[Python-Dev] segfaults due to hash randomization in C OrderedDict
MRAB
python at mrabarnett.plus.com
Fri May 22 00:06:25 CEST 2015
On 2015-05-21 22:52, Eric Snow wrote:
> Good catch. Unfortunately, sticking "keys = ((PyDictObject
> *)od)->ma_keys;" right after "hash = ..." did not make a difference.
> I still get the same segfault.
So, does it change sometimes?
>
> On Thu, May 21, 2015 at 11:17 AM, MRAB <python at mrabarnett.plus.com>
wrote:
> > On 2015-05-21 15:55, Eric Snow wrote:
> >>
> >> (see http://bugs.python.org/issue16991)
> >>
> >> I an working on resolving an intermittent segfault that my C
> >> OrderedDict patch introduces. The failure happens in
> >> test_configparser (RawConfigParser uses OrderedDict internally), but
> >> only sporadically. However, Ned pointed out to me that it appears to
> >> be related to hash randomization, which I have verified. I'm looking
> >> into it.
> >>
> >> In the meantime, here's a specific question. What would lead to the
> >> pattern of failures I'm seeing? I've verified that the segfault
> >> happens consistently for certain hash randomization seeds and never
> >> for the rest. I don't immediately recognize the pattern but expect
> >> that it would shed some light on where the problem lies. I ran the
> >> following command with the OrderedDict patch applied:
> >>
> >> for i in `seq 1 100`; do echo $i; PYTHONHASHSEED=$i ./python -m
> >> test.regrtest -m test_basic test_configparser ; done
> >>
> >> Through 100 I get segfaults with seeds of 7, 15, 35, 37, 39, 40, 42,
> >> 47, 50, 66, 67, 85, 87, 88, and 92. I expect the distribution across
> >> all seeds is uniform, but I haven't verified that.
> >>
> >> Thoughts?
> >>
> > In "_odict_get_index", for example (there are others), you're caching
> > "ma_keys":
> >
> > PyDictKeysObject *keys = ((PyDictObject *)od)->ma_keys;
> >
> > If it resizes, you go back to the label "start", which is after that
> > line, but could "ma_keys" change when it's resized?
> >
More information about the Python-Dev
mailing list