Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Freeze when navigating by landmarks with certain labeled article landmarks #8980

Closed
MarcoZehe opened this Issue Nov 26, 2018 · 11 comments

Comments

Projects
None yet
5 participants
@MarcoZehe
Copy link
Contributor

commented Nov 26, 2018

Steps to reproduce:

There are several prerequisites:

  1. You have to have an account on some Mastodon social network instance.
  2. You have to have the Extended ARIA Add-On installed and the Articles landmark activated.

Steps:

  1. Log into https://dev.pinafore.social. Pinafore is an alternative web client to the Mastodon social network.
  • If you're not logged in, click the AddInstance link, fill in your instance name, like mastodon.social or toot.cafe, or whichever instance you're on, then click Login.
  • Authorize Pinafore to access your account.
  1. After you've logged in, start navigating the Home timeline via the letter D. At some point, NVDA will cause a Windows ascending error tone to be heard, and fall silent. The braille display, if connected, will continue to blink, but NVDA is essentially dead then.
  2. Restart NVDA, then simply arrow through the page onto any article. A crash does not occur, NVDA reads the article name normally.

Actual behavior:

NVDA produces an error sound, then falls silent. As if it partially crashed. Braille continues to blink, but won't respond to anything.

Expected behavior:

No crash.

System configuration:

NVDA Installed/portable/running from source:

Installed.

NVDA version:

NVDA version alpha-16298,c651588e

Windows version:

Windows 10 19H1 18282 build. But also happens on 1809 regular.

Name and version of other software in use when reproducing the issue:

Firefox Nightly 65.

Other information about your system:

Other questions:

Does the issue still occur after restarting your PC?

Yes.

Have you tried any other versions of NVDA?

2018.4beta, 2018.3.2, happens with both, too.

Log entries

Developer info for an article element that causes this problem:

INFO - globalCommands.GlobalCommands.script_navigatorObject_devInfo (15:28:21.299):
Developer info for navigator object:
name: u'Eric Eggert, RT @bigfinish@twitter.comComing September 2019, @BilliePiper is returning to the #DoctorWho universe in Rose Tyler: The Dimension Cannon. -> http://bit.ly/2FIKkiZFour episodes follow Rose\u2019s mission to seek out the Doctor, the only person who can save the doomed multiverse\u2026, 1 hour ago, @yatil@micro.yatil.net, Unlisted'
role: ROLE_DOCUMENT
states: STATE_READONLY, STATE_FOCUSABLE
isFocusable: True
hasFocus: False
Python object: <baseObject.Dynamic_BrokenFocusedStateDocumentMozillaIAccessible object at 0x05B715F0>
Python class mro: (<class 'baseObject.Dynamic_BrokenFocusedStateDocumentMozillaIAccessible'>, <class 'NVDAObjects.IAccessible.mozilla.BrokenFocusedState'>, <class 'NVDAObjects.IAccessible.mozilla.Document'>, <class 'NVDAObjects.IAccessible.mozilla.Mozilla'>, <class 'NVDAObjects.IAccessible.ia2Web.Document'>, <class 'NVDAObjects.IAccessible.ia2Web.Ia2Web'>, <class 'NVDAObjects.IAccessible.IAccessible'>, <class 'NVDAObjects.window.Window'>, <class 'NVDAObjects.NVDAObject'>, <class 'documentBase.TextContainerObject'>, <class 'baseObject.ScriptableObject'>, <class 'baseObject.AutoPropertyObject'>, <type 'object'>)
description: u''
location: RectLTWH(left=665, top=1398, width=900, height=1013)
value: None
appModule: <'firefox' (appName u'firefox', process ID 2012) at address 5766fb0>
appModule.productName: u'Firefox Nightly'
appModule.productVersion: u'65.0a1'
TextInfo: <class 'NVDAObjects.IAccessible.IA2TextTextInfo'>
windowHandle: 590326L
windowClassName: u'MozillaWindowClass'
windowControlID: 0
windowStyle: 399441920
windowThreadID: 14052
windowText: u'toot.cafe \xb7 Home - Firefox Nightly'
displayText: u''
IAccessibleObject: <POINTER(IAccessible2) ptr=0xc0e57b4 at 5a2b8f0>
IAccessibleChildID: 0
IAccessible event parameters: windowHandle=590326L, objectID=-4, childID=-67109111
IAccessible accName: u'Eric Eggert, RT @bigfinish@twitter.comComing September 2019, @BilliePiper is returning to the #DoctorWho universe in Rose Tyler: The Dimension Cannon. -> http://bit.ly/2FIKkiZFour episodes follow Rose\u2019s mission to seek out the Doctor, the only person' (truncated)
IAccessible accRole: ROLE_SYSTEM_DOCUMENT
IAccessible accState: STATE_SYSTEM_READONLY, STATE_SYSTEM_FOCUSABLE, STATE_SYSTEM_VALID (1048640)
IAccessible accDescription: u''
IAccessible accValue: None
IAccessible2 windowHandle: 590326
IAccessible2 uniqueID: -67109111
IAccessible2 role: ROLE_SYSTEM_DOCUMENT
IAccessible2 states: IA2_STATE_SELECTABLE_TEXT, IA2_STATE_OPAQUE (5120)
IAccessible2 attributes: u'margin-left:0px;text-align:start;text-indent:0px;setsize:20;container-busy:false;margin-right:0px;tag:article;class:status-article status-in-timeline;margin-top:0px;posinset:6;margin-bottom:0px;xml-roles:article;display:grid;explicit-name:true;'

