I am testing Python libraries in Fedora Linux 45 with Python 3.15 and have encountered a segmentation fault with python-zlib-ng.
This issue comes when running test_badcompresscopy, and it's related to how zlib_Compress_copy works.
In case initialization fails, goto error is executed:
|
if (!self->is_initialised) { |
|
PyErr_SetString(PyExc_ValueError, "Cannot copy flushed objects."); |
|
goto error; |
That, as a first thing, calls LEAVE_ZLIB, which substitutes PyThread_release_lock((obj)->lock);
|
error: |
|
LEAVE_ZLIB(self); |
|
Py_XDECREF(return_value); |
|
return NULL; |
This, however, cannot be successful, because the thread wasn't acquired in the first place: ENTER_ZLIB is called AFTER the initialization check, on line 810:
This happens with Python 3.15 and not before, because the implementation of PyThread_release_lock has changed to use PyMutex objects, which apparently behaves differently, aborting entirely: python/cpython#134745
To fix this, the goto error part could be replaced with just the decref and return, without the LEAVE_ZLIB part.
- goto error;
+ Py_DECREF(return_value);
+ return NULL;
I have verified the fix works in my testing environment (the tests passes, package relying on this one also builds). I can submit it if you deem it correct for the issue.
Minimal reproducer:
import copy
from zlib_ng import zlib_ng
c = zlib_ng.compressobj()
c.compress(b"x")
c.flush()
copy.copy(c)
When run with Python 3.14 it raises ValueError: Cannot copy flushed objects., with Python 3.15 it's a segmentation fault.
I am testing Python libraries in Fedora Linux 45 with Python 3.15 and have encountered a segmentation fault with python-zlib-ng.
This issue comes when running
test_badcompresscopy, and it's related to howzlib_Compress_copyworks.In case initialization fails,
goto erroris executed:python-zlib-ng/src/zlib_ng/zlib_ngmodule.c
Lines 802 to 804 in 07c7f5f
That, as a first thing, calls
LEAVE_ZLIB, which substitutesPyThread_release_lock((obj)->lock);python-zlib-ng/src/zlib_ng/zlib_ngmodule.c
Lines 840 to 843 in 07c7f5f
This, however, cannot be successful, because the thread wasn't acquired in the first place:
ENTER_ZLIBis called AFTER the initialization check, on line 810:python-zlib-ng/src/zlib_ng/zlib_ngmodule.c
Line 810 in 07c7f5f
This happens with Python 3.15 and not before, because the implementation of
PyThread_release_lockhas changed to usePyMutexobjects, which apparently behaves differently, aborting entirely: python/cpython#134745To fix this, the
goto errorpart could be replaced with just the decref and return, without theLEAVE_ZLIBpart.I have verified the fix works in my testing environment (the tests passes, package relying on this one also builds). I can submit it if you deem it correct for the issue.
Minimal reproducer:
When run with Python 3.14 it raises
ValueError: Cannot copy flushed objects., with Python 3.15 it's a segmentation fault.