[Python-checkins] [3.8] bpo-36389: Backport debug enhancements from master (GH-16796)
Victor Stinner
webhook-mailer at python.org
Mon Oct 14 21:06:22 EDT 2019
https://github.com/python/cpython/commit/f82ce5b1b12873b65927149a016be6a7c65e979d
commit: f82ce5b1b12873b65927149a016be6a7c65e979d
branch: 3.8
author: Victor Stinner <vstinner at python.org>
committer: GitHub <noreply at github.com>
date: 2019-10-15T03:06:16+02:00
summary:
[3.8] bpo-36389: Backport debug enhancements from master (GH-16796)
* bpo-36389: _PyObject_CheckConsistency() available in release mode (GH-16612)
bpo-36389, bpo-38376: The _PyObject_CheckConsistency() function is
now also available in release mode. For example, it can be used to
debug a crash in the visit_decref() function of the GC.
Modify the following functions to also work in release mode:
* _PyDict_CheckConsistency()
* _PyObject_CheckConsistency()
* _PyType_CheckConsistency()
* _PyUnicode_CheckConsistency()
Other changes:
* _PyMem_IsPtrFreed(ptr) now also returns 1 if ptr is NULL
(equals to 0).
* _PyBytesWriter_CheckConsistency() now returns 1 and is only used
with assert().
* Reorder _PyObject_Dump() to write safe fields first, and only
attempt to render repr() at the end.
(cherry picked from commit 6876257eaabdb30f27ebcbd7d2557278ce2e5705)
* bpo-36389: Fix _PyBytesWriter in release mode (GH-16624)
Fix _PyBytesWriter API when Python is built in release mode with
assertions.
(cherry picked from commit 60ec6efd96d95476fe5e38c491491add04f026e5)
* bpo-38070: Enhance visit_decref() debug trace (GH-16631)
subtract_refs() now pass the parent object to visit_decref() which
pass it to _PyObject_ASSERT(). So if the "is freed" assertion fails,
the parent is used in debug trace, rather than the freed object. The
parent object is more likely to contain useful information. Freed
objects cannot be inspected are are displayed as "<object at xxx is
freed>" with no other detail.
(cherry picked from commit 4d5f94b8cd20f804c7868c5395a15aa6032f874c)
* Fix also a typo in PYMEM_DEADBYTE macro comment
* bpo-36389: Add newline to _PyObject_AssertFailed() (GH-16629)
Add a newline between the verbose object dump and the Py_FatalError()
logs for readability.
(cherry picked from commit 7775349895088a7ae68cecf0c74cf817f15e2c74)
files:
A Misc/NEWS.d/next/C API/2019-10-07-17-15-09.bpo-36389.hFX_jD.rst
M Include/internal/pycore_pymem.h
M Lib/test/test_capi.py
M Lib/test/test_gc.py
M Modules/_testcapimodule.c
M Modules/gcmodule.c
M Objects/bytesobject.c
M Objects/dictobject.c
M Objects/object.c
M Objects/obmalloc.c
M Objects/typeobject.c
M Objects/unicodeobject.c
diff --git a/Include/internal/pycore_pymem.h b/Include/internal/pycore_pymem.h
index 22677d373855c..47d092f3e53ff 100644
--- a/Include/internal/pycore_pymem.h
+++ b/Include/internal/pycore_pymem.h
@@ -155,9 +155,25 @@ PyAPI_FUNC(int) _PyMem_SetDefaultAllocator(
PyMemAllocatorDomain domain,
PyMemAllocatorEx *old_alloc);
+/* Special bytes broadcast into debug memory blocks at appropriate times.
+ Strings of these are unlikely to be valid addresses, floats, ints or
+ 7-bit ASCII.
+
+ - PYMEM_CLEANBYTE: clean (newly allocated) memory
+ - PYMEM_DEADBYTE dead (newly freed) memory
+ - PYMEM_FORBIDDENBYTE: untouchable bytes at each end of a block
+
+ Byte patterns 0xCB, 0xDB and 0xFB have been replaced with 0xCD, 0xDD and
+ 0xFD to use the same values than Windows CRT debug malloc() and free().
+ If modified, _PyMem_IsPtrFreed() should be updated as well. */
+#define PYMEM_CLEANBYTE 0xCD
+#define PYMEM_DEADBYTE 0xDD
+#define PYMEM_FORBIDDENBYTE 0xFD
+
/* Heuristic checking if a pointer value is newly allocated
- (uninitialized) or newly freed. The pointer is not dereferenced, only the
- pointer value is checked.
+ (uninitialized), newly freed or NULL (is equal to zero).
+
+ The pointer is not dereferenced, only the pointer value is checked.
