classification
Title: ctypes/uuid-related segmentation fault
Type: crash Stage: test needed
Components: ctypes Versions: Python 3.1, Python 3.2, Python 3.3, Python 2.7, Python 2.6
process
Status: closed Resolution: not a bug
Dependencies: Superseder:
Assigned To: theller Nosy List: Arfrever, acevery, atppp, izidor, neologix, orsenthil, rosslagerwall, theller, vstinner
Priority: normal Keywords:

Created on 2009-05-19 02:16 by acevery, last changed 2011-05-18 17:13 by neologix. This issue is now closed.

Messages (12)
msg88061 - (view) Author: Yu Yuwei (acevery) Date: 2009-05-19 02:16
I'm on Gentoo Linux with glibc-2.9_20081201-r2, python-2.6.2,
e2fsprogs-libs-1.41.3-r1
When Emesene send offline message to another msn user, it call uuid4()
in uuid module in python, which call get_random_fd()
in gen_uuid.c(e2fsprogs-libs).
After this, the program got signal SIGSEGV.

When I used gdb attach to the python process, I got these:
##########################
(gdb) c
Continuing.
[New Thread 0xb1c09b90 (LWP 6445)]
[Thread 0xb1c09b90 (LWP 6445) exited]
[New Thread 0xb1c09b90 (LWP 6446)]
[New Thread 0xb118cb90 (LWP 6447)]
[New Thread 0xb098bb90 (LWP 6448)]
[New Thread 0xb018ab90 (LWP 6449)]
[Thread 0xb018ab90 (LWP 6449) exited]
[Thread 0xb098bb90 (LWP 6448) exited]
[Thread 0xb1c09b90 (LWP 6446) exited]
[Thread 0xb118cb90 (LWP 6447) exited]

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb7d126c0 (LWP 6423)]
0xb6f0745e in get_random_fd () at gen_uuid.c:153
153 gen_uuid.c: No such file or directory.
in gen_uuid.c
################

(gdb) bt
#0 0xb6f0745e in get_random_fd () at gen_uuid.c:153
#1 0xb6f07509 in get_random_bytes (buf=0xbfe3fc70, nbytes=16)
at gen_uuid.c:172
#2 0xb6f086ee in uuid__generate_random (out=0x9f62fc8 "", num=0xbfe3fcb4)
at gen_uuid.c:591
#3 0xb6f08780 in uuid_generate_random (out=0x9f62fc8 "") at
gen_uuid.c:607
#4 0xb666e3db in ffi_call_SYSV ()
from /usr/lib/python2.6/lib-dynload/_ctypes.so
#5 0xb666e159 in ffi_call () from
/usr/lib/python2.6/lib-dynload/_ctypes.so
#6 0xb6668ebb in _CallProc () from
/usr/lib/python2.6/lib-dynload/_ctypes.so
#7 0xb66620eb in ?? () from /usr/lib/python2.6/lib-dynload/_ctypes.so
#8 0xb6f08755 in uuid__generate_random (out=0x9f4950c "\005",
num=0xa7fdb2c)
at gen_uuid.c:600
#9 0xb7ed0dba in PyObject_Call () from /usr/lib/libpython2.6.so.1.0
#10 0xb7f679b0 in PyEval_EvalFrameEx () from /usr/lib/libpython2.6.so.1.0
#11 0xb7f6ae49 in PyEval_EvalFrameEx () from /usr/lib/libpython2.6.so.1.0
#12 0xb7f6ae49 in PyEval_EvalFrameEx () from /usr/lib/libpython2.6.so.1.0
#13 0xb7f6b72e in PyEval_EvalCodeEx () from /usr/lib/libpython2.6.so.1.0
#14 0xb7efb774 in ?? () from /usr/lib/libpython2.6.so.1.0
#15 0x0a23ce30 in ?? ()
#16 0x0a14d02c in ?? ()
#17 0x00000000 in ?? ()
###########

the line 153 in get_uuid.c is
" jrand_seed[0] = getpid() ^ (tv.tv_sec & 0xFFFF);"
so in gdb I type:
(gdb) p jrand_seed[0]
Cannot access memory at address 0x30
#######

So this cause the segfault. But I don't know why.
May be related to the THREAD_LOCAL keywords :

#if defined(__linux__) && defined(__NR_gettid) && defined(HAVE_JRAND48)
#define DO_JRAND_MIX
THREAD_LOCAL unsigned short jrand_seed[3];
#endif

I try emesene with another gentoo box with same glibc and same
e2fsprogs-libs, but with python-2.5, everything is fine.

So this seems a bug in python-2.6.
msg112175 - (view) Author: Mark Lawrence (BreamoreBoy) * Date: 2010-07-31 17:57
Can someone with a linux box please try to reproduce this crash.
msg126588 - (view) Author: Ross Lagerwall (rosslagerwall) (Python committer) Date: 2011-01-20 05:23
I tried to reproduce the bug on 2.7 & 3.2 using libuuid version 2.17.2 and up to 100 threads but couldn't.

