After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 655127 - Attempting to get the accessible relationset for a GtkTreeView crashes ATs and/or hangs one's session
Attempting to get the accessible relationset for a GtkTreeView crashes ATs an...
Status: RESOLVED FIXED
Product: pygobject
Classification: Bindings
Component: introspection
Git master
Other Linux
: Normal major
: ---
Assigned To: Nobody's working on this now (help wanted and appreciated)
Python bindings maintainers
Depends on:
Blocks:
 
 
Reported: 2011-07-22 14:44 UTC by Joanmarie Diggs (IRC: joanie)
Modified: 2012-04-21 16:48 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
test script (684 bytes, text/x-python)
2011-07-22 14:44 UTC, Joanmarie Diggs (IRC: joanie)
Details
stacktrace (13.24 KB, application/octet-stream)
2011-07-22 14:44 UTC, Joanmarie Diggs (IRC: joanie)
Details
Patch. (1.17 KB, text/plain)
2011-07-28 21:25 UTC, Mike Gorse
Details

Description Joanmarie Diggs (IRC: joanie) 2011-07-22 14:44:00 UTC
Created attachment 192457 [details]
test script

Steps to reproduce:

1. enable accessibility (gsettings set org.gnome.desktop.interface toolkit-accessibility true)

2. launch gtk3-demo (build gtk+ from master)

3. launch the attached test script

4. give focus to the gtk3-demo window

Expected results: There would be no segfault.

Actual results:
==================
treetable [tree table | ]
state set <StateSet object at 0x1723230 (AtspiStateSet at 0x16096f0)>
/usr/lib64/python2.7/site-packages/gi/types.py:45: Warning: g_object_get_qdata: assertion `G_IS_OBJECT (object)' failed
  return info.invoke(*args)
Segmentation fault (core dumped)
==================

Notes: 

1. If you attempt to access a GtkTreeView with Orca running, the desktop session will hang. If you attempt to examine one via Accerciser, Accerciser will exit.

2. My environment:
* Fedora 15
* glib from master
* gtk+ from master
* atk from master
* at-spi2 (at-spi2-core, at-spi2-atk, pyatspi2) from master
* pygobject from master
* gobject-introspection from master
Comment 1 Joanmarie Diggs (IRC: joanie) 2011-07-22 14:44:37 UTC
Created attachment 192458 [details]
stacktrace
Comment 2 Mike Gorse 2011-07-28 21:25:56 UTC
Created attachment 192837 [details]
Patch.

I believe this is the correct fix, but we should have a test returning a GArray of GObjects, and regress.c has no such test currently, so I think this needs more work before committing.
Comment 3 Mike Gorse 2011-07-28 21:43:29 UTC
Thinking about this more, I'm not sure if the patch I just filed is correct.  I have a GArray with (element-type AtspiRelation*), which creates the following in the gir:

          <array name="GLib.Array" c:type="GArray*">
            <type name="Relation"/>
          </array>

So it isn't clear to me if the .gir is correct, or if, given the typelib, pygi should be treating the values as pointers to GObjects or as GObject instances in themselves.  Anyway, perhaps I'm using GArray incorrectly and I should be using GPtrArray instead; I think I'll change my code to use the latter, and I suspect that it won't hit this crash.
Comment 4 Mike Gorse 2011-07-28 22:00:25 UTC
Still, I don't see it documented anywhere that it wouldn't work to use a GArray to pass pointers to GObjects.  But, if there is a bug to fix, then I'm not sure it is with pygobject or with g-ir-scanner.  If the recommended behavior is to use a GPtrArray, then we should document this on the Best Practices page.
Comment 5 Mike Gorse 2011-07-31 21:14:37 UTC
I'm withdrawing the patch (thanks, Joanie, for testing; apparently that code path also gets executed for, ie, gdk_keymap_get_entries_for_keyval, where the current behavior is correct (assuming that the array elements are not pointers).

g-ir-scanner is giving me the same output for writing "(element-type AtspiRelation*") as if I'd written "(element-type AtspiRelation)".  Do we have a notation defined that should be correct for the former?
Comment 6 Martin Pitt 2012-04-04 17:43:26 UTC
Comment on attachment 192837 [details]
Patch.

Obsoleting patch as it is incorrect, as per comment 5.
Comment 7 Sebastian Pölsterl 2012-04-21 13:06:44 UTC
I ran the attached test case with the latest GNOME 3.4 stack and did observe a crash anymore. Could you please confirm that the issue is indeed fixed?
Comment 8 Joanmarie Diggs (IRC: joanie) 2012-04-21 16:48:06 UTC
Not sure if it is FIXED, but it is WORKSFORME (why don't we have that as an option?).

Thanks for the ping Sebastian!