The heuristic relies on the debug hooks on Python memory allocators which
fills newly allocated memory with CLEANBYTE (0xCD) and newly freed memory
@@ -167,11 +183,13 @@ static inline int _PyMem_IsPtrFreed(void *ptr)
{
uintptr_t value = (uintptr_t)ptr;
#if SIZEOF_VOID_P == 8
- return (value == (uintptr_t)0xCDCDCDCDCDCDCDCD
+ return (value == 0
+ || value == (uintptr_t)0xCDCDCDCDCDCDCDCD
|| value == (uintptr_t)0xDDDDDDDDDDDDDDDD
|| value == (uintptr_t)0xFDFDFDFDFDFDFDFD);
#elif SIZEOF_VOID_P == 4
- return (value == (uintptr_t)0xCDCDCDCD
+ return (value == 0
+ || value == (uintptr_t)0xCDCDCDCD
|| value == (uintptr_t)0xDDDDDDDD
|| value == (uintptr_t)0xFDFDFDFD);
#else
diff --git a/Lib/test/test_capi.py b/Lib/test/test_capi.py
index ff7acac43b61e..78c51b3cb61e8 100644
--- a/Lib/test/test_capi.py
+++ b/Lib/test/test_capi.py
@@ -692,6 +692,9 @@ def check_pyobject_is_freed(self, func_name):
''')
assert_python_ok('-c', code, PYTHONMALLOC=self.PYTHONMALLOC)
+ def test_pyobject_null_is_freed(self):
+ self.check_pyobject_is_freed('check_pyobject_null_is_freed')
+
def test_pyobject_uninitialized_is_freed(self):
self.check_pyobject_is_freed('check_pyobject_uninitialized_is_freed')
diff --git a/Lib/test/test_gc.py b/Lib/test/test_gc.py
index 6c29e96c30fbd..f52db1eab169c 100644
--- a/Lib/test/test_gc.py
+++ b/Lib/test/test_gc.py
@@ -1055,16 +1055,19 @@ def test_refcount_errors(self):
br'gcmodule\.c:[0-9]+: gc_decref: Assertion "gc_get_refs\(g\) > 0" failed.')
self.assertRegex(stderr,
br'refcount is too small')
+ # "address : 0x7fb5062efc18"
+ # "address : 7FB5062EFC18"
+ address_regex = br'[0-9a-fA-Fx]+'
self.assertRegex(stderr,
- br'object : \[1, 2, 3\]')
+ br'object address : ' + address_regex)
self.assertRegex(stderr,
- br'type : list')
+ br'object refcount : 1')
self.assertRegex(stderr,
- br'refcount: 1')
- # "address : 0x7fb5062efc18"
- # "address : 7FB5062EFC18"
+ br'object type : ' + address_regex)
+ self.assertRegex(stderr,
+ br'object type name: list')
self.assertRegex(stderr,
- br'address : [0-9a-fA-Fx]+')
+ br'object repr : \[1, 2, 3\]')
class GCTogglingTests(unittest.TestCase):
diff --git a/Misc/NEWS.d/next/C API/2019-10-07-17-15-09.bpo-36389.hFX_jD.rst b/Misc/NEWS.d/next/C API/2019-10-07-17-15-09.bpo-36389.hFX_jD.rst
new file mode 100644
index 0000000000000..6c42882cdbaa6
--- /dev/null
+++ b/Misc/NEWS.d/next/C API/2019-10-07-17-15-09.bpo-36389.hFX_jD.rst
@@ -0,0 +1,3 @@
+The ``_PyObject_CheckConsistency()`` function is now also available in release
+mode. For example, it can be used to debug a crash in the ``visit_decref()``
+function of the GC.
diff --git a/Modules/_testcapimodule.c b/Modules/_testcapimodule.c
index cccf9249040df..46d772cff608e 100644
--- a/Modules/_testcapimodule.c
+++ b/Modules/_testcapimodule.c
@@ -4500,6 +4500,14 @@ test_pyobject_is_freed(const char *test_name, PyObject *op)
}
+static PyObject*
+check_pyobject_null_is_freed(PyObject *self, PyObject *Py_UNUSED(args))
+{
+ PyObject *op = NULL;
+ return test_pyobject_is_freed("check_pyobject_null_is_freed", op);
+}
+
+
static PyObject*
check_pyobject_uninitialized_is_freed(PyObject *self, PyObject *Py_UNUSED(args))
{
@@ -5268,6 +5276,7 @@ static PyMethodDef TestMethods[] = {
{"pymem_api_misuse", pymem_api_misuse, METH_NOARGS},
{"pymem_malloc_without_gil", pymem_malloc_without_gil, METH_NOARGS},
{"pymem_getallocatorsname", test_pymem_getallocatorsname, METH_NOARGS},
+ {"check_pyobject_null_is_freed", check_pyobject_null_is_freed, METH_NOARGS},
{"check_pyobject_uninitialized_is_freed", check_pyobject_uninitialized_is_freed, METH_NOARGS},
{"check_pyobject_forbidden_bytes_is_freed", check_pyobject_forbidden_bytes_is_freed, METH_NOARGS},
{"check_pyobject_freed_is_freed", check_pyobject_freed_is_freed, METH_NOARGS},
diff --git a/Modules/gcmodule.c b/Modules/gcmodule.c
index 8d7d67cb6701d..5a6a81d81364d 100644
--- a/Modules/gcmodule.c
+++ b/Modules/gcmodule.c
@@ -373,10 +373,9 @@ update_refs(PyGC_Head *containers)
/* A traversal callback for subtract_refs. */
