GNOME Bugzilla – Bug 166546
Crash with retrieving doc string
Last modified: 2005-02-23 11:34:45 UTC
Steps to reproduce: The following Python script crashes the Python interpreter when trying to get the doc string of a CList object: import gtk sep_str = '======================' st_list = dir(gtk) for st in st_list: print sep_str print 'Found string:', st st_obj = getattr(gtk, st) print 'Object:', st_obj st_doc = st_obj.__doc__ print 'DocString for Object:', st_doc Stack trace: Application exception occurred: App: d:\python24\python.exe (pid=5556) When: 07.02.2005 @ 10:07:13.500 Exception number: c0000005 (access violation) *----> System Information <----* Computer Name: NLSHL-LEEUWT User Name: LeeuwT Terminal Session Id: 0 Number of Processors: 1 Processor Type: x86 Family 6 Model 9 Stepping 5 Windows Version: 5.1 Current Build: 2600 Service Pack: 1 Current Type: Uniprocessor Free Registered Organization: Unisys Registered Owner: Mr. Universe *----> Task List <----* 0 System Process 4 System 796 smss.exe 1392 csrss.exe 1416 winlogon.exe 1460 services.exe 1472 lsass.exe 1644 Ati2evxx.exe 1680 svchost.exe 1860 svchost.exe 320 svchost.exe 360 svchost.exe 1328 spoolsv.exe 752 albd_server.exe 1544 Apache.exe 1704 cccredmgr.exe 748 cygrunsrv.exe 2028 DefWatch.exe 252 lockmgr.exe 640 cygserver.exe 1212 Rtvscan.exe 544 Apache.exe 984 nutsrv4.exe 3416 pg_ctl.exe 3580 SCardSvr.exe 3812 WLService.exe 3836 WLanCfgAB.exe 3844 postmaster.exe 3856 Tuner.exe 3680 postgres.exe 2716 postgres.exe 2728 postgres.exe 2752 postgres.exe 532 Ati2evxx.exe 4056 litestep.exe 3164 DirectCD.exe 3180 vptray.exe 3232 carpserv.exe 992 Apoint.exe 3772 atiptaxx.exe 948 Apntex.exe 248 jusched.exe 2956 ApacheMonitor.exe 4048 taskmgr.exe 3564 XWin.exe 3640 explorer.exe 872 qcdplayer.exe 4588 DWHWIZRD.EXE 4468 FIREFOX.EXE 5760 cisvc.exe 4540 cidaemon.exe 4688 TOTALCMD.EXE 4908 WINWORD.EXE 5896 AgentSvr.exe 3328 javaw.exe 4796 SciTE.exe 5076 rundll32.exe 4128 soffice.exe 5360 soffice.BIN 5720 SciTE.exe 5556 python.exe 2000 drwtsn32.exe *----> Module List <----* (0000000000a70000 - 0000000000b06000: D:\PROGRA~1\GTK-2.0\bin\libglib-2.0-0.dll (0000000000b10000 - 0000000000bea000: D:\PROGRA~1\GTK-2.0\bin\iconv.dll (0000000000bf0000 - 0000000000bfb000: D:\PROGRA~1\GTK-2.0\bin\intl.dll (0000000000c00000 - 0000000000c3c000: D:\PROGRA~1\GTK-2.0\bin\libgobject-2.0-0.dll (0000000000c40000 - 0000000000c4e000: D:\PROGRA~1\GTK-2.0\bin\libgthread-2.0-0.dll (0000000000c70000 - 0000000000d4d000: d:\python24\lib\site-packages\gtk-2.0\gtk\_gtk.pyd (0000000000d50000 - 0000000000dd2000: D:\PROGRA~1\GTK-2.0\bin\libgdk-win32-2.0-0.dll (0000000000de0000 - 0000000000dfc000: D:\PROGRA~1\GTK-2.0\bin\libgdk_pixbuf-2.0-0.dll (0000000000e00000 - 0000000000e0d000: D:\PROGRA~1\GTK-2.0\bin\libgmodule-2.0-0.dll (0000000000e10000 - 0000000000e4f000: D:\PROGRA~1\GTK-2.0\bin\libpango-1.0-0.dll (0000000000e50000 - 0000000000e62000: D:\PROGRA~1\GTK-2.0\bin\libpangowin32-1.0-0.dll (0000000000e70000 - 0000000000e92000: D:\PROGRA~1\GTK-2.0\bin\libatk-1.0-0.dll (0000000001030000 - 0000000001043000: d:\python24\lib\site-packages\gtk-2.0\pango.pyd (0000000001050000 - 000000000105b000: d:\python24\lib\site-packages\gtk-2.0\atk.pyd (0000000001150000 - 000000000145d000: D:\PROGRA~1\GTK-2.0\bin\libgtk-win32-2.0-0.dll (0000000010000000 - 0000000010019000: d:\python24\lib\site-packages\gtk-2.0\gobject.pyd (000000001d000000 - 000000001d005000: d:\python24\python.exe (000000001e000000 - 000000001e1ca000: C:\WINDOWS\System32\python24.dll (000000004f510000 - 000000004fd21000: C:\WINDOWS\system32\SHELL32.dll (000000005ad70000 - 000000005ada4000: C:\WINDOWS\System32\uxtheme.dll (0000000070a70000 - 0000000070ad9000: C:\WINDOWS\system32\SHLWAPI.dll (0000000071950000 - 0000000071a34000: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1579_x-ww_7bbf8d08\comctl32.dll (0000000071aa0000 - 0000000071aa8000: C:\WINDOWS\System32\WS2HELP.dll (0000000071ab0000 - 0000000071ac5000: C:\WINDOWS\System32\WS2_32.dll (0000000071ad0000 - 0000000071ad8000: C:\WINDOWS\System32\WSOCK32.DLL (00000000746f0000 - 0000000074716000: C:\WINDOWS\System32\msimtf.dll (0000000074720000 - 0000000074764000: C:\WINDOWS\System32\MSCTF.dll (0000000076390000 - 00000000763ac000: C:\WINDOWS\System32\IMM32.DLL (0000000076f90000 - 0000000076fa0000: C:\WINDOWS\System32\Secur32.dll (0000000077050000 - 0000000077115000: C:\WINDOWS\System32\COMRes.dll (0000000077120000 - 00000000771ab000: C:\WINDOWS\system32\OLEAUT32.dll (00000000771b0000 - 00000000772d4000: C:\WINDOWS\system32\OLE32.dll (0000000077340000 - 00000000773cb000: C:\WINDOWS\system32\comctl32.dll (0000000077c00000 - 0000000077c07000: C:\WINDOWS\system32\VERSION.dll (0000000077c10000 - 0000000077c63000: C:\WINDOWS\system32\msvcrt.dll (0000000077d40000 - 0000000077dd0000: C:\WINDOWS\system32\USER32.dll (0000000077dd0000 - 0000000077e5d000: C:\WINDOWS\system32\ADVAPI32.dll (0000000077e60000 - 0000000077f46000: C:\WINDOWS\system32\kernel32.dll (0000000077f50000 - 0000000077ff7000: C:\WINDOWS\System32\ntdll.dll (0000000078000000 - 0000000078087000: C:\WINDOWS\system32\RPCRT4.dll (000000007c340000 - 000000007c396000: C:\WINDOWS\System32\MSVCR71.dll (000000007c890000 - 000000007c911000: C:\WINDOWS\System32\CLBCATQ.DLL (000000007f000000 - 000000007f041000: C:\WINDOWS\system32\GDI32.dll *----> State Dump for Thread Id 0xc34 <----* eax=00000032 ebx=00000000 ecx=00000000 edx=00000006 esi=00000000 edi=00000000 eip=77c43830 esp=0021f8f4 ebp=0021fc60 iopl=0 nv up ei pl zr na po nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000246 *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\msvcrt.dll - function: msvcrt!strlen 77c43810 8b4c2404 mov ecx,[esp+0x4] 77c43814 f7c103000000 test ecx,0x3 77c4381a 7414 jz msvcrt!strlen+0x20 (77c43830) 77c4381c 8a01 mov al,[ecx] 77c4381e 41 inc ecx 77c4381f 84c0 test al,al 77c43821 7440 jz msvcrt!strlen+0x53 (77c43863) 77c43823 f7c103000000 test ecx,0x3 77c43829 75f1 jnz msvcrt!strlen+0xc (77c4381c) 77c4382b 0500000000 add eax,0x0 FAULT ->77c43830 8b01 mov eax,[ecx] ds:0023:00000000=???????? 77c43832 bafffefe7e mov edx,0x7efefeff 77c43837 03d0 add edx,eax 77c43839 83f0ff xor eax,0xffffffff 77c4383c 33c2 xor eax,edx 77c4383e 83c104 add ecx,0x4 77c43841 a900010181 test eax,0x81010100 77c43846 74e8 jz msvcrt!strlen+0x20 (77c43830) 77c43848 8b41fc mov eax,[ecx-0x4] 77c4384b 84c0 test al,al 77c4384d 7432 jz msvcrt!strlen+0x71 (77c43881) *----> Stack Back Trace <----* *** ERROR: Symbol file could not be found. Defaulted to export symbols for D:\PROGRA~1\GTK-2.0\bin\libglib-2.0-0.dll - WARNING: Stack unwind information not available. Following frames may be wrong. *** ERROR: Symbol file could not be