[ python-Bugs-1346144 ] Segfaults from unaligned loads in floatobject.c
SourceForge.net
noreply at sourceforge.net
Sat Nov 26 19:00:51 CET 2005
Bugs item #1346144, was opened at 2005-11-02 18:07
Message generated for change (Comment added) made by titanstar
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1346144&group_id=5470
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Python Interpreter Core
Group: Python 2.5
Status: Open
Resolution: None
Priority: 7
Submitted By: Rune Holm (titanstar)
Assigned to: Michael Hudson (mwh)
Summary: Segfaults from unaligned loads in floatobject.c
Initial Comment:
Object/floatobject.c:_PyFloat_Unpack8 from svn head performs
an unaligned load of a double, causing the cPickle unit test to fail
on linux/mips and openbsd/sparc64. http://pxr.openlook.org/pxr/
diff/Objects/floatobject.c?v=release24-
maint;diffval=head;diffvar=v reveals that somebody has added a
fast path in _PyFloat_Unpack8 since 2.4 that fails to check for
unaligned accesses, and therefore performs an illegal operation on
architectures that don't support unaligned accesses.
Here is the relevant traceback from linux/mips:
(gdb) run Lib/test/test_cpickle.py
Starting program: /ping/wirth/home0/runehol/projects/python-mips/
python Lib/test/test_cpickle.py
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 4379)]
test_callapi (__main__.cPickleTests) ... ok
test_dict_chunking (__main__.cPickleTests) ... ok
test_dump_closed_file (__main__.cPickleTests) ... ok
test_garyp (__main__.cPickleTests) ... ok
test_getinitargs (__main__.cPickleTests) ... ok
test_global_ext1 (__main__.cPickleTests) ... ok
test_global_ext2 (__main__.cPickleTests) ... ok
test_global_ext4 (__main__.cPickleTests) ... ok
test_highest_protocol (__main__.cPickleTests) ... ok
test_insecure_strings (__main__.cPickleTests) ... ok
test_ints (__main__.cPickleTests) ... ok
test_list_chunking (__main__.cPickleTests) ... ok
test_load_closed_file (__main__.cPickleTests) ... ok
Program received signal SIGBUS, Bus error.
[Switching to Thread 16384 (LWP 4379)]
0x004414e0 in _PyFloat_Unpack8 (p=0x2b05282f "@", le=0)
at Objects/floatobject.c:1737
1737 return *(double*)p;
(gdb) bt
#0 0x004414e0 in _PyFloat_Unpack8 (p=0x2b05282f "@", le=0)
at Objects/floatobject.c:1737
#1 0x2b10a750 in load_binfloat (self=0x2b0dc308)
at /ping/wirth/home0/runehol/projects/python-mips/Modules/
cPickle.c:3361
#2 0x2b113674 in load (self=0x2b0dc308)
at /ping/wirth/home0/runehol/projects/python-mips/Modules/
cPickle.c:4480
#3 0x2b1186ac in cpm_loads (self=0x0, args=0x2b2c2c78)
at /ping/wirth/home0/runehol/projects/python-mips/Modules/
cPickle.c:5476
#4 0x005c45f4 in PyCFunction_Call (func=0x2b0d92b8,
arg=0x2b2c2c78, kw=0x0)
at Objects/methodobject.c:73
#5 0x0050f8f0 in call_function (pp_stack=0x7fff1e68, oparg=1)
at Python/ceval.c:3565
#6 0x0050710c in PyEval_EvalFrameEx (f=0x10080868,
throw=0)
at Python/ceval.c:2181
#7 0x00510078 in fast_function (func=0x2b222da0,
pp_stack=0x7fff2428, n=1,
na=1, nk=0) at Python/ceval.c:3647
#8 0x0050fc14 in call_function (pp_stack=0x7fff2428, oparg=0)
at Python/ceval.c:3586
