[Zope-dev] Zope 2.4 crashes -- possible fix identified, other solutions also suggested
Matthew T. Kromer
matt@zope.com
Fri, 14 Dec 2001 15:07:58 -0500
We've found a problem in the restricted python compiler on Python 2.1
which can significantly undercalculate the stack size of a dynamically
generated python code object (such as those used for DTML and Python
scripts in Zope).
What that means is that when such an object overflows its stack, it
begins clobbering things in memory. As the amount of entropy in the
system increases, it heads for a crash.
We've got a patch into the Zope 2.4 branch and 2.5 branch which corrects
a large number of misestimations (although we believe there are a few
cases yet unhandled) and has resulted in a "fix" for our test case
reproducing the problem.
You can download an "on-the-fly" tarball from our cvs.zope.org server,
the URL for this is
http://cvs.zope.org/Zope/Zope.tar.gz?tarball=1&only_with_tag=Zope-2_4-branch
We intend on integrating a few further refinements early next week and
putting out an official release at that time; however, applying the new
code earlier may significantly reduce your exposure to the bug.
Also, we believe that anyone using Python 2.1 with garbage collection
turned on should recompile Python to turn off garbage collection, using
the flags --without-pymalloc and --without-cycle-gc to avoid additional
exposures caused by these options.
We are evaluating a modification at this time to z2.py which would also
disable garbage collection if it is enabled; users who cannot rebuild
Python could modify z2.py to include the additonal lines
import gc
gc.disable()
to disable garbage collection at runtime.