GNOME Bugzilla – Bug 562094
Crash on getBoundedRanges in text interface
Last modified: 2021-07-05 10:48:44 UTC
Here is the trace, the crash is in gedit: Program received signal SIGSEGV, Segmentation fault.
+ Trace 210167
Thread 3069736704 (LWP 20507)
Created attachment 123309 [details] [review] patch The patch can fix the crash on my machine. Andrew, would you test it on yours?
Thanks very much for your input, Li. Interestingly, the patch prevented a crash when providing coordinates that are off-screen (x=10000, y=50, width=100, height=100) but when I try to use it with proper coordinates it crashes with the CORBA COMM_ERROR. I have trouble compiling gedit with debug symbols (dur...) so have no trace to show. Can you tell me what you did to test that the function worked, so that I can see if mine works using the same scenario?
I just reproduced the crash and provided a patch to fix it. A trace would be very useful. We don't need the gedit's symbols, we need libspi's symbols. So just compile at-spi with debug symbols is OK.
Ok, here is my trace. Program received signal SIGSEGV, Segmentation fault. 0xb6f305dc in ?? () from /usr/lib/libORBit-2.so.0 (gdb) bt
+ Trace 210204
I noticed in your trace, you have getBoundedRanges(x=0, y=0, width=0, height=0). Similarly when my parameter coordinates are some location offscreen, it seems to be fine with no crash. But when it's an actual box onscreen, that's when it exhibits this problem again.
Can you tell me the parameters you are using?
Sure. I've tested the different cases of 1. A zero-sized bounding box 2. A small bounding box (1x1, 5x5, 5x23) inside the component (the fifth parameter COORD_TYPE is set to 1, meaning bounding box coordinates are specified from the corner of the component rather than the screen). "Small" means that it's not large enough to actually contain a full character of the text. 3. A bounding box that is the size of the component. For example, the "File" menubar entry is 38x23 for me in gedit, so I use a bounding box of 38x23. 4. A bounding box that is half the size of the component, e.g. 19x23 5. A bounding box that is large but completely off of the component being looked at Components I have tested: 1. "File" menubar entry in gedit 2. "Buddies" menubar entry in pidgin 3. the text terminal area in gedit, with and without text The results are interesting. The program (gedit, pidgin) will crash if the bounding box actually contains at least one character of text. The bounding boxes that were too small or that were not lying on the component worked correctly, returning an empty list in pyatspi. As for the text terminal area of gedit, it does the same, returning an empty list of Ranges for a bounding box surrounding the whole terminal, when there is no text in the terminal. When I type one or more letters into the terminal and try again, then it crashes. Every crash produces an identical trace, the one I posted previously. It should be easy to reproduce, I think. I wonder if it would be possible to produce more fine-grained traces? In any case, I saw the notification about the new D-Bus at-spi that doesn't use CORBA. As this getBoundedRanges problem seems related to ORBit2, I suppose that's worth a shot, so I'll give it a try.
[Resetting QA Contact to newly introduced "at-spi-maint@gnome.bugs". Reason: So far it was impossible to watch changes in at-spi bug reports without following all the specific persons (Li Yuan, Bill Haneman, Jeff Wai, ...) and also their activity outside of at-spi reports. IMPORTANT: Anyone interested in following all bug activity (including all maintainers) must watch the "at-spi-maint@gnome.bugs" dummy user by adding it to the 'Users to watch' list under Preferences->Email preferences. This is also the default procedure nowadays in GNOME when setting up new products.]
[Mass-resetting default assignee, see bug 705890. Please reclaim this bug report by setting the assignee to yourself if you still plan to work on this. Thanks!]
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org. As part of that, we are mass-closing older open tickets in bugzilla.gnome.org which have not seen updates for a longer time (resources are unfortunately quite limited so not every ticket can get handled). If you can still reproduce the situation described in this ticket in a recent and supported software version, then please follow https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines and create a new ticket at https://gitlab.gnome.org/GNOME/at-spi2-atk/-/issues/ Thank you for your understanding and your help.