Skip to content
This repository was archived by the owner on Feb 13, 2025. It is now read-only.

bomb type not initialized, NULL pointer access on MemoryError #146

Closed
akruis opened this issue Dec 20, 2017 · 1 comment
Closed

bomb type not initialized, NULL pointer access on MemoryError #146

akruis opened this issue Dec 20, 2017 · 1 comment
Assignees
@akruis
Labels
3.5-slp 3.6-slp bug main-slp major stackless python
Milestone
v3.6.x-slp

Comments

@akruis
Copy link

akruis commented Dec 20, 2017

Since Stackless 3.2, the module _stackless is initialized late. Part of this initialization is the call of slp_init_bombtype().

If a tasklet (including the main-tasklet) ends with an exception, a bomb is created, that encapsulates the exception (function PyObject * slp_curexc_to_bomb(void) in Stackless/module/scheduling.c). If the exception is a MemoryError, slp_curexc_to_bomb() does not allocate the bomb-object, but uses a static bomb object, that was allocated during the initialization of the bomb-type in slp_init_bombtype(). Now, if module _stackless hasn't been initialized, the out-of-memory-bomb hasn't been allocated and a NULL-pointer access happens.

I discovered the problem, because the newly introduced (d5d7954) test case test.test_exceptions.ExceptionTests.test_memory_error_in_PyErr_PrintEx failed.

Fix: always initialize the bomb type. And add an assertion to make sure, that the type got initialized.
@akruis akruis added this to the v3.6.x-slp milestone Dec 20, 2017
@akruis akruis self-assigned this Dec 20, 2017
akruis pushed a commit that referenced this issue Dec 21, 2017
@Mariatta @ambv
[3.6] bpo-21056: Document return type of next method of csv reader (G…
6ef0882 
…H-146) (python#1749)

(cherry picked from commit d618c8c)
akruis pushed a commit that referenced this issue Dec 21, 2017
Stackless issue #146: always initialize the bomb type
bcd724c 
This fix prevent a NULL-pointer access (SEGFAULT), if a thread
terminates with a MemoryError exception.
akruis pushed a commit that referenced this issue Dec 21, 2017
Stackless issue #146: always initialize the bomb type
bdf5986 
This fix prevent a NULL-pointer access (SEGFAULT), if a thread
terminates with a MemoryError exception.
(cherry picked from commit bcd724c)
akruis pushed a commit that referenced this issue Dec 21, 2017
Stackless issue #146: always initialize the bomb type
2e3842c 
This fix prevent a NULL-pointer access (SEGFAULT), if a thread
terminates with a MemoryError exception.
(cherry picked from commit bcd724c)
@akruis
Copy link
Author

akruis commented Dec 22, 2017

Fixed in master-slp, 3.6-slp, 3.5-slp. 2.7 is not affected and other versions are unmaintained.

@akruis akruis closed this as completed Dec 22, 2017
@akruis akruis mentioned this issue Dec 22, 2017
Closed
7 tasks
akruis pushed a commit that referenced this issue Mar 4, 2018
@aktech @Mariatta
bpo-21056: Document return type of next method of csv reader (#146)
d618c8c
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@akruis akruis

Labels
3.5-slp 3.6-slp bug main-slp major stackless python
Projects
None yet
Milestone
v3.6.x-slp
Development

No branches or pull requests
1 participant
@akruis