[Python-bugs-list] [Bug #111667] unicode core dump

noreply@sourceforge.net noreply@sourceforge.net
Mon, 14 Aug 2000 04:14:05 -0700 

Bug #111667, was updated on 2000-Aug-11 04:38
Here is a current snapshot of the bug.

Project: Python
Category: Core
Status: Open
Resolution: None
Bug Group: None
Priority: 5
Summary: unicode core dump

Details: This two-liner faults inside PyUnicode_EncodeRawUnicodeEscape

>>> import cPickle
>>> cPickle.dumps(u'')


Follow-Ups:

Date: 2000-Aug-11 05:42
By: lemburg

Comment:
On which platform do you get this seg fault ?
FYI, I can reproduce it on Linux, but the gdb stack
trace doesn't really show any hint as to what is
failing... could be a compiler optimization bug.

-------------------------------------------------------

Date: 2000-Aug-11 06:41
By: none

Comment:
Seen on RedHat 6.2 and NT. Its VC6 that gives the helpful call stack.

Ive done a little digging - the failing scenario is:

1. PyUnicode_EncodeRawUnicodeEscape uses PyString_FromStringAndSize
2. Sometimes PyString_FromStringAndSize will return a non-unique string
3. PyUnicode_EncodeRawUnicodeEscape sometimes modifies the shared string, which is not good but not the cause of this problem.
4. _PyString_Resize will fail given a non-unique string. In this case it assigns NULL to the value pointed to by its first parameter.
5. The Py_DECREF just after the onError faults because its parameter is NULL



-------------------------------------------------------

Date: 2000-Aug-14 04:04
By: lemburg

Comment:
Assigned to myself for better visibility.
-------------------------------------------------------

Date: 2000-Aug-14 04:14
By: lemburg

Comment:
Thanks for the analysis. You are right: PyString_FromStringAndSize()
will return a shared copy in case the size parameter is 0.

_PyString_Resize() should probably include a check to prevent resizing
shared strings, but for now I'll simply checkin a patch for the Unicode
object which covers all instances of the problem.

Thanks.
-------------------------------------------------------

For detailed info, follow this link:
http://sourceforge.net/bugs/?func=detailbug&bug_id=111667&group_id=5470