static int
-visit_decref(PyObject *op, void *data)
+visit_decref(PyObject *op, void *parent)
{
- assert(op != NULL);
- _PyObject_ASSERT(op, !_PyObject_IsFreed(op));
+ _PyObject_ASSERT(_PyObject_CAST(parent), !_PyObject_IsFreed(op));
if (PyObject_IS_GC(op)) {
PyGC_Head *gc = AS_GC(op);
@@ -402,10 +401,11 @@ subtract_refs(PyGC_Head *containers)
traverseproc traverse;
PyGC_Head *gc = GC_NEXT(containers);
for (; gc != containers; gc = GC_NEXT(gc)) {
- traverse = Py_TYPE(FROM_GC(gc))->tp_traverse;
+ PyObject *op = FROM_GC(gc);
+ traverse = Py_TYPE(op)->tp_traverse;
(void) traverse(FROM_GC(gc),
(visitproc)visit_decref,
- NULL);
+ op);
}
}
diff --git a/Objects/bytesobject.c b/Objects/bytesobject.c
index 3b69fecde27b1..feeabcb8b4c7a 100644
--- a/Objects/bytesobject.c
+++ b/Objects/bytesobject.c
@@ -667,9 +667,6 @@ _PyBytes_FormatEx(const char *format, Py_ssize_t format_len,
Py_ssize_t len = 0;
char onechar; /* For byte_converter() */
Py_ssize_t alloc;
-#ifdef Py_DEBUG
- char *before;
-#endif
fmt++;
if (*fmt == '%') {
@@ -981,8 +978,8 @@ _PyBytes_FormatEx(const char *format, Py_ssize_t format_len,
if (res == NULL)
goto error;
}
-#ifdef Py_DEBUG
- before = res;
+#ifndef NDEBUG
+ char *before = res;
#endif
/* Write the sign if needed */
@@ -1047,7 +1044,7 @@ _PyBytes_FormatEx(const char *format, Py_ssize_t format_len,
}
Py_XDECREF(temp);
-#ifdef Py_DEBUG
+#ifndef NDEBUG
/* check that we computed the exact size for this write */
assert((res - before) == alloc);
#endif
@@ -3225,8 +3222,9 @@ _PyBytesWriter_Init(_PyBytesWriter *writer)
{
/* Set all attributes before small_buffer to 0 */
memset(writer, 0, offsetof(_PyBytesWriter, small_buffer));
-#ifdef Py_DEBUG
- memset(writer->small_buffer, 0xCB, sizeof(writer->small_buffer));
+#ifndef NDEBUG
+ memset(writer->small_buffer, PYMEM_CLEANBYTE,
+ sizeof(writer->small_buffer));
#endif
}
@@ -3263,10 +3261,10 @@ _PyBytesWriter_GetSize(_PyBytesWriter *writer, char *str)
return str - start;
}
-Py_LOCAL_INLINE(void)
+#ifndef NDEBUG
+Py_LOCAL_INLINE(int)
_PyBytesWriter_CheckConsistency(_PyBytesWriter *writer, char *str)
{
-#ifdef Py_DEBUG
char *start, *end;
if (writer->use_small_buffer) {
@@ -3296,15 +3294,16 @@ _PyBytesWriter_CheckConsistency(_PyBytesWriter *writer, char *str)
end = start + writer->allocated;
assert(str != NULL);
assert(start <= str && str <= end);
-#endif
+ return 1;
}
+#endif
void*
_PyBytesWriter_Resize(_PyBytesWriter *writer, void *str, Py_ssize_t size)
{
Py_ssize_t allocated, pos;
- _PyBytesWriter_CheckConsistency(writer, str);
+ assert(_PyBytesWriter_CheckConsistency(writer, str));
assert(writer->allocated < size);
allocated = size;
@@ -3353,14 +3352,15 @@ _PyBytesWriter_Resize(_PyBytesWriter *writer, void *str, Py_ssize_t size)
}
writer->use_small_buffer = 0;
-#ifdef Py_DEBUG
- memset(writer->small_buffer, 0xDB, sizeof(writer->small_buffer));
+#ifndef NDEBUG
+ memset(writer->small_buffer, PYMEM_CLEANBYTE,
+ sizeof(writer->small_buffer));
#endif
}
writer->allocated = allocated;
str = _PyBytesWriter_AsString(writer) + pos;
- _PyBytesWriter_CheckConsistency(writer, str);
+ assert(_PyBytesWriter_CheckConsistency(writer, str));
return str;
error:
@@ -3373,7 +3373,7 @@ _PyBytesWriter_Prepare(_PyBytesWriter *writer, void *str, Py_ssize_t size)
{
Py_ssize_t new_min_size;
- _PyBytesWriter_CheckConsistency(writer, str);
+ assert(_PyBytesWriter_CheckConsistency(writer, str));
assert(size >= 0);
if (size == 0) {
@@ -3406,7 +3406,7 @@ _PyBytesWriter_Alloc(_PyBytesWriter *writer, Py_ssize_t size)
assert(size >= 0);
writer->use_small_buffer = 1;
-#ifdef Py_DEBUG
+#ifndef NDEBUG
writer->allocated = sizeof(writer->small_buffer) - 1;
/* In debug mode, don't use the full small buffer because it is less
efficient than bytes and bytearray objects to detect buffer underflow
@@ -3434,7 +3434,7 @@ _PyBytesWriter_Finish(_PyBytesWriter *writer, void *str)
Py_ssize_t size;
PyObject *result;
- _PyBytesWriter_CheckConsistency(writer, str);
+ assert(_PyBytesWriter_CheckConsistency(writer, str));
