[Python-Dev] Worse news

Thomas Wouters thomas@xs4all.net
Mon, 22 Jan 2001 23:13:29 +0100


On Mon, Jan 22, 2001 at 07:00:57AM -0800, Neil Schemenauer wrote:
> Perhaps this will help somone track down the bug:

> [running test_extcall...]
> unbound method method() must be called with instance as first argument
> unbound method method() must be called with instance as first argument
> 
> Program received signal SIGSEGV, Segmentation fault.
> symtable_params (st=0x429bafd0, n=0x42a3ffd7) at Python/compile.c:4330
> 4330                    if (TYPE(c) == DOUBLESTAR) {
> (gdb) l
> 4325                            symtable_add_def(st, STR(CHILD(n, i)), 
> 4326                                             DEF_PARAM | DEF_STAR);
> 4327                            i += 2;
> 4328                            c = CHILD(n, i);
> 4329                    }
> 4330                    if (TYPE(c) == DOUBLESTAR) {
> 4331                            i++;
> 4332                            symtable_add_def(st, STR(CHILD(n, i)), 
> 4333                                             DEF_PARAM | DEF_DOUBLESTAR);
> 4334                    }

> (gdb) p c
> $3 = (node *) 0x42a43fff
> (gdb) p *c
> $4 = {n_type = 0, n_str = 0x0, n_lineno = 0, n_nchildren = 0, n_child = 0x0}
> (gdb) p n
> $5 = (node *) 0x42a3ffd7
> (gdb) p *n
> $6 = {n_type = 261, n_str = 0x0, n_lineno = 1, n_nchildren = 2, 
>   n_child = 0x42a43fc3}

n_child is 0x42a43fc3. That's n_child[0]. 0x42a43fff is the child being
handled now. That would be n_child[3] (0x42a43fff - 0x42a3ffd7 == 60, a
struct node is 20 bytes.) But n_children is 2, so it's an off-by-two error
somewhere -- and look, there's a "i += 2' right above it ! It *looks* like
this code will blow up whenever you use '*eggs' without '**spam' in a
funtion definition. That's a fairly wild guess, but it's worth a try. Try
this patch:

Index: Python/compile.c
===================================================================
RCS file: /cvsroot/python/python/dist/src/Python/compile.c,v
retrieving revision 2.148
diff -c -c -r2.148 compile.c
*** Python/compile.c    2001/01/22 04:35:57     2.148
--- Python/compile.c    2001/01/22 22:12:31
***************
*** 4324,4329 ****
--- 4324,4331 ----
                        i++;
                        symtable_add_def(st, STR(CHILD(n, i)), 
                                         DEF_PARAM | DEF_STAR);
+                       if (NCH(n) <= i+2)
+                               return;
                        i += 2;
                        c = CHILD(n, i);
                }


-- 
Thomas Wouters <thomas@xs4all.net>

Hi! I'm a .signature virus! copy me into your .signature file to help me spread!