notes from Ken

I’ve recently started moving my linux box to a new x86_64 machine running Ubuntu 7.10. I searched for references to this bug but didn’t find anything with Google or launchpad, so I wanted to make a note of it so future victims can see what is going on and to remind me to report it.

The symptom is a crash when your cdb object is deallocated usually with a “double-free” memory corruption error message. Assuming a .cdb file named “foo.cdb”, the following script will repro the bug:

#!/usr/bin/python
import cdb
c = cdb.init(’foo.cdb’)
del c

with the following message:

fox@hercules:~$ python cdbrepro.py
*** glibc detected *** python: free(): invalid pointer: 0×00002b56c25bd750 ***
======= Backtrace: =========
/lib/libc.so.6[0×2b56c300ab0a]
/lib/libc.so.6(cfree+0×8c)[0×2b56c300e6fc]
python(PyDict_DelItem+0xfa)[0×44370a]
python(PyEval_EvalFrameEx+0×2e40)[0×485140]
python(PyEval_EvalCodeEx+0×830)[0×489d60]
python(PyEval_EvalCode+0×32)[0×489da2]
python(PyRun_FileExFlags+0×10e)[0×4ab4fe]
[…]
Aborted (core dumped)

Some other searching suggests that python-cdb’s use of PyMem_DEL is no longer recommended. I haven’t verified that this doesn’t cause other problems, but replacing cdbmodule.c’s use of PyMem_DEL with PyObject_Del (and the PyObject_NEW with _New, to use consistent naming).

As soon as Ubuntu’s bug tracker (launchpad) works again for me I’ll report the bug. Launchpad is timing out with an error message for me now.

This entry was posted on Wednesday, October 24th, 2007 at 5:59 pm and is filed under Programming, Python. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.