Hi Skip,
I wrote the feature (both tracemalloc and query tracemalloc when a
buffer overflow is detected), so I should be able to help you ;-)
Le dim. 5 avr. 2020 à 00:27, Skip Montanaro <skip.montan...@gmail.com> a écrit :
> Looking at the tracemalloc module docs and trying various command line args
> (-X tracemalloc=5) or environment variables (PYTHONTRACEMALLOC=5)
Yes, that's the right way to enable it. The env var is inherited by
subprocesses.
> I'm unable to provoke any different output.
Maybe your test runs Python with -I or -E which ignores the
environment variable. Which command do do you run to run tests?
It's unclear from your output which test and which process triggers
the "Debug memory block at address" bug.
Maybe you are out of lock and the buffer corruption is only detected
(the memory is only deallocated) after tracemalloc was disabled by
_PyTraceMalloc_Fini() call in Py_FinalizeEx(). You may try to hack
Python by commenting this _PyTraceMalloc_Fini() call.
FYI there is an unit test on the debug hooks on memory allocator to
ensure that it detects buffer overflow:
test_capi.test_buffer_overflow() checks for "Debug memory block at
address (...)".
Example:
------------------------
$ cat bug.py
import _testcapi
_testcapi.pymem_buffer_overflow()
$ python3 bug.py
Segmentation fault (core dumped)
$ python3 -X tracemalloc=5 -X dev bug.py
Debug memory block at address p=0x7f225fd1c100: API 'm'
16 bytes originally requested
The 7 pad bytes at p-7 are FORBIDDENBYTE, as expected.
The 8 pad bytes at tail=0x7f225fd1c110 are not all FORBIDDENBYTE (0xfd):
at tail+0: 0x78 *** OUCH
at tail+1: 0xfd
at tail+2: 0xfd
at tail+3: 0xfd
at tail+4: 0xfd
at tail+5: 0xfd
at tail+6: 0xfd
at tail+7: 0xfd
The block was made by call #56367 to debug malloc/realloc.
Data at p: cd cd cd cd cd cd cd cd cd cd cd cd cd cd cd cd
Memory block allocated at (most recent call first):
File "bug.py", line 2
Fatal Python error: bad trailing pad byte
Current thread 0x00007f226cda56c0 (most recent call first):
File "bug.py", line 2 in <module>
Aborted (core dumped)
------------------------
Tracemalloc adds "Memory block allocated at" traceback.
By the way, I started to also suggest enabling tracemalloc when a
ResourceWarning is logged, to see where the leaked resource was
allocated.
Victor
_______________________________________________
Python-Dev mailing list -- python-dev@python.org
To unsubscribe send an email to python-dev-le...@python.org
https://mail.python.org/mailman3/lists/python-dev.python.org/
Message archived at
https://mail.python.org/archives/list/python-dev@python.org/message/EQD3RJOKL5H2IF53V7PA44KCO324OOWR/
Code of Conduct: http://python.org/psf/codeofconduct/
