Issue 26595: Segfault on Pointer operation

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/70782

classification

Title:	Segfault on Pointer operation
Type:	crash	Stage:
Components:	ctypes	Versions:	Python 2.7

process

Status:	closed	Resolution:
Dependencies:		Superseder:
Assigned To:		Nosy List:	Emin Ghuliev
Priority:	normal	Keywords:

Created on 2016-03-20 14:14 by Emin Ghuliev, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Files
File name	Uploaded	Description	Edit
alloc.py	Emin Ghuliev, 2016-03-20 14:14

Messages (1)
msg262077 - (view)	Author: Emin Ghuliev (Emin Ghuliev)	Date: 2016-03-20 14:14
I'm trying use a pointer on python script but when executing the following code getting error. (Segmentation fault) dmr@debian:~$ python test.py Segmentation fault self.mem = c_char_p(mem) pointer(self.binning())[0] = 0x41414141 output: [----------------------------------registers-----------------------------------] EAX: 0x0 EBX: 0xb7aee000 --> 0x21e4c ECX: 0x1 EDX: 0x41414141 ('AAAA') ESI: 0x41414141 ('AAAA') EDI: 0x41414141 ('AAAA') EBP: 0xb7b0eb3c --> 0xc ('\x0c') ESP: 0xbfffeb74 --> 0x0 EIP: 0xb7dfc4b6 (<__strlen_sse2_bsf+22>: movdqu xmm1,XMMWORD PTR [edi]) EFLAGS: 0x10287 (CARRY PARITY adjust zero SIGN trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] 0xb7dfc4ad <__strlen_sse2_bsf+13>: pxor xmm0,xmm0 0xb7dfc4b1 <__strlen_sse2_bsf+17>: cmp ecx,0x30 0xb7dfc4b4 <__strlen_sse2_bsf+20>: ja 0xb7dfc4cd <__strlen_sse2_bsf+45> => 0xb7dfc4b6 <__strlen_sse2_bsf+22>: movdqu xmm1,XMMWORD PTR [edi] 0xb7dfc4ba <__strlen_sse2_bsf+26>: pcmpeqb xmm0,xmm1 0xb7dfc4be <__strlen_sse2_bsf+30>: pmovmskb edx,xmm0 0xb7dfc4c2 <__strlen_sse2_bsf+34>: test edx,edx 0xb7dfc4c4 <__strlen_sse2_bsf+36>: jne 0xb7dfc539 <__strlen_sse2_bsf+153> [------------------------------------stack-------------------------------------] BUG on ctypes module .//source/cfield.c:1328 static PyObject * z_get(void ptr, unsigned size) { / XXX What about invalid pointers ??? / if ((void *)ptr) { #if defined(MS_WIN32) && !defined(_WIN32_WCE) if (IsBadStringPtrA((char *)ptr, -1)) { PyErr_Format(PyExc_ValueError, "invalid string pointer %p", (char *)ptr); return NULL; } #endif return PyString_FromString((char *)ptr); < === passing pointer as argument } else { Py_INCREF(Py_None); return Py_None; } } ./Objects/stringobject.c: PyObject PyString_FromString(const char str = this value assigned to 0x41414141 address) { register size_t size; register PyStringObject op; assert(str != NULL); size = strlen(str); <==== argument address 0x41414141

msg262077 - (view)

Author: Emin Ghuliev (Emin Ghuliev)

Date: 2016-03-20 14:14

I'm trying use a pointer on python script but when executing the following code getting error. (Segmentation fault)


dmr@debian:~$ python test.py
Segmentation fault


self.mem  = c_char_p(mem)

pointer(self.binning())[0] = 0x41414141


output: 
[----------------------------------registers-----------------------------------]
EAX: 0x0 
EBX: 0xb7aee000 --> 0x21e4c 
ECX: 0x1 
EDX: 0x41414141 ('AAAA')
ESI: 0x41414141 ('AAAA')
EDI: 0x41414141 ('AAAA')
EBP: 0xb7b0eb3c --> 0xc ('\x0c')
ESP: 0xbfffeb74 --> 0x0 
EIP: 0xb7dfc4b6 (<__strlen_sse2_bsf+22>:	movdqu xmm1,XMMWORD PTR [edi])
EFLAGS: 0x10287 (CARRY PARITY adjust zero SIGN trap INTERRUPT direction overflow)
[-------------------------------------code-------------------------------------]
   0xb7dfc4ad <__strlen_sse2_bsf+13>:	pxor   xmm0,xmm0
   0xb7dfc4b1 <__strlen_sse2_bsf+17>:	cmp    ecx,0x30
   0xb7dfc4b4 <__strlen_sse2_bsf+20>:	ja     0xb7dfc4cd <__strlen_sse2_bsf+45>
=> 0xb7dfc4b6 <__strlen_sse2_bsf+22>:	movdqu xmm1,XMMWORD PTR [edi]
   0xb7dfc4ba <__strlen_sse2_bsf+26>:	pcmpeqb xmm0,xmm1
   0xb7dfc4be <__strlen_sse2_bsf+30>:	pmovmskb edx,xmm0
   0xb7dfc4c2 <__strlen_sse2_bsf+34>:	test   edx,edx
   0xb7dfc4c4 <__strlen_sse2_bsf+36>:	jne    0xb7dfc539 <__strlen_sse2_bsf+153>
[------------------------------------stack-------------------------------------]


BUG on ctypes module 

.//source/cfield.c:1328

static PyObject *
z_get(void *ptr, unsigned size)
{
        /* XXX What about invalid pointers ??? */
        if (*(void **)ptr) {
#if defined(MS_WIN32) && !defined(_WIN32_WCE)
                if (IsBadStringPtrA(*(char **)ptr, -1)) {
                        PyErr_Format(PyExc_ValueError,
                                     "invalid string pointer %p",
                                     *(char **)ptr);
                        return NULL;
                }
#endif
                return PyString_FromString(*(char **)ptr); < === passing pointer as argument
        } else {
                Py_INCREF(Py_None);
                return Py_None;
        }
}
./Objects/stringobject.c:
PyObject *
PyString_FromString(const char *str = this value assigned to 0x41414141 address)
{
	register size_t size;
	register PyStringObject *op;

	assert(str != NULL);
	size = strlen(str); <==== argument address 0x41414141

History
Date	User	Action	Args
2022-04-11 14:58:28	admin	set	github: 70782
2016-03-20 14:28:33	Emin Ghuliev	set	status: open -> closed
2016-03-20 14:18:35	Emin Ghuliev	set	type: crash components: + ctypes versions: + Python 2.7
2016-03-20 14:14:22	Emin Ghuliev	create