C::B crash svn9134 wx2.8.12 with IO.ExecuteAndGetOutputAndError in srcipt

[BlueHazzard]

hello,
i created a squirrel script who calls avrdude and extracts the necessary parameters from the Projectfile:
 in the script my final call is

Code

print(IO.ExecuteAndGetOutputAndError(execute_string,true));

after the output to the scriptconsole c::b crashes.
the back trace (i can't really get a backtrace, because on every debug session the SIGSEV is on some other point):

Code

[debug]#0  0x0131feb8 in wxEventHashTable::InitHashTable() () from E:\Programmieren\wxWidgets-2.8.12\lib\gcc_dll\wxmsw28u_gcc_custom.dll
[debug]#1  0x0168f6bc in wxLongLongNative::operator+(long long) const () from E:\Programmieren\wxWidgets-2.8.12\lib\gcc_dll\wxmsw28u_gcc_custom.dll
[debug]#2  0x0028fb9c in ?? ()
[debug]#3  0x00000000 in ?? ()

on previous sessions it was here:

Code

void MainFrame::OnFileMenuUpdateUI(wxUpdateUIEvent& event)
{
[...]
EditorBase*  sh   = Manager::Get()->GetEditorManager()->GetEditor(g_StartHereTitle);
[...]
}

g_StartHereTitle pointed to some trash.

if i use IO.Execute(execute_string); in my script c::b doesn't crash

i appended the whole script, if someone is willing to test. He only needs avrdude. I think this crash happens also with other commands, but i didn't tried it...
(to test: create a project with the avr template and c&p the script in the script console then run AVR->Run Avrdude)

greetings

[LETARTARE]

hello,
I looked at your script, just reading you write:

Code

print("Execute avrdude with: "+ execute_string);

This is an error that causes a crash!
You must write the string constructor  :

Code

print(_T("Execute avrdude with: ")+ execute_string);

I will try this script ...

[LETARTARE]

I tested your script.
I think a problem "::print ()", see:
http://forums.codeblocks.org/index.php/topic,15853.0.html
I attach a script that works on my setup.

[BlueHazzard]

I tested your script.
I think a problem "::print ()", see:

i don't think that this is the reason... i thougth squirrel search first the local context for funktions (variables) and if it can't find them there it looks in the global context, and appends the :: automaticaly...  (http://www.squirrel-lang.org/doc/squirrel3.html#d0e599)

i tried to replace all print with ::print, but got anyway the crash with this bt:

Code

[debug]#0  0x61b06f0f in wxStringBase::length (this=0x4fd8c0 <g_StartHereTitle>) at wxWidgets-2.8.12/include/wx/string.h:412
[debug]#1  0x61b06ef3 in wxStringBase::empty (this=0x4fd8c0 <g_StartHereTitle>) at wxWidgets-2.8.12/include/wx/string.h:422
[debug]#2  0x61a84291 in wxStringBase::wxStringBase (this=0x28ef00, stringSrc=...) at wxWidgets-2.8.12/include/wx/string.h:354
[debug]#3  0x61af3739 in wxString::wxString (this=0x28ef00, stringSrc=...) at wxWidgets-2.8.12/include/wx/string.h:690
[debug]#4  0x6187b38f in realpath (path=...) at src\sdk\globals.cpp:1303
[debug]#5  0x6184d14a in EditorManager::IsOpen (this=0x3406458, filename=...) at src\sdk\editormanager.cpp:454
[debug]#6  0x004a7feb in EditorManager::GetEditor (this=0x3406458, filename=...) at src/include/editormanager.h:92
[debug]#7  0x00469ab4 in MainFrame::OnFileMenuUpdateUI (this=0x10e33c8, event=...) at src\src\main.cpp:3840
[debug]#8  0x012a1242 in wxAppConsole::HandleEvent(wxEvtHandler*, void (wxEvtHandler::*)(wxEvent&), wxEvent&) const () from wxWidgets-2.8.12\lib\gcc_dll\wxmsw28u_gcc_custom.dll
[debug]#9  0x0028fa4c in ?? ()
[debug]#10 0x00000000 in ?? ()

But if I use your script, with the tostring() functions it works...
Thank you!

[BlueHazzard]

I made a few test:
the problem is the length of the string to print.
if i split the string up line for line (as LETARTARE in his script does) and print it line for line c::b didn't crash.

I tested it with this script:

Code

		local i = 20;
		for( ;i <5400;i+=100)
		{
			local b = 0;
			local test_string = ::wxString();
			for(;b<i;b++)
			{
				test_string += _T("t");
			}
			test_string += _T("\n");
			print(b.tostring());
			print(" ");
			print(test_string);
		}

and with ca 5300 characters c::b crashes. But unfortunately i can't locate where:

Code

[debug]Cannot access memory at address 0x2000005
[debug]#0  0x0131feb8 in wxEventHashTable::InitHashTable() () from \wxWidgets-2.8.12\lib\gcc_dll\wxmsw28u_gcc_custom.dll
[debug]#1  0x0028ec80 in ?? ()

a second problem i have, is a error Message i get at the end of the script if i use the line ExecuteAndGetOutputAndError:

Code

can't open file '' (error 3 the system can't find the file)

i have no plan when or from where this msg get fired.... if i debug the code the ExecuteAndGetOutputAndError gets executed fine with no error, also the script terminates with no error, but after a few seconds the message box pops up... It seems this comes from the deep in wxWidgets?

btw this scripting is a powerful and funny thing i like it ( despite the bugs)!

greetings

[LETARTARE]

@BlueHazzard
1-

the problem is the length of the string to print.