Perhaps there was an issue with the uuid library function that he was using and threading?
msg130059 - (view) Author: Izidor Matušov (izidor) Date: 2011-03-04 17:05
This bug is still present in Gentoo. Find while trying to  Steps to reproduce

1, install gentoo (testing on amd64 machine)
2, run commands in python
from gtk import glade
import uuid
uuid.uuid4()

It results in Segmentation fault.
msg130061 - (view) Author: Izidor Matušov (izidor) Date: 2011-03-04 17:33
After searching at Gentoo's bugzilla, I've found that there is probably problem in gentoo's libuuid library implementation: http://bugs.gentoo.org/show_bug.cgi?id=317557
msg130063 - (view) Author: Arfrever Frehtes Taifersar Arahesis (Arfrever) * (Python triager) Date: 2011-03-04 17:43
Gentoo uses standard libuuid.so from util-linux without any custom patches. Izidor Matušov actually reproduced https://bugs.gentoo.org/show_bug.cgi?id=351897.
msg130064 - (view) Author: Arfrever Frehtes Taifersar Arahesis (Arfrever) * (Python triager) Date: 2011-03-04 17:52
Steps to reproduce segmentation fault:
python2.7 -c 'import cairo, uuid; print(uuid.uuid1().hex)'
msg133190 - (view) Author: atppp (atppp) Date: 2011-04-07 02:15
crash with python/2.6.5, imagemagick/6.5.7.8, uuid/2.17.2, ubuntu/10.04:

import magickwand.image
import uuid
uuid.uuid4()
msg136166 - (view) Author: Charles-François Natali (neologix) * (Python committer) Date: 2011-05-17 15:43
It's probably a libc buc, see http://sources.redhat.com/bugzilla/show_bug.cgi?id=12453

Basically, when libraries are dynamically loaded in an interleaved way, this can lead to TLS being returned uninitialized, hence leading to a segfault upon access.
A fix has been committed really recently.

If I'm correct, importing uuid first should do the trick.
msg136191 - (view) Author: Senthil Kumaran (orsenthil) * (Python committer) Date: 2011-05-17 22:30
neologix, that is right. Importing uuid before importing the other modules does not result in Seg Fault. Till the libc fix is available in Operating systems and as a result in CPython, this is probably the only way to go for.
msg136192 - (view) Author: STINNER Victor (vstinner) * (Python committer) Date: 2011-05-17 22:40
> It's probably a libc bug

The bug looks to be specific to the GNU libc. It exists in glibc-2.11.3 and glibc-2.12.2. I suppose that all versions of the GNU libc are affected. The bug has been fixed:
http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=d26dfc60edc8

I don't know which versions will include the fix.

I don't think that Python can workaround the bug, and so the issue should be fixed.
msg136255 - (view) Author: Charles-François Natali (neologix) * (Python committer) Date: 2011-05-18 17:13
> Importing uuid before importing the other modules does not result in Seg Fault

Alright.
In that case, I'm closing this bug as invalid.

Until distributions start shipping their glibc with this patch, the workaround is simply to import uuid first.
History
Date User Action Args
2011-05-18 17:13:03neologixsetstatus: open -> closed
resolution: not a bug
messages: + msg136255
2011-05-17 22:40:41vstinnersetnosy: + vstinner
messages: + msg136192
2011-05-17 22:30:26orsenthilsetnosy: + orsenthil, - BreamoreBoy
messages: + msg136191
2011-05-17 15:43:42neologixsetnosy: + neologix
messages: + msg136166
2011-04-07 02:15:00atpppsetnosy: + atppp
messages: + msg133190
2011-03-04 17:52:59Arfreversetassignee: theller

components: + ctypes, - Extension Modules
title: uuid.uuid4 cause segfault in emesene -> ctypes/uuid-related segmentation fault
nosy: + theller
versions: + Python 3.1, Python 2.7, Python 3.2, Python 3.3
messages: + msg130064
2011-03-04 17:43:51Arfreversetnosy: Arfrever, acevery, BreamoreBoy, rosslagerwall, izidor
messages: + msg130063
2011-03-04 17:33:00izidorsetnosy: Arfrever, acevery, BreamoreBoy, rosslagerwall, izidor
messages: + msg130061
2011-03-04 17:07:54pitrousetnosy: + Arfrever
2011-03-04 17:05:15izidorsetnosy: + izidor
messages: + msg130059
2011-01-20 05:23:26rosslagerwallsetnosy: + rosslagerwall
messages: + msg126588
2010-07-31 17:57:49BreamoreBoysetnosy: + BreamoreBoy
messages: + msg112175

components: + Extension Modules
stage: test needed
2009-05-19 02:16:55aceverycreate