➜
This issue tracker has been migrated to GitHub,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
Created on 2005-02-11 00:04 by complex, last changed 2022-04-11 14:56 by admin. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| python_2.4.0_segfault.zip | complex, 2005-02-11 00:04 | Example to crash python 2.4.0 on Linux and Windows. | ||
| Messages (13) | |||
|---|---|---|---|
| msg24244 - (view) | Author: Viktor Ferenczi (complex) | Date: 2005-02-11 00:04 | |
Running the attached example crashes python 2.4.0 on linux (segfault) and Windows. Python is compiled on Debian Linux 3.0r3 (Woody). On Windows XP, I used the MSI installer downloaded from python.org This may be a problem with the regular expression module, but I'm not sure. Please assign a new category if it appears as a regexp bug. This bug causes permanent crashes in my new WEB applications. Old apps not using regexp and PyMeld seem to run correctly. Thanks for 2.4.1. |
|||
| msg24245 - (view) | Author: Michael Hudson (mwh)  |
Date: 2005-02-11 14:57 | |
Logged In: YES user_id=6656 What do you do to make it crash? "python index.py"? It doesn't fail for me with CVS HEAD. |
|||
| msg24246 - (view) | Author: Jim Jewett (jimjjewett) | Date: 2005-02-11 19:36 | |
Logged In: YES
user_id=764593
Partially reproduced on Windows XP. (Using the stock 2.4.
0 msi)
Just loading it in IDLE and hitting F5 (run), it prints None,
as though it had succeeded perfectly.
Typing in the commands from index.py by hand, I can get
it to give me the "encountered an error; Tell Microsoft?"
box, but IDLE only restarts instead of actually crashing.
There seems to a problem between the __getattr__ and
the __setattr__ in PyMeld.
"""
>>> p=Meld(open('player.html','rb').read())
>>> p.StreamURL1.value
'mss://stream.url'
>>> p.StreamURL2
<PyMeld.Meld instance at 0x00B455F8>
>>> p.StreamURL2.src
'mms://stream.url'
>>> v=Video()
>>> v.stream
's'
>>> p.StreamURL1.value=v.stream
>>> p.StreamURL1.value
>>> ================================
RESTART
================================
>>>
"""
|
|||
| msg24247 - (view) | Author: Jim Jewett (jimjjewett) | Date: 2005-02-11 19:55 | |
Logged In: YES
user_id=764593
__gettattr__ alone can provoke the crash, if used several
times, and on sub-melds.
I can print both StreamURL1 and StreamURL2.
If I ask it for p.StreamURL2.src and p.StreamURL1.value,
it prints whichever one I ask for first, and then crashes on
the second. I did get it to print both (not assign, just
__getattr__) by first getting several other attributes from
p.StreamURL1, including some that didn't exist, so that
there was a raise AttributeError in between. Doing this a
half dozen times, I provoked a MemoryError.
"""
>>> p.StreamURL1.value
'mss://stream.url'
>>> p.StreamURL2.src
Traceback (most recent call last):
File "<pyshell#68>", line 1, in -toplevel-
p.StreamURL2.src
File "C:\Python24\Lib\site-packages\segfault240\PyMeld.
py", line 475, in __getattr__
start = self._findElementFromID(name)
File "C:\Python24\Lib\site-packages\segfault240\PyMeld.
py", line 425, in _findElementFromID
match = _findIDMatch(nodeID, subset)
File "C:\Python24\Lib\site-packages\segfault240\PyMeld.
