[Resolved] 3 lines to crash FreeCAD (reproducible) in Python console

Have some feature requests, feedback, cool stuff to share, or want to know where FreeCAD is going? This is the place.
Forum rules
Be nice to others! Read the FreeCAD code of conduct!
User avatar
obelisk79
Veteran
Posts: 1061
Joined: Thu Sep 24, 2020 9:01 pm

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by obelisk79 »

If the behavior regarding the empty non-indent line is consistent and predictable, could freecad just check for this condition and insert as necessary? I suppose it's a bit hackish but if a direct solution isn't apparent it would at least be functional.
TheMarkster
Veteran
Posts: 5505
Joined: Thu Apr 05, 2018 1:53 am

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by TheMarkster »

Crash happens here:

https://github.com/FreeCAD/FreeCAD/blob ... e.cpp#L193

Code: Select all

    Py_DECREF(args);
The argument args is null where there is a crash. If we change it to check first for null before calling Py_DECREF() the crash can be averted. But you still get the exception mentioned already about argument "source" missing. There is probably a better way to fix it, but I'm not sure how.

Actual crash happens in Py_DECREF() itself.
User avatar
mfro
Posts: 662
Joined: Sat Sep 23, 2017 8:15 am

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by mfro »

TheMarkster wrote: Fri Aug 05, 2022 10:45 pm Crash happens here:

https://github.com/FreeCAD/FreeCAD/blob ... e.cpp#L193

Code: Select all

    Py_DECREF(args);
Actually, the culprit appears to be before. It seems the Python compile chokes on illegal (i.e. not Latin1) characters in the command string that seem to come from a failed QString::toLatin1() call: one of the 'ß's is converted fine while the other one ends up binary-wise as 'not a unicode character'. Not sure if its worth investigating any further or if its good enough to just bail out if the compile failed.
Cheers,
Markus
TheMarkster
Veteran
Posts: 5505
Joined: Thu Apr 05, 2018 1:53 am

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by TheMarkster »

https://github.com/FreeCAD/FreeCAD/pull/7323

This PR just checks for the nullpointer before calling Py_DECREMENT(), which might have unintended consequences, like memory leaks.

@wmayer Can you review this when you get a chance please?
wmayer
Founder
Posts: 20241
Joined: Thu Feb 19, 2009 10:32 am
Contact:

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by wmayer »

TheMarkster wrote: Sat Aug 06, 2022 5:38 pm @wmayer Can you review this when you get a chance please?
If fixes the crash but the preferred method is Py_XDECREF because compared to Py_DECREF it checks whether the argument is null and only if it's non-null it decrements the counter.

However, the PR won't fix the problem why Py_BuildValue() fails to create a string object. I will have a look at it...
wmayer
Founder
Posts: 20241
Joined: Thu Feb 19, 2009 10:32 am
Contact:

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by wmayer »

git commit c4547c03e1 fixes the crash and UTF-8 problem.
TheMarkster
Veteran
Posts: 5505
Joined: Thu Apr 05, 2018 1:53 am

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by TheMarkster »

Excellent. Thanks for the fix and the explanation.
a.l
Posts: 86
Joined: Thu Apr 09, 2020 7:14 pm

Re: 3 lines to crash FreeCAD (reproducible) in Python console

Post by a.l »

+1 Thanks =)
Post Reply