[issue32629] PyImport_ImportModule occasionally cause access violation

2021-10-18 Thread Irit Katriel 


Irit Katriel  added the comment:

This looks like you are accessing memory that has been corrupted, which can 
happen in any number of ways. I am closing this because there isn't enough 
information to do anything about it.

If you can show us how to reproduce the crash, and it occurs on a current 
version of python (>= 3.9), then please create a new issue.

--
nosy: +iritkatriel
resolution:  -> rejected
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue32629] PyImport_ImportModule occasionally cause access violation

2018-01-22 Thread Jack Branson 

New submission from Jack Branson :

I found that calling PyImport_ImportModule frequently may cause access 
violation error.

here is call stack:

00 0354f610 67d01605 0001 0020 007f python36!_PyObject_Alloc+0x5e 
[c:\build\cpython36\objects\obmalloc.c @ 1258]
01 (Inline)     python36!PyObject_Malloc+0x18 
[c:\build\cpython36\objects\obmalloc.c @ 479]
02 0354f638 67d18070 0008 007f 67e541e0 python36!PyUnicode_New+0xf5 
[c:\build\cpython36\objects\unicodeobject.c @ 1281]
03 0354f654 67d0963a 0354f69c 0008 007f 
python36!_PyUnicodeWriter_PrepareInternal+0x60 
[c:\build\cpython36\objects\unicodeobject.c @ 13534]
04 0354f6c0 67d02a66 67e541e0 0008  
python36!PyUnicode_DecodeUTF8Stateful+0xca 
[c:\build\cpython36\objects\unicodeobject.c @ 5034]
05 0354f6e4 67d59183 67e541e0 02a09db8 02a09de0 
python36!PyUnicode_FromString+0x46 [c:\build\cpython36\objects\unicodeobject.c 
@ 2077]
06 (Inline)     
python36!PyImport_ImportModuleLevel+0xa [c:\build\cpython36\python\import.c @ 
1652]
07 0354f704 67d5878f 02a09de0 02a09db8 02a09dd0 python36!PyImport_Import+0xe3 
[c:\build\cpython36\python\import.c @ 1732]
08 0354f718 00478639 02a09dd0 7651129a  
python36!PyImport_ImportModule+0x1f [c:\build\cpython36\python\import.c @ 1257]

pointer bp's value is 0x0001, which is NULL + 1. In this case, `assert(bp 
!= NULL)` will not let application crash for assert failure, and application 
will continue run until the line `pool->freeblock = *(block **)bp` which is 
defrencing bp, causes access violation.

0:009> .frame 0
00 0354f610 67d01605 python36!_PyObject_Alloc+0x5e 
[c:\build\cpython36\objects\obmalloc.c @ 1258]
0:009> r
eax=67ecfeb8 ebx=0021 ecx=02a09000 edx= esi=0001 edi=0001
eip=67cdda4e esp=0354f5f8 ebp=0354f610 iopl=0 nv up ei pl nz na pe cy
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b efl=00010207
python36!_PyObject_Alloc+0x5e:
67cdda4e 8b06mov eax,dword ptr [esi]  ds:002b:0001=
0:009> dv
 use_calloc = 0n0
  nelem = 1
 elsize = 
 nbytes = 0x21
   pool = 0x02a09000
   size = 4
   next = 0x67ecfeb8
 bp = 0x0001 "--- memory read error at address 0x0001 ---"
 result = 
  usable_arenas = 


/*
 * There is a used pool for this size class.
 * Pick up the head block of its free list.
 */
++pool->ref.count;
bp = pool->freeblock;
assert(bp != NULL);
if ((pool->freeblock = *(block **)bp) != NULL) {
UNLOCK();
if (use_calloc)
memset(bp, 0, nbytes);
return (void *)bp;
}
/*

--
components: ctypes
messages: 310471
nosy: Jack Branson
priority: normal
severity: normal
status: open
title: PyImport_ImportModule occasionally cause access violation
type: crash
versions: Python 3.6

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com