End of nvda.log from pressing D before such a crash onwards

Input: kb(laptop):d
DEBUGWARNING - watchdog.watcher (15:24:05.726):
Trying to recover from freeze, core stack:
File "nvda.pyw", line 217, in
File "core.pyc", line 515, in main
File "wx\core.pyc", line 2134, in MainLoop
File "gui_init
.pyc", line 963, in Notify
File "core.pyc", line 486, in run
File "queueHandler.pyc", line 86, in pumpAll
File "queueHandler.pyc", line 53, in flushQueue
File "scriptHandler.pyc", line 145, in _queueScriptCallback
File "scriptHandler.pyc", line 187, in executeScript
File "browseMode.pyc", line 414, in
File "browseMode.pyc", line 386, in quickNavScript
File "virtualBuffers_init
.pyc", line 570, in _iterNodesByAttribs

DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:10.657):
Unhandled extended packet of type 'U': 'U\x05'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:10.709):
Unhandled extended packet of type 'U': 'U\xff'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:10.759):
Unhandled extended packet of type 'U': 'U\x06'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:10.809):
Unhandled extended packet of type 'U': 'U\xff'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:10.907):
Unhandled extended packet of type 'U': 'U\x08'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.061):
Unhandled extended packet of type 'U': 'U\xff'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.161):
Unhandled extended packet of type 'U': 'U\n'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.260):
Unhandled extended packet of type 'U': 'U\x0b'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.311):
Unhandled extended packet of type 'U': 'U\xff'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.460):
Unhandled extended packet of type 'U': 'U\r'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:11.559):
Unhandled extended packet of type 'U': 'U\xff'
WARNING - watchdog.watcher (15:24:20.730):
Core frozen in stack:
File "nvda.pyw", line 217, in
File "core.pyc", line 515, in main
File "wx\core.pyc", line 2134, in MainLoop
File "gui_init
.pyc", line 963, in Notify
File "core.pyc", line 486, in run
File "queueHandler.pyc", line 86, in pumpAll
File "queueHandler.pyc", line 53, in flushQueue
File "scriptHandler.pyc", line 145, in _queueScriptCallback
File "scriptHandler.pyc", line 187, in executeScript
File "browseMode.pyc", line 414, in
File "browseMode.pyc", line 386, in quickNavScript
File "virtualBuffers_init
.pyc", line 570, in _iterNodesByAttribs

DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:35.359):
Unhandled extended packet of type 'U': 'U\x01'
DEBUGWARNING - brailleDisplayDrivers.handyTech.BrailleDisplayDriver._handleInputStream (15:24:35.411):
Unhandled extended packet of type 'U': 'U\xff'
WARNING - watchdog.watcher (15:24:35.740):
Core frozen in stack:
File "nvda.pyw", line 217, in
File "core.pyc", line 515, in main
File "wx\core.pyc", line 2134, in MainLoop
File "gui_init
.pyc", line 963, in Notify
File "core.pyc", line 486, in run
File "queueHandler.pyc", line 86, in pumpAll
File "queueHandler.pyc", line 53, in flushQueue
File "scriptHandler.pyc", line 145, in _queueScriptCallback
File "scriptHandler.pyc", line 187, in executeScript
File "browseMode.pyc", line 414, in
File "browseMode.pyc", line 386, in quickNavScript
File "virtualBuffers_init
.pyc", line 570, in _iterNodesByAttribs

Other info

The pull request that will introduce these new names for the article elements into Pinafore is here.

