Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #27859
| Path | csiph.com!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!ecngs!feeder2.ecngs.de!newsfeed.freenet.ag!news2.euro.net!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <plr.vincent@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.001 |
| X-Spam-Evidence | '*H*': 1.00; '*S*': 0.00; 'debug': 0.05; 'see:': 0.07; 'python': 0.09; '(although': 0.09; 'callback': 0.09; 'instance.': 0.09; 'received:localnet': 0.09; 'subject:setting': 0.09; 'url:github': 0.09; 'bug': 0.10; 'thread': 0.11; 'stack': 0.15; '"use': 0.16; 'bottom:': 0.16; 'ctype': 0.16; 'effect,': 0.16; 'either)': 0.16; 'enough.': 0.16; 'segfault': 0.16; 'subject:2.7.3': 0.16; 'subject:instance': 0.16; 'subject:when': 0.16; 'subscribed)': 0.16; 'url:py': 0.16; 'valgrind': 0.16; 'instance': 0.17; "shouldn't": 0.17; 'memory': 0.18; 'causing': 0.20; 'pending': 0.20; 'ctypes': 0.22; 'received:74.125.82.174': 0.23; "i've": 0.23; 'seems': 0.23; 'idea': 0.24; 'header:User- Agent:1': 0.26; '(which': 0.26; 'wrote': 0.26; 'guess': 0.27; 'handling': 0.27; "doesn't": 0.28; '(maybe': 0.29; 'gil': 0.29; 'obj': 0.29; 'trigger': 0.29; "i'm": 0.29; 'code': 0.31; 'could': 0.32; 'print': 0.32; 'received:74.125.82': 0.33; 'traceback': 0.33; 'problem': 0.33; 'to:addr:python-list': 0.33; '(with': 0.33; 'skip:- 20': 0.34; 'received:google.com': 0.34; 'something': 0.35; 'there': 0.35; 'but': 0.36; 'message-id:@gmail.com': 0.36; 'received:74.125': 0.36; 'depends': 0.36; 'possible': 0.37; 'reported': 0.37; 'uses': 0.37; 'some': 0.38; 'several': 0.39; 'to:addr:python.org': 0.39; 'application': 0.40; 'header:Received:5': 0.40; 'think': 0.40; 'skip:u 10': 0.60; 'further': 0.61; 'header:Message-Id:1': 0.62; 'different': 0.63; 'more': 0.63; 'cast': 0.65; 'completion': 0.78; 'ref': 0.84; 'transfer,': 0.84; 'url:master': 0.84; 'received:86': 0.93 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; bh=sI623LvGMm4DHP3XT27xeuYbtzqYhFDaCBOjfF9ngKc=; b=KuoKHholFJbc6xd/UKwF0QQ92lscj9L2FZnt4qBlJKl3+at9Ru3VcOi5KFQdGjSjOH UmWdozuiKyBQyg3+ZVNwUAZRyyFIHsbucQ9IrSsOEG2NK5DGXAa+arNkxSZwZ8s0A/zg K041G6NVbS5LqQ1Kz6EOhvdrUZ3i1vWIQvyeuD9RlLFKEBdz1juk2bOn1azf4CV4e6Qq R6mIyJitlNFKC9+G4vGHU3I0UMYfUhCZm1bDxtk2kDhKtXtqRtCBj6rOTgAumofYhl1Z /WVmnH9pKkG+SnBqZuq9WpoZ7hnxs2EgGZnqr8aAyuxkxuxq6b7yriDQc4aEhDXgHKD7 OE1Q== |
| From | Vincent Pelletier <plr.vincent@gmail.com> |
| To | python-list@python.org |
| Subject | Segfault when setting an instance property on 2.7.3 |
| Date | Sat, 25 Aug 2012 11:38:47 +0200 |
| User-Agent | KMail/1.13.7 (Linux/3.4.2case; KDE/4.8.4; x86_64; ; ) |
| MIME-Version | 1.0 |
| Content-Type | Text/Plain; charset="utf-8" |
| Content-Transfer-Encoding | 7bit |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.12 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.3792.1345887531.4697.python-list@python.org> (permalink) |
| Lines | 59 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1345887531 news.xs4all.nl 6910 [2001:888:2000:d::a6]:42386 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:27859 |
Show key headers only | View raw
Hi.
(please keep me in CC for replies, I'm not subscribed)
I wrote a ctypes-(wait, read on)-based binding[1] for libusb1, in which I'm
triggering a segfault from an application[2] I wrote.
I've been through several segfault caused by ctypes mis-usage, this one seems
different enough. I think there is something else (maybe ultimately caused by
some ctypes effect, but I don't see the relation yet).
The Python line causing the segfault:
https://github.com/vpelletier/python-libusb1/blob/master/usb1.py#L192
C stack at segfault (with -dbg package installed):
http://pastebin.com/rVUPsSrU
#0
(gdb) print *op
$1 = {ob_refcnt = -4247522206314328575, ob_type = 0xcf0dc50ec50dc50e}
(gdb) up
#1
(gdb) print *obj
$2 = {ob_refcnt = 6, ob_type = 0x9c5f70}
(gdb) print obj
$3 = <USBTransfer at remote 0xb3a950>
The program using python-libusb1 which triggers the segfault:
https://github.com/vpelletier/ITI1480A-linux/blob/master/iti1480a/capture.py
The event loop is at the bottom: allocate USB transfers, submit them, loop on
libusb1 event handling until there is no more submitted transfer, libusb uses
callback which resubmits transfer, ...
ctypes possible segfault causes checklist:
- callback is cast into a ctype CFUNCTYPE type instance
See:
https://github.com/vpelletier/python-libusb1/blob/master/libusb1.py#L587
https://github.com/vpelletier/python-libusb1/blob/master/usb1.py#L133
- a strong ref to it is kept on USBTransfer instance so it is not GC'ed
See:
https://github.com/vpelletier/python-libusb1/blob/master/usb1.py#L808
- application is single-threaded (libusb1 doesn't create any C thread either)
so even if there were missing GIL acquisitions, it shouldn't be a problem
Also, a strong ref to USBTransfer is kept on USBDeviceHandle instance. When
an USBDeviceHandle is GC'ed, it cancels any pending transfer, waits for
completion (=libusb1 callback is executed) and then allow them to be GC'ed.
- we are not accessing unallocated memory in this traceback (although it could
be that memory got overwritten somehow)
I couldn't trigger the bug while under valgrind (which reported some
"Conditional jump or move depends on uninitialized value(s)" & "Use of
uninitialized value of size 8" in PyObject_Free, but reading the code I guess
they are harmless and unrelated).
Any idea of ways to debug this problem further ?
Regards,
--
Vincent Pelletier
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Segfault when setting an instance property on 2.7.3 Vincent Pelletier <plr.vincent@gmail.com> - 2012-08-25 11:38 +0200
csiph-web