GNOME Bugzilla – Bug 742447
devhelp crashes with empty documentation file
Last modified: 2015-02-03 17:42:48 UTC
I was playing around with gegl-master, so I created rpms for gegl-0.3. To install gegl-0.3, I removed the previous versions of gegl from my system. Now when I launch devhelp, it crashes with following backtrace. After looking what's been going wrong, I noticed that "/usr/share/gtk-doc/html/gegl/gegl.devhelp" file is empty. If I write something to this file, devhelp launches fine, if I delete this file, it launches fine too. Program received signal SIGSEGV, Segmentation fault. 0x00007ffff79c797b in dh_util_ascii_strtitle (str=0x400de2 <_start+2> "I\211\321^H\211\342H\203\344\360PTI\307\300`\022@") at dh-util.c:209 209 *str = (word_start ? Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.6-14.fc21.x86_64 dbus-libs-1.8.12-1.fc21.x86_64 elfutils-libelf-0.160-1.fc21.x86_64 elfutils-libs-0.160-1.fc21.x86_64 enchant-1.6.0-9.fc21.x86_64 expat-2.1.0-10.fc21.x86_64 freetype-2.5.3-11.fc21.x86_64 gmp-6.0.0-7.fc21.x86_64 gnutls-3.3.10-1.fc21.x86_64 gstreamer1-plugins-bad-free-1.4.4-1.fc21.x86_64 keyutils-libs-1.5.9-4.fc21.x86_64 krb5-libs-1.12.2-9.fc21.x86_64 libICE-1.0.9-2.fc21.x86_64 libSM-1.2.2-2.fc21.x86_64 libX11-1.6.2-2.fc21.x86_64 libXau-1.0.8-4.fc21.x86_64 libXcomposite-0.4.4-6.fc21.x86_64 libXcursor-1.1.14-4.fc21.x86_64 libXdamage-1.1.4-6.fc21.x86_64 libXext-1.3.3-2.fc21.x86_64 libXfixes-5.0.1-4.fc21.x86_64 libXi-1.7.4-2.fc21.x86_64 libXinerama-1.1.3-4.fc21.x86_64 libXrandr-1.4.2-2.fc21.x86_64 libXrender-0.9.8-4.fc21.x86_64 libXt-1.1.4-10.fc21.x86_64 libXxf86vm-1.1.3-4.fc21.x86_64 libcom_err-1.42.11-4.fc21.x86_64 libdrm-2.4.58-3.fc21.x86_64 libffi-3.1-6.fc21.x86_64 libgcc-4.9.2-1.fc21.x86_64 libgcrypt-1.6.1-7.fc21.x86_64 libgpg-error-1.13-3.fc21.x86_64 libicu-52.1-4.fc21.x86_64 libjpeg-turbo-1.3.1-4.fc21.x86_64 libmodman-2.0.1-9.fc21.x86_64 libpng-1.6.10-3.fc21.x86_64 libproxy-0.4.11-10.fc21.x86_64 libselinux-2.3-5.fc21.x86_64 libstdc++-4.9.2-1.fc21.x86_64 libtasn1-4.2-1.fc21.x86_64 libuuid-2.25.2-2.fc21.x86_64 libwebp-0.4.2-1.fc21.x86_64 libxml2-2.9.1-6.fc21.x86_64 libxshmfence-1.1-3.fc21.x86_64 libxslt-1.1.28-8.fc21.x86_64 mesa-libEGL-10.3.4-1.20141202.fc21.x86_64 mesa-libGL-10.3.4-1.20141202.fc21.x86_64 mesa-libgbm-10.3.4-1.20141202.fc21.x86_64 mesa-libglapi-10.3.4-1.20141202.fc21.x86_64 mesa-libwayland-egl-10.3.4-1.20141202.fc21.x86_64 nettle-2.7.1-5.fc21.x86_64 openssl-libs-1.0.1j-1.fc21.x86_64 pcre-8.35-8.fc21.x86_64 pixman-0.32.6-4.fc21.x86_64 sqlite-3.8.7.2-1.fc21.x86_64 systemd-libs-216-12.fc21.x86_64 trousers-0.3.13-3.fc21.x86_64 xz-libs-5.1.2-14alpha.fc21.x86_64 zlib-1.2.8-7.fc21.x86_64 (gdb) bt
+ Trace 234510
Created attachment 293949 [details] [review] Don't crash with empty .devhelp* files
Review of attachment 293949 [details] [review]: That looks good and works fine for me.
Review of attachment 293949 [details] [review]: ::: src/dh-parser.c @@ +608,3 @@ + result = FALSE; + goto exit; + } This logic depends on whether the caller passed an error variable or not, which is not good (i.e. the call would behave differently if the caller passed a valid error or just NULL). Probably not a big deal, because this is not a library and we can make sure an error is always passed, but a safer way is to just avoid the assumption. So, if you really do want to check if end_parser() returned an error; use another variable, e.g. inner_error, and check for that one being set. And if set, use g_propagate_error (error, inner_error).
(In reply to comment #3) > Review of attachment 293949 [details] [review]: Thanks for the review, Aleksander. > if you really do want to check if end_parser() > returned an error; use another variable, e.g. inner_error, and check for that > one being set. And if set, use g_propagate_error (error, inner_error). Or, I could check the return value from g_markup_parse_context_end_parse. That would be simpler, but if you want then I could use an inner_error too. By the way, the same problem exists for the g_markup_parse_context_parse call a few lines above. I will make a similar patch for it too.
Created attachment 295039 [details] [review] Don't crash with empty .devhelp* files
Created attachment 295040 [details] [review] Don't rely on the GError** passed by the caller
Debarshi, calling end_parse() LGTM, but is it also necessary to remove the parser_error_cb()? Is it one or the other, or do they both track different parsing issues?
(In reply to comment #8) > Debarshi, calling end_parse() LGTM, but is it also necessary to remove the > parser_error_cb()? Is it one or the other, or do they both track different > parsing issues? Yes, it is necessary to remove parser_error_cb. It was broken and unnecesary because we should not be freeing the context inside it and dh_parser_free would have done it for us anyway. The error callback is called from set_error_literal which can happen at various points and invalidating the context can lead to bad things. Somehow this wasn't an issue so far. Now that we are calling g_markup_parse_context_end_parse, which calls parser_error_cb, the context becomes invalid for the second half of g_markup_parse_context_end_parse leading to a crash.
Created attachment 296012 [details] [review] Don't crash with empty .devhelp* files
Thanks, Aleksander.