New submission from Stefan Krah <stefan-use...@bytereef.org>: I can reproduce this only with gcc-4.4.3, so it could also be a compiler bug. Also, the segfault only occurs when python is compiled with optimizations and run under valgrind.
hg up 2.7 make distclean ./configure make valgrind --suppressions=Misc/valgrind-python.supp ./python >>> s = "-- -- --" >>> s.split('--') ==29273== Invalid read of size 4 ==29273== at 0x456C73: PyObject_Free (obmalloc.c:969) ==29273== by 0x4AD3BD: compiler_unit_free (compile.c:424) ==29273== by 0x4B6785: compiler_mod (compile.c:521) ==29273== by 0x4B69B5: PyAST_Compile (compile.c:289) ==29273== by 0x4CD564: PyRun_InteractiveOneFlags (pythonrun.c:1343) ==29273== by 0x4CD80D: PyRun_InteractiveLoopFlags (pythonrun.c:765) ==29273== by 0x4CDFFA: PyRun_AnyFileExFlags (pythonrun.c:734) ==29273== by 0x4172E9: Py_Main (main.c:599) ==29273== by 0x56F2C4C: (below main) (libc-start.c:226) ==29273== Address 0x61d3020 is not stack'd, malloc'd or (recently) free'd ==29273== ==29273== Invalid read of size 4 ==29273== at 0x456C73: PyObject_Free (obmalloc.c:969) ==29273== by 0x4B6785: compiler_mod (compile.c:521) ==29273== by 0x4B69B5: PyAST_Compile (compile.c:289) ==29273== by 0x4CD564: PyRun_InteractiveOneFlags (pythonrun.c:1343) ==29273== by 0x4CD80D: PyRun_InteractiveLoopFlags (pythonrun.c:765) ==29273== by 0x4CDFFA: PyRun_AnyFileExFlags (pythonrun.c:734) ==29273== by 0x4172E9: Py_Main (main.c:599) ==29273== by 0x56F2C4C: (below main) (libc-start.c:226) ==29273== Address 0x61d3020 is not stack'd, malloc'd or (recently) free'd ==29273== ==29273== Invalid read of size 8 ==29273== at 0x43E5A8: list_print (listobject.c:341) ==29273== by 0x454CAF: internal_print (object.c:315) ==29273== by 0x432128: PyFile_WriteObject (fileobject.c:110) ==29273== by 0x4D3857: sys_displayhook (sysmodule.c:115) ==29273== by 0x41BD66: PyObject_Call (abstract.c:2529) ==29273== by 0x4A4CB2: PyEval_CallObjectWithKeywords (ceval.c:3882) ==29273== by 0x4AA568: PyEval_EvalFrameEx (ceval.c:1739) ==29273== by 0x4ACE90: PyEval_EvalCodeEx (ceval.c:3253) ==29273== by 0x4ACFA1: PyEval_EvalCode (ceval.c:667) ==29273== by 0x4CD57E: PyRun_InteractiveOneFlags (pythonrun.c:1346) ==29273== by 0x4CD80D: PyRun_InteractiveLoopFlags (pythonrun.c:765) ==29273== by 0x4CDFFA: PyRun_AnyFileExFlags (pythonrun.c:734) ==29273== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==29273== ==29273== ==29273== Process terminating with default action of signal 11 (SIGSEGV) ==29273== Access not within mapped region at address 0x0 ==29273== at 0x43E5A8: list_print (listobject.c:341) ==29273== by 0x454CAF: internal_print (object.c:315) ==29273== by 0x432128: PyFile_WriteObject (fileobject.c:110) ==29273== by 0x4D3857: sys_displayhook (sysmodule.c:115) ==29273== by 0x41BD66: PyObject_Call (abstract.c:2529) ==29273== by 0x4A4CB2: PyEval_CallObjectWithKeywords (ceval.c:3882) ==29273== by 0x4AA568: PyEval_EvalFrameEx (ceval.c:1739) ==29273== by 0x4ACE90: PyEval_EvalCodeEx (ceval.c:3253) ==29273== by 0x4ACFA1: PyEval_EvalCode (ceval.c:667) ==29273== by 0x4CD57E: PyRun_InteractiveOneFlags (pythonrun.c:1346) ==29273== by 0x4CD80D: PyRun_InteractiveLoopFlags (pythonrun.c:765) ==29273== by 0x4CDFFA: PyRun_AnyFileExFlags (pythonrun.c:734) ==29273== If you believe this happened as a result of a stack ==29273== overflow in your program's main thread (unlikely but ==29273== possible), you can try to increase the size of the ==29273== main thread stack using the --main-stacksize= flag. ==29273== The main thread stack size used in this run was 8388608. [''==29273== ==29273== HEAP SUMMARY: ==29273== in use at exit: 2,198,606 bytes in 1,256 blocks ==29273== total heap usage: 7,315 allocs, 6,059 frees, 7,364,086 bytes allocated ==29273== ==29273== LEAK SUMMARY: ==29273== definitely lost: 0 bytes in 0 blocks ==29273== indirectly lost: 0 bytes in 0 blocks ==29273== possibly lost: 641,033 bytes in 353 blocks ==29273== still reachable: 1,557,541 bytes in 902 blocks ==29273== suppressed: 32 bytes in 1 blocks ==29273== Rerun with --leak-check=full to see details of leaked memory ==29273== ==29273== For counts of detected and suppressed errors, rerun with: -v ==29273== Use --track-origins=yes to see where uninitialised values come from ==29273== ERROR SUMMARY: 416 errors from 28 contexts (suppressed: 13 from 7) Segmentation fault ---------- components: Interpreter Core messages: 135098 nosy: skrah priority: normal severity: normal status: open title: [2.7/gcc-4.4.3] Segfault under valgrind in string.split() type: crash versions: Python 2.7 _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue11994> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com