classification
Title: 200000 indexes crashes eval and python (without eval)
Type: crash Stage: resolved
Components: Interpreter Core Versions: Python 2.7
process
Status: closed Resolution: duplicate
Dependencies: Superseder: stack overflow evaluating eval("()" * 30000)
View: 5765
Assigned To: Nosy List: benjamin.peterson, brett.cannon, george-shuklin, mark.dickinson, ncoghlan, serhiy.storchaka, terry.reedy, yselivanov
Priority: normal Keywords:

Created on 2017-06-22 12:43 by george-shuklin, last changed 2017-06-26 03:49 by ncoghlan. This issue is now closed.

Files
File name Uploaded Description Edit
bad_python.py.gz george-shuklin, 2017-06-22 12:43 Example of code to crash python2 interpretator
Messages (6)
msg296626 - (view) Author: George Shuklin (george-shuklin) Date: 2017-06-22 12:43
If there is too many indexes python crashes:

a[0][0][0][0]....

segfault at 7ffd25fe6ff8 ip 0000564528c8cfe6 sp 00007ffd25fe7000 error 6 in python2.7[564528b6a000+324000]

code to generate code:

>>> i="[0]"*200000
>>> file('/tmp/bad_python.py','w').write('a=[]\na.append(a)\nprint(type(a'+i+'))\n')

python2 /tmp/bad_python.py 
Segmentation fault (core dumped)

python3 /tmp/bad_python.py 
RecursionError: maximum recursion depth exceeded during compilation

Just in case I upload generated code.

This bug affects both eval() function and python interpreter.
msg296731 - (view) Author: Terry J. Reedy (terry.reedy) * (Python committer) Date: 2017-06-23 17:51
To be clear, as the title and version suggest, the bug is the 2.7 segfault versus the 3.x exception during compile.  It is normal for the compiler to have limits and to exit when they are exceeded.

I have no idea if the 3.x code can be backported.  I added ast/compiler experts to the nosy list.
msg296830 - (view) Author: Mark Dickinson (mark.dickinson) * (Python committer) Date: 2017-06-25 17:03
Looks like a duplicate of http://bugs.python.org/issue7985
msg296831 - (view) Author: Serhiy Storchaka (serhiy.storchaka) * (Python committer) Date: 2017-06-25 17:56
Which is a duplicate of issue5765 fixed for Python 3.3+. It was decided to not fix issue5765 for 2.7.
msg296833 - (view) Author: George Shuklin (george-shuklin) Date: 2017-06-25 17:59
Unfixed crash of code interpreter? This is sad.
msg296842 - (view) Author: Nick Coghlan (ncoghlan) * (Python committer) Date: 2017-06-26 03:49
We have quite a few of them: https://github.com/python/cpython/tree/master/Lib/test/crashers

Python 2.7 is ancient, so our tolerance for intrusive interpreter level fixes to address rare problems that are easy to avoid at the development level is pretty low.

Fixing those kinds of problems in Python 3.x is encouraged, but still not necessarily easy.
History
Date User Action Args
2017-06-26 03:49:19ncoghlansetmessages: + msg296842
2017-06-25 17:59:59george-shuklinsetmessages: + msg296833
2017-06-25 17:56:38serhiy.storchakasetstatus: open -> closed

superseder: stack overflow evaluating eval("()" * 30000)

nosy: + serhiy.storchaka
messages: + msg296831
resolution: duplicate
stage: resolved
2017-06-25 17:03:54mark.dickinsonsetnosy: + mark.dickinson
messages: + msg296830
2017-06-23 17:51:30terry.reedysetnosy: + terry.reedy, brett.cannon, ncoghlan, yselivanov, benjamin.peterson
messages: + msg296731
2017-06-22 12:43:13george-shuklincreate