found. Defaulted to export symbols for d:\python24\lib\site-packages\gtk-2.0\gobject.pyd - *** WARNING: Unable to verify checksum for C:\WINDOWS\System32\python24.dll *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\System32\python24.dll - ChildEBP RetAddr Args to Child 0021fc60 00abb958 00000000 0021fc7c 100116d6 msvcrt!strlen+0x20 0021fc80 00ab3f6b 0021fcb8 100116d6 0021fcd0 libglib-2.0-0!g_win32_error_message+0x1cd8 0021fca0 00aa687a 0021fcb8 100116d6 0021fcd0 libglib-2.0-0!g_vasprintf+0x1b 0021fcc0 1000bff8 0091aae0 100116d6 00000000 libglib-2.0-0!g_string_append_printf+0x1a 0021fd00 1000c1ee 00f34dd0 0091aae0 00f34e68 gobject+0xbff8 0021fd30 1e0aa78e 0098c438 00000000 00cf2a50 gobject+0xc1ee 00cf2a50 1e1ae5a0 00000000 00d0d093 00000018 python24!PyTuple_Fini+0x3be 00000054 00000000 00000000 00000000 00000000 python24!PyType_Type *----> Raw Stack Dump <----* 000000000021f8f4 34 ad ab 00 00 00 00 00 - d6 16 01 10 04 00 00 00 4............... 000000000021f904 00 00 00 00 c0 38 f6 00 - d0 fc 21 00 60 fc 21 00 .....8....!.`.!. 000000000021f914 6d a9 ab 00 d0 fc 21 00 - 70 f9 21 00 00 00 00 00 m.....!.p.!..... 000000000021f924 8b a9 ab 00 5c f9 21 00 - 00 00 91 00 a8 44 f9 77 ....\.!......D.w 000000000021f934 00 00 00 00 0a 00 00 00 - 00 00 91 73 02 00 00 00 ...........s.... 000000000021f944 78 f9 21 00 11 00 00 00 - 04 00 00 00 04 00 00 00 x.!............. 000000000021f954 0c 00 00 00 80 00 f6 00 - b8 e7 f5 00 00 00 00 00 ................ 000000000021f964 10 f9 21 00 18 4e f4 00 - 7c 00 00 00 01 00 00 00 ..!..N..|....... 000000000021f974 80 39 f6 00 6e 2d 63 6f - 6c 75 6d 6e 73 00 00 00 .9..n-columns... 000000000021f984 00 00 00 00 64 65 6e 20 - 6f 6d 20 65 65 6e 20 6e ....den om een n 000000000021f994 69 65 75 77 65 20 64 6f - 63 68 74 65 72 20 74 6f ieuwe dochter to 000000000021f9a4 65 20 74 65 20 76 6f 65 - 67 65 6e 20 61 61 6e 20 e te voegen aan 000000000021f9b4 64 65 20 63 6f 6e 74 61 - 69 6e 65 72 00 00 65 72 de container..er 000000000021f9c4 67 65 6c 69 6a 6b 65 29 - 00 00 00 00 00 00 00 00 gelijke)........ 000000000021f9d4 00 00 91 10 01 04 00 00 - 08 20 00 00 01 02 00 00 ......... ...... 000000000021f9e4 08 10 00 00 00 00 00 00 - 08 20 00 00 80 00 00 00 ......... ...... 000000000021f9f4 38 3d 01 00 00 00 91 00 - 58 f9 21 00 a8 44 f9 77 8=......X.!..D.w 000000000021fa04 e8 fb 21 00 f0 88 fa 77 - 88 1c f5 77 ff ff ff ff ..!....w...w.... 000000000021fa14 37 90 f5 77 27 e2 f8 77 - 97 e3 f8 77 08 06 91 00 7..w'..w...w.... 000000000021fa24 c3 e3 f8 77 00 00 00 00 - e8 c6 f5 00 00 20 00 00 ...w......... .. Other information: Crash happens with 2.4.1 and CVS head, on Win32 (WinXP sp1). I'm using Gtk 2.6.1 for windows; not sure if that matters but I think not. (I tested with the PyGtk 2.4.1 download for win32 that has been patched for bug #158417, which caused a different crash. Crash has been reproduced against CVS head, according to Cedric Gustin.)
The bug is caused by a call to g_string_append_printf with a NULL argument. It only occurs on win32. This can happen when the short description (blurb) of a parameter is empty. The following patch fixes this issue. However, I believe g_string_append_printf should be patched upstream to correctly handle NULL arguments on win32.
Created attachment 37329 [details] [review] Fixes doc string parsing on win32
Cedric committed this to CVS.