@MarcoZehe

This comment has been minimized.

Copy link
Contributor Author

commented Nov 27, 2018

I investigated the Python side of things, and it appears that the call to VBuf_findNodeByAttributes referenced at the bottom of the stack somehow causes a crash or hang in the VBufBackend, or rather VBufStorage. @jcsteh and @michaelDCurran are probably quicker at investigating this than I, since I'm on PTO even. :) Just found this yesterday while trying out the new Pinafore features.

@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Nov 28, 2018

So far I have confirmed that regex_match is throwing regex_error with a code of error_stack. Apparently there is insufficient memory to check if the expression matches for some of the article names. At very least we can catch the c++ exception and keep searching. But it does mean next/prev landmark may skip certain articles. It would be good to work out what is special about these particular strings. It is certainly not the majority of them.

@nolanlawson

This comment has been minimized.

Copy link

commented Nov 28, 2018

To try to simplify the repro steps, I've created a static version of the page that reproduces the crash. So it should no longer be required to have a Mastodon account; you can just load this page: http://bl.ocks.org/nolanlawson/raw/07e732b654842a2fe62760c4bda179ee/

As in the original description, you should install the Enhanced Aria plugin and ensure that "Report articles" is enabled in the plugin settings. Then you can press D on the page and eventually you will repro the crash.

@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Nov 28, 2018

I have tried increasing the stack size of all rpc server threads created for NvDAHelper. However, no matter how large I made the stack the problem remains.
This may be some strange corner case with MSVC's regex processing that resorts in some kind of infinit recursion. If we can try and work out what causes it we could try filtering it out of the strings... but I'm not seeing anything interesting yet. My testing was showing all bad strings ending in the 🎄 (Christmas tree) emoji, but @MarcoZehe provided a log with a string that does not do that.

@jcsteh

This comment has been minimized.

Copy link
Contributor

commented Nov 28, 2018

@MarcoZehe

This comment has been minimized.

Copy link
Contributor Author

commented Feb 19, 2019

This problem now also occurs in the Twitter PWA. I encountered it once while skipping through my notifications and once while reading through my Home timeline.

@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Feb 20, 2019

@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Feb 20, 2019

@jcsteh

This comment has been minimized.

Copy link
Contributor

commented Feb 20, 2019

@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Feb 20, 2019

@jcsteh I logged both the regular expression, and the input string, where the regex match freezes. I doubt this is the cause, but I am finding it hard to read. Should name appear twice? and should IAccessible2::attribute_xml-roles appear twice for both region, and the other group of landmarks (search,main etc)?

Here is the regular expression:

IAccessible2\\:\\:attribute_xml-roles:(?:\\;|[^;])*\b(?:search|form|complementary|banner|contentinfo|article|main|navigation)\b(?:\\;|[^;])*;IAccessible2\\:\\:attribute_xml-roles:(?:\\;|[^;])*\b(?:search|form|complementary|banner|contentinfo|article|main|navigation)\b(?:\\;|[^;])*;name:(?:\\;|[^;])*;|IAccessible2\\:\\:attribute_xml-roles:(?:\\;|[^;])*\b(?:region)\b(?:\\;|[^;])*;IAccessible2\\:\\:attribute_xml-roles:(?:\\;|[^;])*\b(?:region)\b(?:\\;|[^;])*;name:(?:\\;|[^;])+;

And here is the input string:

IAccessible2\:\:attribute_xml-roles:article;IAccessible2\:\:attribute_xml-roles:article;name	:☕🏴‍☠️ Crazypedia 🍵🏴‍☠️, Question for other #mastoadminsI am looking at changing instance hosting providers. If i move to something like #AWS/#Azure does it make sense to offload the #pgSQL to their database service or keep it on the instance? If i move it off the instance, are the resource savings enough to significantly step down the RAM usage, like from 4GB to 2GB or less?I am looking to minimize costs while also learning new things., 2 hours ago, @crazypedia@toot.chat, Public; 
@michaelDCurran

This comment has been minimized.

Copy link
Contributor

commented Feb 20, 2019

Actually, I think I get it. As the comments say: It has to match on all attributes for each dictionary. Never mind. Just never really read the output before.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.