size = _PyBytesWriter_GetSize(writer, str);
if (size == 0 && !writer->use_bytearray) {
diff --git a/Objects/dictobject.c b/Objects/dictobject.c
index a6ddf70cd8fa6..5dad1b6d9208c 100644
--- a/Objects/dictobject.c
+++ b/Objects/dictobject.c
@@ -459,23 +459,26 @@ static PyObject *empty_values[1] = { NULL };
int
_PyDict_CheckConsistency(PyObject *op, int check_content)
{
-#ifndef NDEBUG
- _PyObject_ASSERT(op, PyDict_Check(op));
+#define CHECK(expr) \
+ do { if (!(expr)) { _PyObject_ASSERT_FAILED_MSG(op, Py_STRINGIFY(expr)); } } while (0)
+
+ assert(op != NULL);
+ CHECK(PyDict_Check(op));
PyDictObject *mp = (PyDictObject *)op;
PyDictKeysObject *keys = mp->ma_keys;
int splitted = _PyDict_HasSplitTable(mp);
Py_ssize_t usable = USABLE_FRACTION(keys->dk_size);
- _PyObject_ASSERT(op, 0 <= mp->ma_used && mp->ma_used <= usable);
- _PyObject_ASSERT(op, IS_POWER_OF_2(keys->dk_size));
- _PyObject_ASSERT(op, 0 <= keys->dk_usable && keys->dk_usable <= usable);
- _PyObject_ASSERT(op, 0 <= keys->dk_nentries && keys->dk_nentries <= usable);
- _PyObject_ASSERT(op, keys->dk_usable + keys->dk_nentries <= usable);
+ CHECK(0 <= mp->ma_used && mp->ma_used <= usable);
+ CHECK(IS_POWER_OF_2(keys->dk_size));
+ CHECK(0 <= keys->dk_usable && keys->dk_usable <= usable);
+ CHECK(0 <= keys->dk_nentries && keys->dk_nentries <= usable);
+ CHECK(keys->dk_usable + keys->dk_nentries <= usable);
if (!splitted) {
/* combined table */
- _PyObject_ASSERT(op, keys->dk_refcnt == 1);
+ CHECK(keys->dk_refcnt == 1);
}
if (check_content) {
@@ -484,7 +487,7 @@ _PyDict_CheckConsistency(PyObject *op, int check_content)
for (i=0; i < keys->dk_size; i++) {
Py_ssize_t ix = dictkeys_get_index(keys, i);
- _PyObject_ASSERT(op, DKIX_DUMMY <= ix && ix <= usable);
+ CHECK(DKIX_DUMMY <= ix && ix <= usable);
}
for (i=0; i < usable; i++) {
@@ -494,32 +497,33 @@ _PyDict_CheckConsistency(PyObject *op, int check_content)
if (key != NULL) {
if (PyUnicode_CheckExact(key)) {
Py_hash_t hash = ((PyASCIIObject *)key)->hash;
- _PyObject_ASSERT(op, hash != -1);
- _PyObject_ASSERT(op, entry->me_hash == hash);
+ CHECK(hash != -1);
+ CHECK(entry->me_hash == hash);
}
else {
/* test_dict fails if PyObject_Hash() is called again */
- _PyObject_ASSERT(op, entry->me_hash != -1);
+ CHECK(entry->me_hash != -1);
}
if (!splitted) {
- _PyObject_ASSERT(op, entry->me_value != NULL);
+ CHECK(entry->me_value != NULL);
}
}
if (splitted) {
- _PyObject_ASSERT(op, entry->me_value == NULL);
+ CHECK(entry->me_value == NULL);
}
}
if (splitted) {
/* splitted table */
for (i=0; i < mp->ma_used; i++) {
- _PyObject_ASSERT(op, mp->ma_values[i] != NULL);
+ CHECK(mp->ma_values[i] != NULL);
}
}
}
-#endif
return 1;
+
+#undef CHECK
}
diff --git a/Objects/object.c b/Objects/object.c
index df2531371fa5b..566593a9c67cc 100644
--- a/Objects/object.c
+++ b/Objects/object.c
@@ -25,13 +25,14 @@ _Py_IDENTIFIER(__isabstractmethod__);
int
_PyObject_CheckConsistency(PyObject *op, int check_content)
{
- _PyObject_ASSERT(op, op != NULL);
- _PyObject_ASSERT(op, !_PyObject_IsFreed(op));
- _PyObject_ASSERT(op, Py_REFCNT(op) >= 1);
+#define CHECK(expr) \
+ do { if (!(expr)) { _PyObject_ASSERT_FAILED_MSG(op, Py_STRINGIFY(expr)); } } while (0)
- PyTypeObject *type = op->ob_type;
- _PyObject_ASSERT(op, type != NULL);
- _PyType_CheckConsistency(type);
+ CHECK(!_PyObject_IsFreed(op));
+ CHECK(Py_REFCNT(op) >= 1);
+
+ CHECK(op->ob_type != NULL);
+ _PyType_CheckConsistency(op->ob_type);
if (PyUnicode_Check(op)) {
_PyUnicode_CheckConsistency(op, check_content);
@@ -40,6 +41,8 @@ _PyObject_CheckConsistency(PyObject *op, int check_content)
_PyDict_CheckConsistency(op, check_content);
}
return 1;
+
+#undef CHECK
}
@@ -463,41 +466,41 @@ _PyObject_IsFreed(PyObject *op)
void
_PyObject_Dump(PyObject* op)
{
- if (op == NULL) {
- fprintf(stderr, "<object at NULL>\n");
- fflush(stderr);
- return;
- }
-
if (_PyObject_IsFreed(op)) {
/* It seems like the object memory has been freed:
don't access it to prevent a segmentation fault. */
