[pypy-dev] segfault in translation; C backend
wlavrijsen at lbl.gov
wlavrijsen at lbl.gov
Thu Sep 8 01:11:14 CEST 2011
Hi,
I have a crash in the translation chain when I enable the CINT back-end, and I
just don't seem to be able to figure it out:
[c] 132000 nodes [ array: 15760 framework rtti: 724 func: 10234 group: 1 struct: 131169 ]
*
[c] 133000 nodes [ array: 16008 framework rtti: 738 func: 10312 group: 1 struct: 132216 ]
*** Break *** segmentation violation
this segfault occurs in pypy_g_wrap_value__get_elem().
What I've found so far, using python rather than pypy-c, is that it is really
a problem in passing an array with an erroneous address to ctypes:
#0 B_get (ptr=0x1, size=1) at /install/Python-2.6.7/Modules/_ctypes/cfield.c:549
#1 0xb7984b7d in CData_get (type=0x850adac, getfunc=0, src=0x5af43bb4, index=0, size=1, adr=0x1 <Address 0x1 out of bounds>) at /install/Python-2.6.7/Modules/_ctypes/_ctypes.c:2798
#2 0xb798650f in Array_item (_self=0x5af43bb4, item=0x8056d9c) at /install/Python-2.6.7/Modules/_ctypes/_ctypes.c:4248
#3 Array_subscript (_self=0x5af43bb4, item=0x8056d9c) at /install/Python-2.6.7/Modules/_ctypes/_ctypes.c:4310
#4 0xb7e910aa in PyObject_GetItem (o=0x5af43bb4, key=0x8056d9c) at Objects/abstract.c:141
#5 0xb7f32e12 in PyEval_EvalFrameEx (f=0x8b28b74, throwflag=0) at Python/ceval.c:1261
Note that at #2, the debug code claims that the 2nd argument is an item object,
yet, it's a Py_ssize_t index value in reality. I don't know why this is wrong.
Further, the array comes in when writing a node for one of my module types,
see this node and the obj it carries (note the address of the dependency
"value" that is produced):
(Pdb+) up
> /home/wlav/pypydev/pypy/pypy/translator/c/database.py(294)add_dependencies()
-> self.get(value)
(Pdb+) print value
* <C object Array of void at 0x1>
(Pdb+) print self
<pypy.translator.c.database.LowLevelDatabase object at 0x47cfecec>
(Pdb+) print node.name
pypy_g_pypy_module_cppyy_interp_cppyy_W_CPPNamespace.wcppn_super
(Pdb+) print node.obj
struct pypy.module.cppyy.interp_cppyy.W_CPPScope { super=..., inst_space=None, inst_data_members=..., inst_handle=..., inst_methods=..., inst_name=... }
None
(Pdb+) print node.nodekind
struct
(Pdb+) print node.typename
struct pypy_pypy_module_cppyy_interp_cppyy_W_CPPScope0 @
(Pdb+) print node.obj.inst_data_members
* struct dicttable { num_items=0, num_pristine_entries=8, entries=... }
(Pdb+) print node.typename
struct pypy_pypy_module_cppyy_interp_cppyy_W_CPPScope0 @
(Pdb+) print node.obj._TYPE
GcStruct pypy.module.cppyy.interp_cppyy.W_CPPScope { super, inst_space, inst_data_members, inst_handle, inst_methods, inst_name }
So, I've been removing bits and pieces from that class, hoping to find the
real problem when it stops crashing, but no luck so far. Removing bits is a
bit harder then it sounds, b/c if the system as a whole is not conistent
anymore, it won't get past the rtyper.
Anyone has a better way of nailing this bug? Thanks!
Best regards,
Wim
--
WLavrijsen at lbl.gov -- +1 (510) 486 6411 -- www.lavrijsen.net
More information about the pypy-dev
mailing list