After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 504337 - (PATCH) crash bug in gobject.Timeout and gobject.Idle
(PATCH) crash bug in gobject.Timeout and gobject.Idle
Status: RESOLVED FIXED
Product: pygobject
Classification: Bindings
Component: gobject
Git master
Other Linux
: Normal major
: ---
Assigned To: Nobody's working on this now (help wanted and appreciated)
Python bindings maintainers
Depends on: 510511
Blocks:
 
 
Reported: 2007-12-18 20:51 UTC by Bryan Silverthorn
Modified: 2008-07-14 21:41 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
timeout_segfault.py (171 bytes, text/plain)
2007-12-18 20:53 UTC, Bryan Silverthorn
  Details
bcs_pygsource_fix.patch (959 bytes, patch)
2007-12-18 20:54 UTC, Bryan Silverthorn
none Details | Review

Description Bryan Silverthorn 2007-12-18 20:51:28 UTC
The tp_flags fields for PyGTimeout_Type and PyGIdle_Type in gobject/pygsource.c have Py_TPFLAGS_HAVE_GC incorrectly set. The tp_traverse and tp_clear fields are only inherited from a base type if Py_TPFLAGS_HAVE_GC is _not_ set in subtypes (and if Py_TPFLAGS_HAVE_RICHCOMPARE _is_ set, which is covered by Py_TPFLAGS_DEFAULT).

The Python GC therefore dereferences a NULL function pointer when attempting to traverse a timeout or idle source.

Attaching a test case and patch against r721.
Comment 1 Bryan Silverthorn 2007-12-18 20:53:30 UTC
Created attachment 101217 [details]
timeout_segfault.py

Observed behavior:

$ python timeout_segfault.py 
Segmentation fault
Comment 2 Bryan Silverthorn 2007-12-18 20:54:55 UTC
Created attachment 101218 [details] [review]
bcs_pygsource_fix.patch
Comment 3 Bryan Silverthorn 2008-03-16 15:25:48 UTC
The GSource wrapper has additional problems, many of which are fixed by the patch attached to #510511. That patch should be applied instead.
Comment 4 Johan (not receiving bugmail) Dahlin 2008-07-14 21:41:50 UTC
2008-07-14  Johan Dahlin  <johan@gnome.org>
    
    Bug 504337 - crash bug in gobject.Timeout and gobject.Idle
    
    * gobject/pygsource.c:
    * tests/test_source.py:
    Fix crash in Timeout and Idle, patch by Bryan Silverthorn.