[issue11845] Refcounting error in compute_slice_indices in rangeobject.c
Daniel Urban
report at bugs.python.org
Thu Apr 14 21:50:48 CEST 2011
New submission from Daniel Urban <urban.dani+py at gmail.com>:
The attached crash.py script reliably crashes the 3.2 and 3.3 interpreter on my machine. The script does a lot of range slicing.
I think there is a typo in compute_slice_indices() in rangeobject.c, in line 475. In line 474 there is an assign to tmp_stop, and on the next line tmp_start is incref'd (I think instead of tmp_stop).
With this patch, the interpreter doesn't crash any more:
diff -r 7563f10275a2 Objects/rangeobject.c
--- a/Objects/rangeobject.c Thu Apr 14 13:20:41 2011 +0800
+++ b/Objects/rangeobject.c Thu Apr 14 21:40:32 2011 +0200
@@ -472,7 +472,7 @@
if (tmp_stop == NULL) goto Fail;
} else {
tmp_stop = r->length;
- Py_INCREF(tmp_start);
+ Py_INCREF(tmp_stop);
}
}
}
----------
components: Interpreter Core
files: crash.py
messages: 133766
nosy: durban, ncoghlan
priority: normal
severity: normal
status: open
title: Refcounting error in compute_slice_indices in rangeobject.c
type: crash
versions: Python 3.2, Python 3.3
Added file: http://bugs.python.org/file21666/crash.py
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue11845>
_______________________________________
More information about the Python-bugs-list
mailing list