[New-bugs-announce] [issue23433] undefined behaviour in faulthandler.c, exposed by GCC 5
Matthias Klose
report at bugs.python.org
Tue Feb 10 15:14:31 CET 2015
New submission from Matthias Klose:
<jakub> richi: https://github.com/nemomobile-packages/python3/blob/master/Modules/faulthandler.c#L903
<polacek> richi: LD_LIBRARY_PATH=/builddir/build/BUILD/Python-3.4.2/build/debug/ /builddir/build/BUILD/Python-3.4.2/build/debug/python -E -c 'import faulthandler; faulthandler.enable(); faulthandler._stack_overflow()'
<polacek> i.e. what Jakub says
<jakub> richi: the function certainly shouldn't return address of a local variable; dunno what would happen if you just cast that to an integer though
<jakub> richi: and it better should do something to avoid tail calls there
<jakub> richi: the if (sp < min_sp || max_sp < sp) is also undefined behavior
<richi> ah, I get python segfaults building some extensions instead (but can't reproduce locally...)
<richi> jakub: so what's your fix?
<jakub> richi: I don't have a fix, we just documented it not to be a gcc fault, we'll leave fixing to the package maintainer
<richi> ah, I see
<jakub> richi: dunno if e.g. uintptr_t x; memcpy (&x, &sp, sizeof (x)); would DTRT and be portable enough
<jakub> richi: and then of course pass uintptr_t min_sp/max_sp, compare the x against that etc.
<richi> well, just (uintptr_t)&buffer should be enough
----------
components: Extension Modules
messages: 235685
nosy: doko
priority: normal
severity: normal
status: open
title: undefined behaviour in faulthandler.c, exposed by GCC 5
type: crash
versions: Python 3.4, Python 3.5
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue23433>
_______________________________________
More information about the New-bugs-announce
mailing list