#9 0x0050710c in PyEval_EvalFrameEx (f=0x10034eb0,
throw=0)
at Python/ceval.c:2181
#10 0x0050b0d4 in PyEval_EvalCodeEx (co=0x2b0d5d38,
globals=0x2b0cd4d0,
locals=0x0, args=0x2b22820c, argcount=2, kws=0x2b2c5048,
kwcount=0,
defs=0x2b0e7b3c, defcount=1, closure=0x0) at Python/ceval.c:
2739
#11 0x005c3260 in function_call (func=0x2b0ee248,
arg=0x2b2281f8,
---Type <return> to continue, or q <return> to quit---
kw=0x2b2c4578) at Objects/funcobject.c:550
#12 0x0041e8dc in PyObject_Call (func=0x2b0ee248,
arg=0x2b2281f8,
kw=0x2b2c4578) at Objects/abstract.c:1777
#13 0x005112b8 in ext_do_call (func=0x2b0ee248,
pp_stack=0x7fff2aa8, flags=3,
na=1, nk=0) at Python/ceval.c:3842
#14 0x00507534 in PyEval_EvalFrameEx (f=0x100347c8,
throw=0)
at Python/ceval.c:2221
#15 0x0050b0d4 in PyEval_EvalCodeEx (co=0x2b0d5d90,
globals=0x2b0cd4d0,
locals=0x0, args=0x2b22824c, argcount=2, kws=0x0,
kwcount=0, defs=0x0,
defcount=0, closure=0x0) at Python/ceval.c:2739
#16 0x005c3260 in function_call (func=0x2b0ee2a0,
arg=0x2b228238, kw=0x0)
at Objects/funcobject.c:550
#17 0x0041e8dc in PyObject_Call (func=0x2b0ee2a0,
arg=0x2b228238, kw=0x0)
at Objects/abstract.c:1777
#18 0x00430b7c in instancemethod_call (func=0x2b0ee2a0,
arg=0x2b228238, kw=0x0)
at Objects/classobject.c:2447
#19 0x0041e8dc in PyObject_Call (func=0x2b0aaf38,
arg=0x2b2c2b60, kw=0x0)
at Objects/abstract.c:1777
#20 0x004b5c80 in slot_tp_call (self=0x2b1f5118,
args=0x2b2c2b60, kwds=0x0)
at Objects/typeobject.c:4530
#21 0x0041e8dc in PyObject_Call (func=0x2b1f5118,
arg=0x2b2c2b60, kw=0x0)
at Objects/abstract.c:1777
#22 0x00510d08 in do_call (func=0x2b1f5118,
pp_stack=0x7fff3460, na=1, nk=0)
at Python/ceval.c:3773
---Type <return> to continue, or q <return> to quit---
----------------------------------------------------------------------
>Comment By: Rune Holm (titanstar)
Date: 2005-11-26 19:00
Message:
Logged In: YES
user_id=858364
Your patch to _PyFloat_Unpack4 loaded a float into the first half of a double,
but after I fixed it to load into a float, the test suite passed on x86, sparc64
and mips. The revised patch should be attached.
----------------------------------------------------------------------
Comment By: Michael Hudson (mwh)
Date: 2005-11-23 13:51
Message:
Logged In: YES
user_id=6656
Well, this isn't soon, but here's a patch to try.
----------------------------------------------------------------------
Comment By: Michael Hudson (mwh)
Date: 2005-11-03 11:33
Message:
Logged In: YES
user_id=6656
Uh, yeah, completely my fault -- don't know what I was thinking.
Should be easy to fix, I'll have a patch for you soon.
----------------------------------------------------------------------
Comment By: Rune Holm (titanstar)
Date: 2005-11-02 18:38
Message:
Logged In: YES
user_id=858364
Some more digging reveals that the problem is caused by the
patches
from
https://sourceforge.net/tracker/index.php?
func=detail&aid=1181301&group_id=5470&atid=305470 and there
is a
similar problem in _PyFloat_Unpack4.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1346144&group_id=5470
More information about the Python-bugs-list
mailing list