mmap.move crashes by integer overflow. See
http://www.nabble.com/Segv-in-mmap.move()-td18617044.html

import mmap
data = mmap.mmap(-1, 1)
data.move(1,1,-1) # crash

Maybe mmap.move should use Py_ssize_t and raise
IndexError(OverflowError?) for negative value.

The patch is in r69943.

I tried r69943 on coLinux, and I got compile error "max is not defined".
Here is updated patch.

Here is a more verbose patch.  It checks to see if the first two
arguments stand-alone as well.  It also updates NEWS and ACKs and adds
some assertRaises for various bounds checks.

Well, I think your patch has some issues.

>>> import mmap
>>> m = mmap.mmap(-1, 10)
>>> m.move(10, 10, 0) # legal, should not fail
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ValueError: source out of range
>>> m.move(9, 9, -1) # should not crash
(crash)

I hesitated to commit my patch because mmap.move is using unsigned long,
but I thought it should use size_t or Py_ssize_t (If mmap should
represent total memory area, it may have to use size_t, but maybe it
should use Py_ssize_t as well as other python modules like string)

Anyway, I'll commit my patch before Python2.6.2 will be released. Crash
is not good thing for any time. :-)

Committed in r70800(trunk), r70803(release26-maint), r70808(py3k),
r70811(release30-maint).

running a fresh 2.7 trunk
>>> a
<mmap.mmap object at 0xb7d9f9c0>
>>> a.move(-1, -1, -1
... )
Segmentation fault
jack@sprat:~/src/python-rw$ ./python 
Python 2.7a0 (trunk:70847M, Mar 31 2009, 14:14:31) 
[GCC 4.3.2] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import mmap
>>> a = mmap.mmap(-1, 1000)
>>> a.move(0, 0, 0)
>>> a.move(-1, -1, 1)
Segmentation fault

Yes, you are right... My patch was not correct neigher. :-(
Here is revised patch.

Looks good.  Attached is a more thorough test_mmap.py patch that would
have found the bugs in both our patches ;)

I've committed your test with some modification. (r70879) Thanks!