Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LLTRACE segv #78294

Closed
vandyswa mannequin opened this issue Jul 14, 2018 · 5 comments
Closed

LLTRACE segv #78294

vandyswa mannequin opened this issue Jul 14, 2018 · 5 comments
Labels
interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump

Comments

@vandyswa
Copy link
Mannequin

vandyswa mannequin commented Jul 14, 2018

BPO 34113
Nosy @vstinner, @encukou
PRs
  • bpo-34113: Fix SIGSEGV on negative STACKADJ when LLTRACE is on #8517
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2018-07-31.20:58:45.160>
created_at = <Date 2018-07-14.20:54:22.419>
labels = ['interpreter-core', 'type-crash']
title = 'LLTRACE segv'
updated_at = <Date 2018-07-31.20:58:45.159>
user = 'https://bugs.python.org/vandyswa'

    bugs.python.org fields:

    activity = <Date 2018-07-31.20:58:45.159>
actor = 'vstinner'
assignee = 'none'
closed = True
closed_date = <Date 2018-07-31.20:58:45.160>
closer = 'vstinner'
components = ['Interpreter Core']
creation = <Date 2018-07-14.20:54:22.419>
creator = 'vandyswa'
dependencies = []
files = []
hgrepos = []
issue_num = 34113
keywords = ['patch']
message_count = 5.0
messages = ['321661', '322559', '322817', '322819', '322820']
nosy_count = 3.0
nosy_names = ['vstinner', 'petr.viktorin', 'vandyswa']
pr_nums = ['8517']
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = 'crash'
url = 'https://bugs.python.org/issue34113'
versions = ['Python 2.7']
    @vandyswa
    Copy link
    Mannequin Author

    vandyswa mannequin commented Jul 14, 2018

    Build with -DLLTRACE, then:

    >>> __lltrace__ = 1
>>> a = [1, 2, 3]
0: 100, 0
push 1
3: 100, 1
push 2
6: 100, 2
push 3
9: 103, 3
pop 3
pop 2
pop 1
push [1, 2, 3]
12: 90, 0
pop [1, 2, 3]
15: 100, 3
push None
18: 83
pop None

>>> a[0] = 1
0: 100, 0
push 1
3: 101, 0
push [1, 2, 3]
6: 100, 1
push 0
9: 60Program received signal SIGSEGV, Segmentation fault.
0x004535ae in internal_print (op=0x84002364, fp=0xb7f3bd60 <_IO_2_1_stdout_>,
    flags=0, nesting=0) at Objects/object.c:293
293             if (op->ob_refcnt <= 0)
(gdb) bt
#0  0x004535ae in internal_print (op=0x84002364,
    fp=0xb7f3bd60 <_IO_2_1_stdout_>, flags=0, nesting=0)
    at Objects/object.c:293
#1  0x0045370a in PyObject_Print (op=0x84002364,
    fp=0xb7f3bd60 <_IO_2_1_stdout_>, flags=0) at Objects/object.c:330
#2  0x004ada11 in prtrace (v=0x84002364, str=0x54b61d "stackadj")
    at Python/ceval.c:3979
#3  0x004a505b in PyEval_EvalFrameEx (f=0xb7d11994, throwflag=0)
    at Python/ceval.c:1919
#4  0x004ace97 in PyEval_EvalCodeEx (co=0xb7ce7bf0, globals=0xb7d7c714,
    locals=0xb7d7c714, args=0x0, argcount=0, kws=0x0, kwcount=0, defs=0x0,
    defcount=0, closure=0x0) at Python/ceval.c:3604
#5  0x004a0671 in PyEval_EvalCode (co=0xb7ce7bf0, globals=0xb7d7c714,
    locals=0xb7d7c714) at Python/ceval.c:669
#6  0x004d26ab in run_mod (mod=0x646d78, filename=0x53ddfe "<stdin>",
    globals=0xb7d7c714, locals=0xb7d7c714, flags=0xbffff568, arena=0x5f2b10)
    at Python/pythonrun.c:1385
#7  0x004d1106 in PyRun_InteractiveOneFlags (fp=0xb7f3b5a0 <_IO_2_1_stdin_>,
    filename=0x53ddfe "<stdin>", flags=0xbffff568) at Python/pythonrun.c:866
#8  0x004d0e72 in PyRun_InteractiveLoopFlags (fp=0xb7f3b5a0 <_IO_2_1_stdin_>,
    filename=0x53ddfe "<stdin>", flags=0xbffff568) at Python/pythonrun.c:786
#9  0x004d0d1a in PyRun_AnyFileExFlags (fp=0xb7f3b5a0 <_IO_2_1_stdin_>,
    filename=0x53ddfe "<stdin>", closeit=0, flags=0xbffff568)
    at Python/pythonrun.c:755
#10 0x0041d798 in Py_Main (argc=1, argv=0xbffff694) at Modules/main.c:645
#11 0x0041c5eb in main (argc=1, argv=0xbffff694) at ./Modules/python.c:20

    @vandyswa vandyswa mannequin added interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump labels Jul 14, 2018
    @encukou
    Copy link
    Member

    encukou commented Jul 28, 2018

    The problem here is that tracing for STACKADJ prints out the top of the stack *after* adjustment. This is OK for growing the stack, but not for shrinking it (e.g. calling STACKADJ(-3) pops off three things at once, which can leave TOP undefined when it's printed out).

    On the EuroPython sprints, I recommended splitting STACKADJ into STACKADJ_GROW and STACKADJ_SHRINK, since the printing behavior should be different.
    This is performance-critical code; it needs to be reviewed carefully.

    @vstinner
    Copy link
    Member

    By the way, see also bpo-25571.

    @vstinner
    Copy link
    Member

    New changeset 8ed317f by Victor Stinner (costypetrisor) in branch 'master':
    bpo-34113: Fix a crash when using LLTRACE is on (GH-8517)
    8ed317f

    @vstinner
    Copy link
    Member

    Thanks Constantin Petrisor to fix and thanks Andrew Valencia for the bug report!

    It was the first time that I see a bug report on LLTRACE on the last 5 years, it seems like almost no one uses it. Likely because you need to compile Python manually (or find a binary compiled in debug mode). So I don't think that it's worth it to backport the fix to 2.7, 3.6 and 3.7 branches. I'm not comfortable to modify ceval.c in stable branches.

    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    interpreter-core (Objects, Python, Grammar, and Parser dirs) type-crash A hard crash of the interpreter, possibly with a core dump
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    2 participants
    @vstinner @encukou