classification
Title: _Py_ForgetReference crash when called from _PyUnicode_New on MemoryError
Type: crash Stage:
Components: Versions: Python 2.6
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: gregory.p.smith Nosy List: gregory.p.smith, pitrou
Priority: normal Keywords:

Created on 2008-04-14 02:56 by gregory.p.smith, last changed 2008-08-19 20:12 by gregory.p.smith. This issue is now closed.

Messages (3)
msg65456 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2008-04-14 02:56
In _PyUnicode_New() a unicode object is taken from the freelist but if
the unicode_resize() call fails and returns -1, the goto onerror calls
_Py_ForgetReference on the unicode object... But it has NULL _ob_prev
and _ob_next values causing a crash when they're used.

How to reproduce:

* Make a 32-bit --with-pydebug build of Python trunk.
* Run it on a machine with lots of ram (at least 3gigs recommended, or
lots of swap and a heap of patience):

./python
Python 2.6a2+ (trunk:62336M, Apr 13 2008, 18:51:30)
>>> msg = 'A'*2000111222
>>> x = msg.decode('utf8')

It segmentation faults in _Py_ForgetReference.
msg71442 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2008-08-19 16:16
This should has been fixed by Amaury as part of another patch (the one
which is tested for in test_raiseMemError).
Could you try again?
msg71475 - (view) Author: Gregory P. Smith (gregory.p.smith) * (Python committer) Date: 2008-08-19 20:12
Verified fixed.

Python 2.6b2+ (trunk:65871, Aug 19 2008, 13:10:07)
>>> msg = 'A'*2000111222
[12389 refs]
>>> x = msg.decode('utf8')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/local/google/home/gps/python/trunk/Lib/encodings/utf_8.py",
line 16, in decode
    return codecs.utf_8_decode(input, errors, True)
MemoryError
[12431 refs]
History
Date User Action Args
2008-08-19 20:12:11gregory.p.smithsetstatus: open -> closed
priority: normal
messages: + msg71475
resolution: fixed
assignee: gregory.p.smith
2008-08-19 16:16:36pitrousetnosy: + pitrou
messages: + msg71442
2008-04-14 02:56:08gregory.p.smithcreate