Yes I confirm depending on the version of Code::Blocks,  it is the length of the string is limited before a crash.
Here are some tests I had done:
http://forums.codeblocks.org/index.php/topic,15853.0.html
I just update the test with "Code::Blocks 12.11"  and r9143 , (see attached file)
The maximum length before crash seems to be around 3000 bytes !!

2-

ExecuteAndGetOutputAndError

see discussion for his appearance with r8059 :
http://forums.codeblocks.org/index.php/topic,15993.0.html

3-
I can not reproduce your last debug list, could you explain in detail how you get it ?

[attachment deleted by admin]

[BlueHazzard]

@BlueHazzard
1-

the problem is the length of the string to print.

Yes I confirm depending on the version of Code::Blocks,  it is the length of the string is limited before a crash.
Here are some tests I had done:
http://forums.codeblocks.org/index.php/topic,15853.0.html
I just update the test with "Code::Blocks 12.11"  and r9143 , (see attached file)
The maximum length before crash seems to be around 3000 bytes !!

So we can confim, that the bug is somewhere in printing large strings. I'm not on my home pc so i can't search right now, but as soon i will get home i will debug in the print function.
We have to confirm if the bug is only in printing or the problem exists with large strings. If it is only in printing, i think a fix shouldn't be to difficult. It seems to be something like writing in an out of range pointer....

3-
I can not reproduce your last debug list, could you explain in detail how you get it ?

did you mean the backtrace? this backtrace occoured if i printed (or created, i can't specify right no) a too long string. The backtrace is different from run to run, so even i can't reproduce it... This looks like the print (or the creation) of the string overwrites something somewhere in the memory...

i will try to debug an report...

my main focus for now are the print function and the wxString.tostring() function. I think the bug is somewhere located there.

a second problem i have, is a error Message i get at the end of the script if i use the line ExecuteAndGetOutputAndError:

Code

can't open file '' (error 3 the system can't find the file)

i have no plan when or from where this msg get fired.... if i debug the code the ExecuteAndGetOutputAndError gets executed fine with no error, also the script terminates with no error, but after a few seconds the message box pops up... It seems this comes from the deep in wxWidgets?

here i have no clue where i can look into.... i'm even not sure if the error is somewhere in ExecuteAndGetOutputAndError or somewhere else... I have also no idea how to debug.... the problem is i can't find the place where this error gets fired... i fa i make a search in files in the c::b workspace  for "can't open file" there are no results. So i think this comes from the deeps of wxWidgets (or even the os) but this is only a assumption.

greetings

[BlueHazzard]

Hello
i found the code where the c::b crash:

Code

static void ScriptsPrintFunc(HSQUIRRELVM /*v*/, const SQChar * s, ...)
{
    static SQChar temp[2048];
    va_list vl;
    va_start(vl,s);
    scvsprintf( temp,s,vl);
    wxString msg = cbC2U(temp);
    Manager::Get()->GetLogManager()->DebugLog(msg);
    va_end(vl);

    s_ScriptErrors << msg;
}

and

Code

static void ScriptConsolePrintFunc(HSQUIRRELVM /*v*/, const SQChar * s, ...)
{
    static SQChar temp[2048];
    va_list vl;
    va_start(vl,s);
    scvsprintf( temp,s,vl);
    wxString msg = cbC2U(temp);
    va_end(vl);

    if (s_Console)
        s_Console->Log(msg);
    Manager::Get()->GetScriptingManager()->InjectScriptOutput(msg);
}

we have only a buffer for 2048 Byte....

so the question is, how we fix this?

a quick and dirty solution is to use snprintf a other solution would be to use wxString.PrintfV().
im currently trying to implement a PrintfV version, but i is very slow and i have problems with the %s is interpreted as unicode, but i'm working on this....

greetings

[BlueHazzard]

Hello,
i think i have fixed the bug.
It is a fast but a bit memory extensive way. I have no idea if it is working with unicode, but if the old code was unicode capable this should also be...

patch is in the batch tracker ID:003479

[oBFusCATed]

Quick comment:
You have lots of code duplication.
Can you make a function for the allocation?

Also do you have an explanation why it crashes? As far as I know scvsprintf could not overflow the buffer...

[BlueHazzard]

Fixed patch about code duplication.

Also do you have an explanation why it crashes? As far as I know scvsprintf could not overflow the buffer...

here

Code

static SQChar temp[2048];
    va_list vl;
    va_start(vl,s);
    scvsprintf( temp,s,vl);
    wxString msg = cbC2U(temp);

We are not using vswprintf but vsprintf and this doesn't check the buffer size, also the buffer size is never passed to scvsprintf, so it has no possibility to check the buffer size...

If the buffer is to small my version reallocates memory and prints again. The old version (if we replace vsprintf with vsnprintf) will truncate the output.
Larger outputs as 2048 are possible (see upper posts).