Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 464554

Summary: SIGSEGV in cairo_set_operator
Product: [Eclipse Project] Platform Reporter: Michael Davidsaver <mdavidsaver>
Component: SWTAssignee: Platform-SWT-Inbox <platform-swt-inbox>
Status: RESOLVED WONTFIX QA Contact:
Severity: normal    
Priority: P3 CC: akurtakov, berryman, ericwill, mdavidsaver
Version: 4.4.1Keywords: triaged
Target Milestone: ---   
Hardware: PC   
OS: Linux   
Whiteboard:
Bug Depends on:    
Bug Blocks: 530841    
Attachments:
Description Flags
Crash w/ GTK2
none
LD_PRELOAD hooks for libcairo
none
console output of crash with LD_PRELOAD hook active none

Description Michael Davidsaver CLA 2015-04-13 19:05:05 EDT 
Created attachment 252360 [details]
Crash w/ GTK2

We're seeing a SIGSEGV in cairo_set_operator as invoked from org.eclipse.swt.graphics.GC.setXORMode (full error log attached).

This may be related to (or the same) as bug #442223, though the crash is in a different cairo function.

From reading through GC.java for gtk there are a lot of variables effecting the code in question.  The options effecting this are GTK2 vs. GTK3 and two properties "org.eclipse.swt.internal.gtk.cairoGraphics" and "org.eclipse.swt.internal.gtk.useCairo".

The two combinations which trigger a crash are:

1) GTK2 without either explicitly property set
2) GTK2 with only "-Dorg.eclipse.swt.internal.gtk.cairoGraphics=false"

Several other combinations haven't crashed (yet).

3) GTK2 with both "-Dorg.eclipse.swt.internal.gtk.cairoGraphics=false" and "-Dorg.eclipse.swt.internal.gtk.useCairo=false"
4) GTK3 without properties set
5) GTK3 with only cairoGraphics=false
6) GTK3 with both cairoGraphics=false and useCairo=false

In the process of trying to narrow down the problem I wrote a short LD_PRELOAD hook to instrument some cairo functions (also attached).  What I think I see is cairo_set_operator() being called with pointers which either have never been returned by cairo_create() (cases 1,2) or seeing cairo_set_operator() called on pointers which have already been passed to cairo_destroy() (cases 3,4,5,6).

Of course my LD_PRELOAD is simply printing to stderr, so the ordering could be wrong if more than one thread is involved, though I don't think this is the case.

From a quick reading of the init() in GC.java I suspect the problem might be that in some code paths "data.cairo = handle" is explicitly assigned, while in others this appears not to be the case.

I can see that in other methods these two variables are used (apparently) interchangeable when invoking cairo functions.  In particular setXORMode() uses "handle" instead of "data.cairo".

Some version numbers for the application in question http://controlsystemstudio.org/

org.eclipse.platform
Version: 4.4.0.v20140925-0400
Build id: M20140925-0400
Comment 1 Michael Davidsaver CLA 2015-04-13 19:10:12 EDT 
Created attachment 252361 [details]
LD_PRELOAD hooks for libcairo

Intercepts cairo_set_operator(), cairo_create(), and cairo_destroy().
Comment 2 Michael Davidsaver CLA 2015-04-13 19:16:51 EDT 
Created attachment 252362 [details]
console output of crash with LD_PRELOAD hook active

Here I see that the crash is triggered by

> cairo_set_operator(0x28c3dd0, 23)

While 0x28c3dd0 is never returned by cairo_create().

So I suspect that in this case "handle != data.cairo".
Comment 3 Alexander Kurtakov CLA 2015-04-15 02:18:32 EDT 
A similar bug#441705 has been fixed in 4.4.1, would you please try with it?
Comment 4 Michael Davidsaver CLA 2015-04-15 07:24:43 EDT 
Our systems have cairo 1.12.2 (as provided by Debian 7.7).  My LD_PRELOAD hook searches for, and find, the cairo_set_operator symbol.  Also, setting cairoGraphics=false does not, by itself avoid the crash.  So I believe this is a seperate issue from bug#441705.
Comment 5 Eric Berryman CLA 2016-09-13 17:01:46 EDT 
Status?  Up/down?
Comment 6 Alexander Kurtakov CLA 2016-09-13 17:32:10 EDT 
We would be happy to review patch if provided but it's low priority for committers as SWT defaults to GTK3 and the crash happens with GTK2 only and also when deprecated method used.
Comment 7 Eric Williams CLA 2018-07-10 13:57:42 EDT 
Please note: GTK2 support for SWT is being dropped in Eclipse 4.10 / SimRel 2018-12 release. 

See the following mail for more info: http://dev.eclipse.org/mhonarc/lists/cross-project-issues-dev/msg15783.html
Comment 8 Alexander Kurtakov CLA 2018-07-12 10:16:25 EDT 
Marking the bug as wontfix as no work for GTK2 issues will happen. Please reopen if you still face the issue using GTK 3.x.