py", line 282, in _findIDMatch
match = re.search(thisRE, text)
File "C:\Python24\lib\sre.py", line 134, in search
return _compile(pattern, flags).search(string)
MemoryError
>>>
"""
|
|||
| msg24248 - (view) | Author: Kurt B. Kaiser (kbk) * |
Date: 2005-02-20 01:56 | |
Logged In: YES user_id=149084 The restart in IDLE will occur if the subprocess is terminated or segfaults. |
|||
| msg24249 - (view) | Author: Viktor Ferenczi (complex) | Date: 2005-02-22 13:07 | |
Logged In: YES user_id=142612 This bug is a segfault, a real crash using only the stock 2.4.0. It has been reproduced correctly by jimjjewett. It seems to be a regexp related bug. I've changed the category to pass this bug to a regexp expert. Thanks for any help. - Complex |
|||
| msg24250 - (view) | Author: Michael Hudson (mwh) |
Date: 2005-02-22 14:51 | |
Logged In: YES user_id=6656 Well, I still can't make it crash. Can one of you provide a crashing driver script? Better still would be finding which regexp and which input is the problem. (Unless it's a memory-scribble random crasher type bug...) |
|||
| msg24251 - (view) | Author: Viktor Ferenczi (complex) | Date: 2005-02-22 15:19 | |
Logged In: YES user_id=142612 Some additional information and summary: My machine is a 3.0Hz Intel P4 with 1Gbyte memory, without overclocking. I use 2 antivirus (1 active) and 3 antispyware apps + firewall. The memory has been tested for 6 hours with Knoppix's memtest without any error, so my machine can be considered to be stable. The attached script can crash python 2.4.0 at least for me and jumjjewett. Do not run the script from IDLE, since it can hide the segfault. I usually run my scripts from SciTE (see: www.scintilla.org ). The bug can be reproduced on stock Python 2.4.0 (MSI installer). PyMeld is pure python (uses only the standard library), no C extension modules used. I did not test this bug with the latest CVS versions of Python 2.4. Is produces segfault under Linux. I'll try to narrow down this bug for specific regex patterns. |
|||
| msg24252 - (view) | Author: Jim Jewett (jimjjewett) | Date: 2005-02-22 23:58 | |
Logged In: YES user_id=764593 It probably is a memory scribble bug, though it might not be in re. For instance, the __getattr__ and __setattr__ try to do some shortcuts saving position, and they may cause the out- of-bounds. The crashes are very dependent on order. I wasn't kidding when I said it ran fine and printed None if run as a whole, but crashed when the same lines were input one by one. (Which gave idle a chance to do different things with memory in between, and didn't define a function object.) Also note that the second attribute access (even to a previously OK attribute) could cause a crash, unless it had had a chance to clear things up first -- but then it raised a MemoryError, when I almost certainly wasn't yet out of RAM. |
|||
| msg24253 - (view) | Author: Neil Schemenauer (nascheme) * |
Date: 2005-02-24 00:32 | |
Logged In: YES user_id=35752 I can reproduce the crash on my machine if I revert the patch for bug #1072259 (_sre.c 2.110). Here's what gdb says: 0x0810342a in sre_match (state=0xbfffca80, pattern=0x81bfbf2) at ../Modules/_sre.c:854 854 state->mark[j++] = NULL; (gdb) p j $7 = -1209149847 (gdb) p &(state->mark) $8 = (void *(*)[200]) 0xbfffcaa8 (gdb) p &j $9 = (int *) 0xbfffc9c0 Either the bug has been fixed or _sre has been changed enough that the test no longer triggers a crash. |
|||
| msg24254 - (view) | Author: Kurt B. Kaiser (kbk) * |
Date: 2005-02-24 03:24 | |
Logged In: YES user_id=149084 The IDLE subprocess does different things with memory because it's threaded, with one thread minding the sockets and the other executing user code. So I'd stay away from IDLE when working on this. (Also, the debug traces are excessively complex.) |
|||
| msg24255 - (view) | Author: Amaury Forgeot d'Arc (amaury.forgeotdarc) * |
Date: 2005-03-01 11:59 | |
Logged In: YES
user_id=389140
I can reliably reproduce the problem on w2k using 2.4.0,
debug build under Purify.
Here is the testcase (using the files in the attached example):
>>> import re,PyMeld
>>> s=file("player.html").read()
>>> print re.search(PyMeld.openIDTagRE,s)
Applying the patch for bug #1072259 (_sre.c 2.110) causes
the bug to disappear, and Purify does not complain.
I suggest to consider this as a duplicate for bug #1072259
|
|||
| msg24256 - (view) | Author: Neil Schemenauer (nascheme) * |
Date: 2005-03-01 23:16 | |
Logged In: YES user_id=35752 Closed as a duplicate of #1072259. The fix has already been backported to release24-maint. |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2022-04-11 14:56:09 | admin | set | github: 41562 |
| 2005-02-11 00:04:08 | complex | create | |