fprintf(stderr, "<object at %p is freed>\n", op);
+ fflush(stderr);
return;
}
- PyGILState_STATE gil;
- PyObject *error_type, *error_value, *error_traceback;
+ /* first, write fields which are the least likely to crash */
+ fprintf(stderr, "object address : %p\n", (void *)op);
+ /* XXX(twouters) cast refcount to long until %zd is
+ universally available */
+ fprintf(stderr, "object refcount : %ld\n", (long)op->ob_refcnt);
+ fflush(stderr);
- fprintf(stderr, "object : ");
+ PyTypeObject *type = Py_TYPE(op);
+ fprintf(stderr, "object type : %p\n", type);
+ fprintf(stderr, "object type name: %s\n",
+ type==NULL ? "NULL" : type->tp_name);
+
+ /* the most dangerous part */
+ fprintf(stderr, "object repr : ");
fflush(stderr);
- gil = PyGILState_Ensure();
+ PyGILState_STATE gil = PyGILState_Ensure();
+ PyObject *error_type, *error_value, *error_traceback;
PyErr_Fetch(&error_type, &error_value, &error_traceback);
+
(void)PyObject_Print(op, stderr, 0);
fflush(stderr);
- PyErr_Restore(error_type, error_value, error_traceback);
+ PyErr_Restore(error_type, error_value, error_traceback);
PyGILState_Release(gil);
- /* XXX(twouters) cast refcount to long until %zd is
- universally available */
- fprintf(stderr, "\n"
- "type : %s\n"
- "refcount: %ld\n"
- "address : %p\n",
- Py_TYPE(op)==NULL ? "NULL" : Py_TYPE(op)->tp_name,
- (long)op->ob_refcnt,
- (void *)op);
+
+ fprintf(stderr, "\n");
fflush(stderr);
}
@@ -2148,6 +2151,7 @@ _PyObject_AssertFailed(PyObject *obj, const char *expr, const char *msg,
fprintf(stderr, "%s: ", function);
}
fflush(stderr);
+
if (expr) {
fprintf(stderr, "Assertion \"%s\" failed", expr);
}
@@ -2155,26 +2159,18 @@ _PyObject_AssertFailed(PyObject *obj, const char *expr, const char *msg,
fprintf(stderr, "Assertion failed");
}
fflush(stderr);
+
if (msg) {
fprintf(stderr, ": %s", msg);
}
fprintf(stderr, "\n");
fflush(stderr);
- if (obj == NULL) {
- fprintf(stderr, "<object at NULL>\n");
- }
- else if (_PyObject_IsFreed(obj)) {
+ if (_PyObject_IsFreed(obj)) {
/* It seems like the object memory has been freed:
don't access it to prevent a segmentation fault. */
fprintf(stderr, "<object at %p is freed>\n", obj);
- }
- else if (Py_TYPE(obj) == NULL) {
- fprintf(stderr, "<object at %p: ob_type=NULL>\n", obj);
- }
- else if (_PyObject_IsFreed((PyObject *)Py_TYPE(obj))) {
- fprintf(stderr, "<object at %p: type at %p is freed>\n",
- obj, (void *)Py_TYPE(obj));
+ fflush(stderr);
}
else {
/* Display the traceback where the object has been allocated.
@@ -2193,8 +2189,10 @@ _PyObject_AssertFailed(PyObject *obj, const char *expr, const char *msg,
/* This might succeed or fail, but we're about to abort, so at least
try to provide any extra info we can: */
_PyObject_Dump(obj);
+
+ fprintf(stderr, "\n");
+ fflush(stderr);
}
- fflush(stderr);
Py_FatalError("_PyObject_AssertFailed");
}
diff --git a/Objects/obmalloc.c b/Objects/obmalloc.c
index f420e19761741..bd6480a625e8a 100644
--- a/Objects/obmalloc.c
+++ b/Objects/obmalloc.c
@@ -2006,20 +2006,6 @@ _Py_GetAllocatedBlocks(void)
* it wraps a real allocator, adding extra debugging info to the memory blocks.
*/
-/* Special bytes broadcast into debug memory blocks at appropriate times.
- * Strings of these are unlikely to be valid addresses, floats, ints or
- * 7-bit ASCII. If modified, _PyMem_IsPtrFreed() should be updated as well.
- *
- * Byte patterns 0xCB, 0xBB and 0xFB have been replaced with 0xCD, 0xDD and
- * 0xFD to use the same values than Windows CRT debug malloc() and free().
- */
-#undef CLEANBYTE
-#undef DEADBYTE
-#undef FORBIDDENBYTE
-#define CLEANBYTE 0xCD /* clean (newly allocated) memory */
-#define DEADBYTE 0xDD /* dead (newly freed) memory */
-#define FORBIDDENBYTE 0xFD /* untouchable bytes at each end of a block */
-
/* Uncomment this define to add the "serialno" field */
/* #define PYMEM_DEBUG_SERIALNO */
@@ -2081,14 +2067,14 @@ p[0: S]
p[S]
API ID. See PEP 445. This is a character, but seems undocumented.
p[S+1: 2*S]
- Copies of FORBIDDENBYTE. Used to catch under- writes and reads.
