[snake-farm] Re: [Python-Dev] Snake farm (original) (raw)

Guido van Rossum guido@python.org
Mon, 11 Nov 2002 09:09:57 -0500

> Marc, pymalloc is supposed to be bulletproof. If there's a segfault > that can be avoided by disabling pymalloc, that's a bug in pymalloc. > Would you mind helping us find this bug?

No problem. Environment: FreeBSD-current (Nov. 8th), Python CVS Sources Nov. 11th (~ 10:00 CEST). limit: cputime unlimited filesize unlimited datasize 512MB stacksize 64MB coredumpsize unlimited memoryuse unlimited memorylocked unlimited maxproc 7390 descriptors 32768 sockbufsize unlimited vmemorysize unlimited

I compiled Python with no optimization flags set

But there are optimization flags set by default in the Makefile (at OPT=...). Can you take out the -O3 from the OPT variable and start over? As Tim Peters suggested, this may be an optimizer bug.

and my changes to pyconfig.h.in/configure.in (removes XOPEN*,POSIX* in the FreeBSD case to get it compiled). The only configure argument was prefix.

Error /usr/bin/install -c ./install-sh /opt/local/python/lib/python2.3/config/install-sh _./python -E ./setup.py install _ _--prefix=/opt/local/python _ _--install-scripts=/opt/local/python/bin _ --install-platlib=/opt/local/python/lib/python2.3/lib-dynload running install running build running buildext gmake: *** [sharedinstall] Segmentation fault (core dumped) 713 if (ADDRESSINRANGE(p, pool->arenaindex)) { (gdb) bt #0 0x080779c0 in PyObjectFree (p=0x800) at Objects/obmalloc.c:713 #1 0x080e00a0 in functioncall (func=0x82641ec, arg=0x8258b8c, kw=0x826bbdc) at Objects/funcobject.c:481 #2 0x080599fb in PyObjectCall (func=0x82641ec, arg=0x8258b8c, kw=0x826bbdc) at Objects/abstract.c:1688 #3 0x080a7950 in extdocall (func=0x82641ec, ppstack=0xbfbfdfa4, flags=2, na=1, nk=0) at Python/ceval.c:3453 #4 0x080a4b64 in evalframe (f=0x81d400c) at Python/ceval.c:2043 #5 0x080a5e1e in PyEvalEvalCodeEx (co=0x820e620, globals=0x819a57c, locals=0x0, args=0x831ad70, argcount=1, kws=0x831ad74, kwcount=0, defs=0x0, defcount=0, closure=0x0) at Python/ceval.c:2554 #6 0x080a73c3 in fastfunction (func=0x82378ec, ppstack=0xbfbfe194, n=1, na=1, nk=0) at Python/ceval.c:3297 #7 0x080a72af in callfunction (ppstack=0xbfbfe194, oparg=0) at Python/ceval.c:3266 #8 0x080a4a50 in evalframe (f=0x831ac0c) at Python/ceval.c:2009 [...] (gdb) l 708 709 if (p == NULL) /* free(NULL) has no effect */ 710 return; 711 712 pool = POOLADDR(p); 713 if (ADDRESSINRANGE(p, pool->arenaindex)) { 714 /* We allocated this address. */ 715 LOCK(); 716 /* 717 * Link p to the start of the pool's freeblock list. Since Here ? (gdb) p pool $1 = (struct poolheader *) 0x0 (gdb) p p $2 = (void *) 0x800 (gdb) x 0x800 0x800: Cannot access memory at address 0x800

So it looks like PyOblect_Free() was called with 0x800 as an argument, which is a bogus pointer value. Can you go up one stack level and see what the value of k in function_call() is?

This doesn't happen if either --without-pymalloc or --with-pydebug is given.

Well, --without-pymalloc means that this code is never executed. It's disturbing that --with-pydebug doesn't reveal a problem though; that again points in the direction of the optimizer.

--Guido van Rossum (home page: http://www.python.org/~guido/)