Author vstinner
Recipients vstinner
Date 2016-03-15.00:39:55
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1458002396.02.0.186265116381.issue26564@psf.upfronthosting.co.za>
In-reply-to
Content
Python implements debug hooks on Python memory allocators:
https://docs.python.org/dev/c-api/memory.html#c.PyMem_SetupDebugHooks

Problem: buffer understand and buffer overflow are only detected when a memory block is released, which may occur far from the code responsible to create the buffer.

Attached patch dumps the traceback where a memory block was allocated on error in malloc debug hooks. The feature requires to enable tracemalloc to record tracebacks.


test.py used in below example:
----
import _testcapi

def f():
    _testcapi.pymem_buffer_overflow()

f()
----


Example:
---
haypo@selma$ ./python -X tracemalloc=5 test.py 
Debug memory block at address p=0x22e8be0: API 'm'
    16 bytes originally requested
    The 7 pad bytes at p-7 are FORBIDDENBYTE, as expected.
    The 8 pad bytes at tail=0x22e8bf0 are not all FORBIDDENBYTE (0xfb):
        at tail+0: 0x78 *** OUCH
        ...
    The block was made by call #37240 to debug malloc/realloc.
    Data at p: cb cb cb cb cb cb cb cb cb cb cb cb cb cb cb cb

Memory block traceback (most recent call first):
  File "test.py", line 4
  File "test.py", line 6

Fatal Python error: bad trailing pad byte

Current thread 0x00007f4a93d9c700 (most recent call first):
  File "test.py", line 4 in f
  File "test.py", line 6 in <module>
Abandon (core dumped)
---

The patch adds the "Memory block traceback" section.
History
Date User Action Args
2016-03-15 00:39:56vstinnersetrecipients: + vstinner
2016-03-15 00:39:56vstinnersetmessageid: <1458002396.02.0.186265116381.issue26564@psf.upfronthosting.co.za>
2016-03-15 00:39:55vstinnerlinkissue26564 messages
2016-03-15 00:39:55vstinnercreate