[New-bugs-announce] [issue20893] ctypes crash during PyFinalize when librt used
Greg Harris
report at bugs.python.org
Wed Mar 12 01:29:02 CET 2014
New submission from Greg Harris:
When interacting with librt via a ctypes.Structure object I can reliably cause the python interpreter to crash during Py_Finalize *after* all of my code has executed. It appears to only happen on structures that have been passed to the mq_getattributes call in librt. Below is the output of GDB showing the crash with python2.7-dbg:
(gdb) run show_ctypes_bug.py
Starting program: /usr/bin/python2.7-dbg show_ctypes_bug.py
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1".
Starting example
Creating queue
Loading attributes
Cleaning up
Completed example
Debug memory block at address p=0xb7ab5c28: API 'o'
80 bytes originally requested
The 3 pad bytes at p-3 are FORBIDDENBYTE, as expected.
The 4 pad bytes at tail=0xb7ab5c78 are not all FORBIDDENBYTE (0xfb):
at tail+0: 0x00 *** OUCH
at tail+1: 0x00 *** OUCH
at tail+2: 0x00 *** OUCH
at tail+3: 0x00 *** OUCH
The block was made by call #0 to debug malloc/realloc.
Data at p: 00 00 00 00 b8 dd ad b7 ... 00 00 00 00 00 00 00 00
Fatal Python error: bad trailing pad byte
Program received signal SIGABRT, Aborted.
0xb7fdd424 in __kernel_vsyscall ()
(gdb) where
#0 0xb7fdd424 in __kernel_vsyscall ()
#1 0xb7be11df in raise () from /lib/i386-linux-gnu/libc.so.6
#2 0xb7be4825 in abort () from /lib/i386-linux-gnu/libc.so.6
#3 0x0817566a in Py_FatalError (msg=0x820a3a3 "bad trailing pad byte") at ../Python/pythonrun.c:1677
#4 0x080c2fab in _PyObject_DebugCheckAddressApi (api=111 'o', p=0xb7ab5c28) at ../Objects/obmalloc.c:1591
#5 0x080c2c8d in _PyObject_DebugFreeApi (api=111 'o', p=0xb7ab5c28) at ../Objects/obmalloc.c:1478
#6 0x080c2b62 in _PyObject_DebugFree (p=0xb7ab5c28) at ../Objects/obmalloc.c:1422
#7 0x0818d3d3 in PyObject_GC_Del (op=0xb7ab5c34) at ../Modules/gcmodule.c:1507
#8 0xb788e725 in PyCData_dealloc (self=<MessageQueueAttributes at remote 0xb7ab5c34>) at /build/buildd/python2.7-2.7.3/Modules/_ctypes/_ctypes.c:2544
#9 0x080e0251 in subtype_dealloc (self=<MessageQueueAttributes at remote 0xb7ab5c34>) at ../Objects/typeobject.c:1014
#10 0x080c12eb in _Py_Dealloc (op=<MessageQueueAttributes at remote 0xb7ab5c34>) at ../Objects/object.c:2243
#11 0x080b3e51 in insertdict (mp=0xb7bafdf4, key='attributes', hash=673635577, value=None) at ../Objects/dictobject.c:530
#12 0x080b47b4 in PyDict_SetItem (op=<unknown at remote 0x6>, key='attributes', value=None) at ../Objects/dictobject.c:775
#13 0x080bc924 in _PyModule_Clear (m=<module at remote 0xb7b72934>) at ../Objects/moduleobject.c:138
#14 0x08161cc9 in PyImport_Cleanup () at ../Python/import.c:445
#15 0x081726cd in Py_Finalize () at ../Python/pythonrun.c:454
#16 0x0818b4b1 in Py_Main (argc=2, argv=0xbfffef34) at ../Modules/main.c:664
#17 0x0805be8f in main (argc=2, argv=0xbfffef34) at ../Modules/python.c:23
The script being run above (show_ctypes_bug.py) is attached.
----------
components: ctypes
files: show_ctypes_bug.py
messages: 213187
nosy: angrylogic
priority: normal
severity: normal
status: open
title: ctypes crash during PyFinalize when librt used
type: crash
versions: Python 2.7
Added file: http://bugs.python.org/file34365/show_ctypes_bug.py
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue20893>
_______________________________________
More information about the New-bugs-announce
mailing list