Package: python3 Version: 3.5.3-1 Dear maintainers,
Excuse me if I did not file this bug against the right package; but it involves three different packages. I noticed a segfault in pip while installing some program with a huge set of dependencies. I managed to narrow it down to the cffi package. Here is how to reproduce the bug on a computer with Stretch installed (I did not try other Debian versions): debootstrap stretch chroot/ mount --bind /dev chroot/dev/ # for networking chroot chroot/ apt install python3 python3-pip python3-openssl adduser tmp su tmp pip3 install --user cffi pip3 install --user cffi This causes the *second* call to pip3 to segfault while it is shutting down (I found other instances of that segfault while a program is running, but it is harder to reproduce). You may note that if python3-openssl is not installed, then there is no segfault. Here is the valgrind output corresponding to that segfault (this output is sometimes a bit different): ==25001== Invalid read of size 1 ==25001== at 0x25F194: visit_decref (gcmodule.c:373) ==25001== by 0x2E1464: dict_traverse.lto_priv.170 (dictobject.c:2570) ==25001== by 0x264012: subtract_refs (gcmodule.c:398) ==25001== by 0x264012: collect (gcmodule.c:951) ==25001== by 0x35A03C: collect_with_callback (gcmodule.c:1119) ==25001== by 0x35A0A0: PyGC_Collect (gcmodule.c:1583) ==25001== by 0x35D11B: Py_Finalize (pylifecycle.c:567) ==25001== by 0x35D217: Py_Exit (pylifecycle.c:1465) ==25001== by 0x35D2FD: handle_system_exit (pythonrun.c:602) ==25001== by 0x35D365: PyErr_PrintEx (pythonrun.c:612) ==25001== by 0x38BE79: RunModule (main.c:210) ==25001== by 0x38C71E: Py_Main (main.c:709) ==25001== by 0x21CC00: main (python.c:65) ==25001== Address 0xa9 is not stack'd, malloc'd or (recently) free'd I did some debugging with gdb, and the "op" object in visit_decref (gcmodule.c:373) has an ob_type set to NULL. Unfortunately, because of the compilation optimizations, I was unable to get more information. Best regards, Val
signature.asc
Description: OpenPGP digital signature