+ Copies of PYMEM_FORBIDDENBYTE. Used to catch under- writes and reads.
p[2*S: 2*S+n]
- The requested memory, filled with copies of CLEANBYTE.
+ The requested memory, filled with copies of PYMEM_CLEANBYTE.
Used to catch reference to uninitialized memory.
&p[2*S] is returned. Note that this is 8-byte aligned if pymalloc
handled the request itself.
p[2*S+n: 2*S+n+S]
- Copies of FORBIDDENBYTE. Used to catch over- writes and reads.
+ Copies of PYMEM_FORBIDDENBYTE. Used to catch over- writes and reads.
p[2*S+n+S: 2*S+n+2*S]
A serial number, incremented by 1 on each call to _PyMem_DebugMalloc
and _PyMem_DebugRealloc.
@@ -2145,15 +2131,15 @@ _PyMem_DebugRawAlloc(int use_calloc, void *ctx, size_t nbytes)
/* at p, write size (SST bytes), id (1 byte), pad (SST-1 bytes) */
write_size_t(p, nbytes);
p[SST] = (uint8_t)api->api_id;
- memset(p + SST + 1, FORBIDDENBYTE, SST-1);
+ memset(p + SST + 1, PYMEM_FORBIDDENBYTE, SST-1);
if (nbytes > 0 && !use_calloc) {
- memset(data, CLEANBYTE, nbytes);
+ memset(data, PYMEM_CLEANBYTE, nbytes);
}
/* at tail, write pad (SST bytes) and serialno (SST bytes) */
tail = data + nbytes;
- memset(tail, FORBIDDENBYTE, SST);
+ memset(tail, PYMEM_FORBIDDENBYTE, SST);
#ifdef PYMEM_DEBUG_SERIALNO
write_size_t(tail + SST, serialno);
#endif
@@ -2179,7 +2165,7 @@ _PyMem_DebugRawCalloc(void *ctx, size_t nelem, size_t elsize)
/* The debug free first checks the 2*SST bytes on each end for sanity (in
particular, that the FORBIDDENBYTEs with the api ID are still intact).
- Then fills the original bytes with DEADBYTE.
+ Then fills the original bytes with PYMEM_DEADBYTE.
Then calls the underlying free.
*/
static void
@@ -2197,7 +2183,7 @@ _PyMem_DebugRawFree(void *ctx, void *p)
_PyMem_DebugCheckAddress(api->api_id, p);
nbytes = read_size_t(q);
nbytes += PYMEM_DEBUG_EXTRA_BYTES;
- memset(q, DEADBYTE, nbytes);
+ memset(q, PYMEM_DEADBYTE, nbytes);
api->alloc.free(api->alloc.ctx, q);
}
@@ -2239,14 +2225,14 @@ _PyMem_DebugRawRealloc(void *ctx, void *p, size_t nbytes)
*/
if (original_nbytes <= sizeof(save)) {
memcpy(save, data, original_nbytes);
- memset(data - 2 * SST, DEADBYTE,
+ memset(data - 2 * SST, PYMEM_DEADBYTE,
original_nbytes + PYMEM_DEBUG_EXTRA_BYTES);
}
else {
memcpy(save, data, ERASED_SIZE);
- memset(head, DEADBYTE, ERASED_SIZE + 2 * SST);
+ memset(head, PYMEM_DEADBYTE, ERASED_SIZE + 2 * SST);
memcpy(&save[ERASED_SIZE], tail - ERASED_SIZE, ERASED_SIZE);
- memset(tail - ERASED_SIZE, DEADBYTE,
+ memset(tail - ERASED_SIZE, PYMEM_DEADBYTE,
ERASED_SIZE + PYMEM_DEBUG_EXTRA_BYTES - 2 * SST);
}
@@ -2268,10 +2254,10 @@ _PyMem_DebugRawRealloc(void *ctx, void *p, size_t nbytes)
write_size_t(head, nbytes);
head[SST] = (uint8_t)api->api_id;
- memset(head + SST + 1, FORBIDDENBYTE, SST-1);
+ memset(head + SST + 1, PYMEM_FORBIDDENBYTE, SST-1);
tail = data + nbytes;
- memset(tail, FORBIDDENBYTE, SST);
+ memset(tail, PYMEM_FORBIDDENBYTE, SST);
#ifdef PYMEM_DEBUG_SERIALNO
write_size_t(tail + SST, block_serialno);
#endif
@@ -2295,7 +2281,8 @@ _PyMem_DebugRawRealloc(void *ctx, void *p, size_t nbytes)
if (nbytes > original_nbytes) {
/* growing: mark new extra memory clean */
- memset(data + original_nbytes, CLEANBYTE, nbytes - original_nbytes);
+ memset(data + original_nbytes, PYMEM_CLEANBYTE,
+ nbytes - original_nbytes);
}
return data;
@@ -2374,7 +2361,7 @@ _PyMem_DebugCheckAddress(char api, const void *p)
* the tail could lead to a segfault then.
