Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
Debian has in the past contained Python packages which have side-effects when imported which are worse than just crashing the calling process (for example, I've had pydoc crash my window manager). Arguably all such cases are bugs in those packages, but it seems likely that such bugs will appear again. And of course the user might have local Python packages which do dangerous things when imported. So I think pydoc is just wrong to believe it can safely call pkgutil.walk_packages() with no explicit path. (This behaviour can be particularly entertaining when combined with zsh's tab-completion for 'python -m', which currently calls pydoc in a similar way [#691638].) -M- -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130126102927.ga...@golux.woodcraft.me.uk
Processed: Re: Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
Processing control commands: reassign -1 python Bug #697402 [bzr-gtk] bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed Bug reassigned from package 'bzr-gtk' to 'python'. No longer marked as found in versions bzr-gtk/0.103.0+bzr792-3. Ignoring request to alter fixed versions of bug #697402 to the same values previously set severity -1 important Bug #697402 [python] bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed Severity set to 'important' from 'critical' -- 697402: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697402 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/handler.s.b697402.135920381424252.transcr...@bugs.debian.org
Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
Control: reassign -1 python Control: severity -1 important On Sat, Jan 26, 2013 at 10:29:27 +, Matthew Woodcraft wrote: Debian has in the past contained Python packages which have side-effects when imported which are worse than just crashing the calling process (for example, I've had pydoc crash my window manager). Arguably all such cases are bugs in those packages, but it seems likely that such bugs will appear again. And of course the user might have local Python packages which do dangerous things when imported. So I think pydoc is just wrong to believe it can safely call pkgutil.walk_packages() with no explicit path. (This behaviour can be particularly entertaining when combined with zsh's tab-completion for 'python -m', which currently calls pydoc in a similar way [#691638].) This is clearly not a bzr-gtk bug, and critical seems over the top, so downgrading and moving to python, which ships pydoc. Cheers, Julien signature.asc Description: Digital signature
Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
* Samuel Bronson naes...@gmail.com, 2013-01-04, 16:20: from gi.repository import Gtk import _gtk The last line should read: from import _gtk This bug should be reassigned somewhere else, but I haven't decided where yet. Anyway, here are some ideas how to fix (or fix) it: 1) Make pydoc more robust. It could spawn a worker process, which would do all the nasty import job. If the worked process segfaulted, it wouldn't be a big deal, as a new one could be spawned. 2) Fix both python-gtk2 and python-gi, so that ImportError is thrown early if you try to load Gtk$n bindings and Gtk$((5-n)) are already in sys.modules. This should be easy to do on the python-gtk2 side, and probably way more tricky on the python-gi side. Also, this solves the problem only partially, because there are other Python extensions linked to libgtk2 or libgtk3. (Certainly too many too fix them all. :/) 3) Make libgtk2 and libgtk3 use symbol versioning. Probably not something that would be accepted for wheezy. :/ -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130124224804.ga6...@jwilk.net
Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
* Jakub Wilk jw...@debian.org, 2013-01-24, 23:48: from gi.repository import Gtk import _gtk The last line should read: from import _gtk Third time lucky: from gtk import _gtk -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-qa-packages-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20130124231741.ga8...@jwilk.net
Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
On Fri, Jan 04, 2013 at 04:20:42PM -0500, Samuel Bronson wrote: 2) your package bzrlib.plugins.gtk.branchview causes gi.repository.Gtk to be imported Which loads libgtk-3.so.0 3) python-gtk2's package gtk imports _gtk Which loads libgtk-x11-2.0.so.0 4) importing both of those modules causes a SIGSEGV Because unless I'm missing something gtk2 and gtk3 shared libs have common symbols on the default interface so you cannot load and use them in one process. Apparently pydoc doesn't crash without bzr-gtk because gi.repository.Gtk is a virtual module, resolved in the runtime, so pydoc doesn't know about it. -- WBR, wRAR signature.asc Description: Digital signature
Bug#697402: bzr-gtk: causes crash in pydoc -k when python-gtk2 is also installed
Package: bzr-gtk Version: 0.103.0+bzr792-3 Severity: critical Dear Maintainer, Having bzr-gtk and python-gtk2 installed at the same time causes pydoc -k foobarbaz to crash, because 1) pydoc has to import all packages in order to find out what modules they contain 2) your package bzrlib.plugins.gtk.branchview causes gi.repository.Gtk to be imported 3) python-gtk2's package gtk imports _gtk 4) importing both of those modules causes a SIGSEGV Anyone hoping to take a look at the crash itself might (or might not) find this script helpful: import sys import resource #import pkgutil # A big stack wastes time/space in GDB. # (This size was chosen for i386; adjust as needed.) resource.setrlimit(resource.RLIMIT_STACK, (32*1024, -1)) # import bzrlib.plugins.gtk.branchview from gi.repository import Gtk import _gtk #for importer, modname, ispkg in pkgutil.walk_packages(): #print modname, ispkg, importer #sys.stdout.flush() This is marked critical ONLY because having your package installed causes pydoc -k to fail, not because I think you're actually to blame for this: the ultimate problem is 4) above, which is of course a problem with python-gi and python-gtk2; bzr-gtk just exposes this booby-trap to pydoc -k. I would report a bug for that, too, but I don't know which package to report it against :-(. P.S. This would have been easier to debug if the python in wheezy had debug syms available http://bugs.debian.org/681348. Thanks to Jakub Wilk for building me a python with the patch I posted on http://paste.debian.net/220873/: maybe all I got out of valgrind was the fact that it was a stack overflow, but having debug symbols was *vital*. -- System Information: Debian Release: 7.0 APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages bzr-gtk depends on: ii bzr 2.6.0~bzr6526-1 ii gir1.2-gconf-2.0 3.2.5-1+build1 ii gir1.2-gtk-3.0 3.4.2-4 ii gir1.2-gtksource-3.0 3.4.2-1 ii libcanberra-gtk3-module 0.28-6 ii python 2.7.3~rc2-1 ii python-gi3.2.2-1 ii python2.62.6.8-0.2 ii python2.72.7.3~rc2-2.1+valgrind Versions of packages bzr-gtk recommends: ii bzr-dbus0.1~bzr52-2 ii gir1.2-freedesktop 1.32.1-1 ii gir1.2-notify-0.7 0.7.5-1 ii python-gi-cairo 3.2.2-1 pn seahorsenone Versions of packages bzr-gtk suggests: ii bzr-loom2.2.0-2 pn bzr-search none -- Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!