Issue1053819
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2004-10-25 15:20 by dgrisby, last changed 2022-04-11 14:56 by admin. This issue is now closed.
Files | ||||
---|---|---|---|---|
File name | Uploaded | Description | Edit | |
killme.py | dgrisby, 2004-10-25 15:20 | File that causes a segfault | ||
kill2.py | rhettinger, 2004-10-26 07:54 | Simplified killer |
Messages (4) | |||
---|---|---|---|
msg22851 - (view) | Author: Duncan Grisby (dgrisby) | Date: 2004-10-25 15:20 | |
2.4 beta 1 segfaults when compiling a file. The same file works fine on 2.3 and earlier. I have tracked the problem down to the tuple_of_constants function, called by optimize_code. Using valgrind (having turned off pymalloc), I see that the consts list seems to be uninitialised. See the following trace: $ valgrind --tool=memcheck --db-attach=yes ~/inst/bin/python killme.py ==13759== Memcheck, a memory error detector for x86-linux. ==13759== Copyright (C) 2002-2004, and GNU GPL'd, by Julian Seward et al. ==13759== Using valgrind-2.2.0, a program supervision framework for x86-linux. ==13759== Copyright (C) 2000-2004, and GNU GPL'd, by Julian Seward et al. ==13759== For more details, rerun with: -v ==13759== ==13759== Invalid read of size 4 ==13759== at 0x80B3BF5: tuple_of_constants (compile.c:422) ==13759== by 0x80B433B: optimize_code (compile.c:607) ==13759== by 0x80BD3F2: jcompile (compile.c:4988) ==13759== by 0x80BD0B2: PyNode_CompileFlags (compile.c:4894) ==13759== Address 0x1BF100A0 is 12 bytes after a block of size 36 alloc'd ==13759== at 0x1B904A80: malloc (vg_replace_malloc.c:131) ==13759== by 0x80D8A4C: _PyObject_GC_Malloc (gcmodule.c:1183) ==13759== by 0x80D8B31: _PyObject_GC_NewVar (gcmodule.c:1214) ==13759== by 0x80854FF: PyTuple_New (tupleobject.c:68) ==13759== ==13759== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- y starting debugger ==13759== starting debugger with cmd: /usr/bin/gdb -nw /proc/13761/fd/821 13761 GNU gdb Red Hat Linux (6.0post-0.20040223.19rh) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1". Attaching to program: /proc/13761/fd/821, process 13761 0x080b3bf5 in tuple_of_constants (codestr=0x1bf1ff90 "d", n=1, consts=0x1badc9c4) at Python/compile.c:422 422 constant = PyList_GET_ITEM(consts, arg); (gdb) bt #0 0x080b3bf5 in tuple_of_constants (codestr=0x1bf1ff90 "d", n=1, consts=0x1badc9c4) at Python/compile.c:422 #1 0x080b433c in optimize_code (code=0x1becb3e8, consts=0x1badc9c4, names=0x1bf1ed5c, lineno_obj=0x1be7cd90) at Python/compile.c:607 #2 0x080bd3f3 in jcompile (n=0x1bae6b10, filename=0x52bfea51 "killme.py", base=0x0, flags=0x52bfe808) at Python/compile.c:4988 #3 0x080bd0b3 in PyNode_CompileFlags (n=0x1bae6b10, filename=0x52bfea51 "killme.py", flags=0x52bfe808) at Python/compile.c:4894 #4 0x080d269a in run_node (n=0x1bae6b10, filename=0x52bfea51 "killme.py", globals=0x1b99a9ac, locals=0x1b99a9ac, flags=0x52bfe808) at Python/pythonrun.c:1260 #5 0x080d2678 in run_err_node (n=0x1bae6b10, filename=0x52bfea51 "killme.py", globals=0x1b99a9ac, locals=0x1b99a9ac, flags=0x52bfe808) at Python/pythonrun.c:1251 #6 0x080d2647 in PyRun_FileExFlags (fp=0x1b95b028, filename=0x52bfea51 "killme.py", start=257, globals=0x1b99a9ac, locals=0x1b99a9ac, closeit=1, flags=0x52bfe808) at Python/pythonrun.c:1242 #7 0x080d1752 in PyRun_SimpleFileExFlags (fp=0x1b95b028, filename=0x52bfea51 "killme.py", closeit=1, flags=0x52bfe808) at Python/pythonrun.c:859 #8 0x080d10d4 in PyRun_AnyFileExFlags (fp=0x1b95b028, filename=0x52bfea51 "killme.py", closeit=1, flags=0x52bfe808) at Python/pythonrun.c:663 #9 0x08055a01 in Py_Main (argc=2, argv=0x52bfe8f4) at Modules/main.c:484 #10 0x08054fc6 in main (argc=2, argv=0x52bfe8f4) at Modules/python.c:23 I have attached the killme.py file. It's rather ugly since it's code generated by omniORB's IDL compiler. I've made it as minimal as I can by cutting things out. If I cut any more out, the segfault no longer occurs. Don't worry that the various things it tries to import are not available for you -- it segfaults before it tries to actually execute anything. |
|||
msg22852 - (view) | Author: Tim Peters (tim.peters) * | Date: 2004-10-26 02:50 | |
Logged In: YES user_id=31435 Confirmed the segfault with current Python CVS. Boosted priority to the maximum. Assigned to Raymond, since he probably knows most about this. Dies in tuple_of_constants(), n=1, i=0, on the incref here: for (i=0 ; i<n ; i++) { arg = GETARG(codestr, (i*3)); constant = PyList_GET_ITEM(consts, arg); Py_INCREF(constant); *** HERE *** PyTuple_SET_ITEM(newconst, i, constant); } constant is a NULL pointer at the time. |
|||
msg22853 - (view) | Author: Raymond Hettinger (rhettinger) * | Date: 2004-10-26 07:54 | |
Logged In: YES user_id=80475 The bug is intrinsic to the current approach which misindentifies certain code sequences as looking like a tuple of constants. Attaching a simplified example. Unless I find a straight-forward fix in the next day or so, will have to rip out the tuple of constant code entirely. |
|||
msg22854 - (view) | Author: Raymond Hettinger (rhettinger) * | Date: 2004-10-26 08:59 | |
Logged In: YES user_id=80475 Found a clean solution by counting consecutive runs of LOAD_CONST. See: Python/compile.c 2.332 |
History | |||
---|---|---|---|
Date | User | Action | Args |
2022-04-11 14:56:07 | admin | set | github: 41075 |
2004-10-25 15:20:49 | dgrisby | create |