*/
for (i = SST-1; i >= 1; --i) {
- if (*(q-i) != FORBIDDENBYTE) {
+ if (*(q-i) != PYMEM_FORBIDDENBYTE) {
msg = "bad leading pad byte";
goto error;
}
@@ -2383,7 +2370,7 @@ _PyMem_DebugCheckAddress(char api, const void *p)
nbytes = read_size_t(q - 2*SST);
tail = q + nbytes;
for (i = 0; i < SST; ++i) {
- if (tail[i] != FORBIDDENBYTE) {
+ if (tail[i] != PYMEM_FORBIDDENBYTE) {
msg = "bad trailing pad byte";
goto error;
}
@@ -2423,7 +2410,7 @@ _PyObject_DebugDumpAddress(const void *p)
fprintf(stderr, " The %d pad bytes at p-%d are ", SST-1, SST-1);
ok = 1;
for (i = 1; i <= SST-1; ++i) {
- if (*(q-i) != FORBIDDENBYTE) {
+ if (*(q-i) != PYMEM_FORBIDDENBYTE) {
ok = 0;
break;
}
@@ -2432,11 +2419,11 @@ _PyObject_DebugDumpAddress(const void *p)
fputs("FORBIDDENBYTE, as expected.\n", stderr);
else {
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
- FORBIDDENBYTE);
+ PYMEM_FORBIDDENBYTE);
for (i = SST-1; i >= 1; --i) {
const uint8_t byte = *(q-i);
fprintf(stderr, " at p-%d: 0x%02x", i, byte);
- if (byte != FORBIDDENBYTE)
+ if (byte != PYMEM_FORBIDDENBYTE)
fputs(" *** OUCH", stderr);
fputc('\n', stderr);
}
@@ -2451,7 +2438,7 @@ _PyObject_DebugDumpAddress(const void *p)
fprintf(stderr, " The %d pad bytes at tail=%p are ", SST, (void *)tail);
ok = 1;
for (i = 0; i < SST; ++i) {
- if (tail[i] != FORBIDDENBYTE) {
+ if (tail[i] != PYMEM_FORBIDDENBYTE) {
ok = 0;
break;
}
@@ -2460,12 +2447,12 @@ _PyObject_DebugDumpAddress(const void *p)
fputs("FORBIDDENBYTE, as expected.\n", stderr);
else {
fprintf(stderr, "not all FORBIDDENBYTE (0x%02x):\n",
- FORBIDDENBYTE);
+ PYMEM_FORBIDDENBYTE);
for (i = 0; i < SST; ++i) {
const uint8_t byte = tail[i];
fprintf(stderr, " at tail+%d: 0x%02x",
i, byte);
- if (byte != FORBIDDENBYTE)
+ if (byte != PYMEM_FORBIDDENBYTE)
fputs(" *** OUCH", stderr);
fputc('\n', stderr);
}
diff --git a/Objects/typeobject.c b/Objects/typeobject.c
index e635b718d6a95..5df121775af00 100644
--- a/Objects/typeobject.c
+++ b/Objects/typeobject.c
@@ -137,22 +137,24 @@ skip_signature(const char *doc)
int
_PyType_CheckConsistency(PyTypeObject *type)
{
-#define ASSERT(expr) _PyObject_ASSERT((PyObject *)type, (expr))
+#define CHECK(expr) \
+ do { if (!(expr)) { _PyObject_ASSERT_FAILED_MSG((PyObject *)type, Py_STRINGIFY(expr)); } } while (0)
+
+ CHECK(!_PyObject_IsFreed((PyObject *)type));
if (!(type->tp_flags & Py_TPFLAGS_READY)) {
- /* don't check types before PyType_Ready() */
+ /* don't check static types before PyType_Ready() */
return 1;
}
- ASSERT(!_PyObject_IsFreed((PyObject *)type));
- ASSERT(Py_REFCNT(type) >= 1);
- ASSERT(PyType_Check(type));
+ CHECK(Py_REFCNT(type) >= 1);
+ CHECK(PyType_Check(type));
- ASSERT(!(type->tp_flags & Py_TPFLAGS_READYING));
- ASSERT(type->tp_dict != NULL);
+ CHECK(!(type->tp_flags & Py_TPFLAGS_READYING));
+ CHECK(type->tp_dict != NULL);
return 1;
-#undef ASSERT
+#undef CHECK
}
static const char *
diff --git a/Objects/unicodeobject.c b/Objects/unicodeobject.c
index 9eef05a621676..0556eff8d0713 100644
--- a/Objects/unicodeobject.c
+++ b/Objects/unicodeobject.c
@@ -442,65 +442,63 @@ PyUnicode_GetMax(void)
int
_PyUnicode_CheckConsistency(PyObject *op, int check_content)
{
+#define CHECK(expr) \
+ do { if (!(expr)) { _PyObject_ASSERT_FAILED_MSG(op, Py_STRINGIFY(expr)); } } while (0)
+
PyASCIIObject *ascii;
unsigned int kind;
- _PyObject_ASSERT(op, PyUnicode_Check(op));
+ assert(op != NULL);
+ CHECK(PyUnicode_Check(op));
ascii = (PyASCIIObject *)op;
kind = ascii->state.kind;
if (ascii->state.ascii == 1 && ascii->state.compact == 1) {
- _PyObject_ASSERT(op, kind == PyUnicode_1BYTE_KIND);
- _PyObject_ASSERT(op, ascii->state.ready == 1);
+ CHECK(kind == PyUnicode_1BYTE_KIND);
+ CHECK(ascii->state.ready == 1);
}
else {
