV(JNIEnv *, jclass, jmethodID, typedef __va_list_tag __va_list_tag *) (env=<optimized out>, cls=0x7ffff20c8ce8, methodID=0x7ffff07fe7c8, args=0x7ffff67fc188) at src/hotspot/share/prims/jni.cpp:1635
#2  0x00007fffd1452c48 in call_accessible_object_function () from /home/vm_user/Downloads/OpenSource/eclipse.platform.swt.binaries/bundles/org.eclipse.swt.gtk.linux.x86_64/libswt-pi3-gtk-4964r3.so
#3  0x00007fffd1454311 in ?? () from /home/vm_user/Downloads/OpenSource/eclipse.platform.swt.binaries/bundles/org.eclipse.swt.gtk.linux.x86_64/libswt-pi3-gtk-4964r3.so
#4  0x00007fffd16dabde in impl_get_Parent (iter=0x7ffff67fc390, user_data=0x7ffff294d9f0) at ../atk-adaptor/adaptors/accessible-adaptor.c:81
#5  0x00007fffd16e395c in impl_prop_GetSet (message=message@entry=0x7ffff2dceb90, path=path@entry=0x7ffff048c6e0, pathstr=pathstr@entry=0x7ffff2997c68 "/org/a11y/atspi/accessible/1056", get=<optimized out>) at ../droute/droute.c:365
#6  0x00007fffd16e3e87 in handle_properties (iface=0x7ffff2997ca0 "org.freedesktop.DBus.Properties", pathstr=0x7ffff2997c68 "/org/a11y/atspi/accessible/1056", member=0x7ffff2997cc8 "Get", path=0x7ffff048c6e0, message=0x7ffff2dceb90, bus=0x7ffff0461080) at ../droute/droute.c:442
#7  handle_message (bus=0x7ffff0461080, message=message@entry=0x7ffff2dceb90, user_data=user_data@entry=0x7ffff048c6e0) at ../droute/droute.c:601
#8  0x00007fffd010ff71 in _dbus_object_tree_dispatch_and_unlock (found_object=<synthetic pointer>, message=<optimized out>, tree=0x7ffff046bda0) at ../../../dbus/dbus-object-tree.c:1021
#9  dbus_connection_dispatch (connection=0x7ffff0461080) at ../../../dbus/dbus-connection.c:4742
#10 dbus_connection_dispatch (connection=connection@entry=0x7ffff0461080) at ../../../dbus/dbus-connection.c:4574
#11 0x00007fffd0158439 in message_queue_dispatch (source=<optimized out>, callback=<optimized out>, user_data=<optimized out>) at ../atspi/atspi-gmain.c:89
#12 0x00007fffd09ed49d in g_main_dispatch (context=0x7ffff0409310) at ../../../glib/gmain.c:3460
#13 g_main_context_dispatch (context=0x7ffff0409310) at ../../../glib/gmain.c:4200
#14 0x00007fffd0a48178 in g_main_context_iterate.constprop.0 (context=0x7ffff0409310, block=<optimized out>, dispatch=1, self=<optimized out>) at ../../../glib/gmain.c:4276
#15 0x00007fffd09ec1b0 in g_main_context_iteration (context=0x7ffff0409310, context@entry=0x0, may_block=may_block@entry=0) at ../../../glib/gmain.c:4343
#16 0x00007fffd0df55a5 in gtk_main_iteration_do (blocking=0) at ../../../gtk/gtkmain.c:1457
#17 0x00007fffd145557c in Java_org_eclipse_swt_internal_gtk3_GTK3_gtk_1main_1iteration_1do () from /home/vm_user/Downloads/OpenSource/eclipse.platform.swt.binaries/bundles/org.eclipse.swt.gtk.linux.x86_64/libswt-pi3-gtk-4964r3.so

[SyntevoAlex]

SWT snippet to reproduce

final Display display = new Display();
final Shell shell = new Shell(display);
shell.setLayout (new GridLayout (1, true));

Label hint = new Label(shell, 0);
hint.setText(
	"1. Run on Ubuntu 23.04 or later, or some other modern Linux\n" +
	"2. Press the button\n" +
	"3. Issue 930: JVM will crash or Gtk-CRITICAL occurs\n" +
	"   to make crash more reliable, run with:\n" +
	"   export G_SLICE=always-malloc\n" +
	"   export MALLOC_PERTURB_=204"
);

Text text = new Text(shell, 0);
text.forceFocus();

Button button = new Button(shell, 0);
button.setText("Test");
button.addListener(SWT.Selection, e -> {
	StyledText styledText = new StyledText(shell, 0);
	styledText.setText("Test StyledText");
	styledText.forceFocus();

	display.timerExec(1000, () -> {
		styledText.dispose();
	});
});
shell.pack();
shell.open();

while (!shell.isDisposed()) {
	if (!display.readAndDispatch()) {
		display.sleep();
	}
}

display.dispose();

[nblix]

Thanks for investigating and figuring this out! So it sounds like I should report this to some GTK related repository instead?

[SyntevoAlex]

It is not yet completely clear whos fault is it. Could be GTK or could be SWT, or could be both (where SWT doesn't release something and GTK relies on what it shouldn't reply upon).

I hope to find some more time for it within a week.

I doubt GTK guys could easily do something here, because debugging mixed Java/native executable requires additional knowledge they probably don't have.

[SyntevoAlex]

I was instructed to not spend time on this. sorry.

[techn0druid]

I am also getting a crash for the marketplace.

[SyntevoAlex]

The crash for libwebkit2gtk is a different crash, probably #158.

As for the crash discussed here, I now have a very good understanding of what causes it and how to fix. Hopefully a few weeks later I will finally find time to land a fix.

[lukaslx28]

The problem is still reproducible under Ubuntu 24.04 with Eclipse 4.33 :(.