PyCompactUnicodeObject *compact = (PyCompactUnicodeObject *)op;
-#ifndef NDEBUG
void *data;
-#endif
if (ascii->state.compact == 1) {
-#ifndef NDEBUG
data = compact + 1;
-#endif
- _PyObject_ASSERT(op, kind == PyUnicode_1BYTE_KIND
+ CHECK(kind == PyUnicode_1BYTE_KIND
|| kind == PyUnicode_2BYTE_KIND
|| kind == PyUnicode_4BYTE_KIND);
- _PyObject_ASSERT(op, ascii->state.ascii == 0);
- _PyObject_ASSERT(op, ascii->state.ready == 1);
- _PyObject_ASSERT(op, compact->utf8 != data);
+ CHECK(ascii->state.ascii == 0);
+ CHECK(ascii->state.ready == 1);
+ CHECK(compact->utf8 != data);
}
else {
-#ifndef NDEBUG
PyUnicodeObject *unicode = (PyUnicodeObject *)op;
data = unicode->data.any;
-#endif
if (kind == PyUnicode_WCHAR_KIND) {
- _PyObject_ASSERT(op, ascii->length == 0);
- _PyObject_ASSERT(op, ascii->hash == -1);
- _PyObject_ASSERT(op, ascii->state.compact == 0);
- _PyObject_ASSERT(op, ascii->state.ascii == 0);
- _PyObject_ASSERT(op, ascii->state.ready == 0);
- _PyObject_ASSERT(op, ascii->state.interned == SSTATE_NOT_INTERNED);
- _PyObject_ASSERT(op, ascii->wstr != NULL);
- _PyObject_ASSERT(op, data == NULL);
- _PyObject_ASSERT(op, compact->utf8 == NULL);
+ CHECK(ascii->length == 0);
+ CHECK(ascii->hash == -1);
+ CHECK(ascii->state.compact == 0);
+ CHECK(ascii->state.ascii == 0);
+ CHECK(ascii->state.ready == 0);
+ CHECK(ascii->state.interned == SSTATE_NOT_INTERNED);
+ CHECK(ascii->wstr != NULL);
+ CHECK(data == NULL);
+ CHECK(compact->utf8 == NULL);
}
else {
- _PyObject_ASSERT(op, kind == PyUnicode_1BYTE_KIND
+ CHECK(kind == PyUnicode_1BYTE_KIND
|| kind == PyUnicode_2BYTE_KIND
|| kind == PyUnicode_4BYTE_KIND);
- _PyObject_ASSERT(op, ascii->state.compact == 0);
- _PyObject_ASSERT(op, ascii->state.ready == 1);
- _PyObject_ASSERT(op, data != NULL);
+ CHECK(ascii->state.compact == 0);
+ CHECK(ascii->state.ready == 1);
+ CHECK(data != NULL);
if (ascii->state.ascii) {
- _PyObject_ASSERT(op, compact->utf8 == data);
- _PyObject_ASSERT(op, compact->utf8_length == ascii->length);
+ CHECK(compact->utf8 == data);
+ CHECK(compact->utf8_length == ascii->length);
}
else
- _PyObject_ASSERT(op, compact->utf8 != data);
+ CHECK(compact->utf8 != data);
}
}
if (kind != PyUnicode_WCHAR_KIND) {
@@ -512,16 +510,16 @@ _PyUnicode_CheckConsistency(PyObject *op, int check_content)
#endif
)
{
- _PyObject_ASSERT(op, ascii->wstr == data);
- _PyObject_ASSERT(op, compact->wstr_length == ascii->length);
+ CHECK(ascii->wstr == data);
+ CHECK(compact->wstr_length == ascii->length);
} else
- _PyObject_ASSERT(op, ascii->wstr != data);
+ CHECK(ascii->wstr != data);
}
if (compact->utf8 == NULL)
- _PyObject_ASSERT(op, compact->utf8_length == 0);
+ CHECK(compact->utf8_length == 0);
if (ascii->wstr == NULL)
- _PyObject_ASSERT(op, compact->wstr_length == 0);
+ CHECK(compact->wstr_length == 0);
}
/* check that the best kind is used: O(n) operation */
@@ -540,23 +538,25 @@ _PyUnicode_CheckConsistency(PyObject *op, int check_content)
}
if (kind == PyUnicode_1BYTE_KIND) {
if (ascii->state.ascii == 0) {
- _PyObject_ASSERT(op, maxchar >= 128);
- _PyObject_ASSERT(op, maxchar <= 255);
+ CHECK(maxchar >= 128);
+ CHECK(maxchar <= 255);
}
else
- _PyObject_ASSERT(op, maxchar < 128);
+ CHECK(maxchar < 128);
}
else if (kind == PyUnicode_2BYTE_KIND) {
- _PyObject_ASSERT(op, maxchar >= 0x100);
- _PyObject_ASSERT(op, maxchar <= 0xFFFF);
+ CHECK(maxchar >= 0x100);
+ CHECK(maxchar <= 0xFFFF);
}
else {
- _PyObject_ASSERT(op, maxchar >= 0x10000);
- _PyObject_ASSERT(op, maxchar <= MAX_UNICODE);
+ CHECK(maxchar >= 0x10000);
+ CHECK(maxchar <= MAX_UNICODE);
}
- _PyObject_ASSERT(op, PyUnicode_READ(kind, data, ascii->length) == 0);
+ CHECK(PyUnicode_READ(kind, data, ascii->length) == 0);
}
return 1;
+
+#undef CHECK
}
More information about the Python-checkins
mailing list