Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Python: Bugs

[issue9751] _PyInstance_Lookup() defeats its purpose

  

 
Python bugs RSS feed   Index | Next | Previous | View Threaded


report at bugs

May 9, 2012, 2:56 AM

Post #1 of 3 (42 views)
Permalink
[issue9751] _PyInstance_Lookup() defeats its purpose
Ezio Melotti <ezio.melotti [at] gmail> added the comment:

I tracked this down a bit and this is what I found:
has_finalizer in Modules/gcmodule.c calls
return _PyInstance_Lookup(op, delstr) != NULL;
_PyInstance_Lookup in Modules/classobject.c calls
v = class_lookup(inst->in_class, name, &klass);
where inst is (PyInstanceObject *)op;
class_lookup in Modules/classobject.c eventually calls
PyObject *value = PyDict_GetItem(cp->cl_dict, name);
where cp is (PyClassObject *)inst->in_class
and since cp is not a valid pointer, cp->cl_dict results in the segfault after a few recursive calls of class_lookup.

Confirmed that this only affects 2.7.

----------
nosy: +ezio.melotti

_______________________________________
Python tracker <report [at] bugs>
<http://bugs.python.org/issue9751>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/list-python-bugs%40lists.gossamer-threads.com


report at bugs

May 9, 2012, 3:19 AM

Post #2 of 3 (40 views)
Permalink
[issue9751] _PyInstance_Lookup() defeats its purpose [In reply to]
Antoine Pitrou <pitrou [at] free> added the comment:

Well, I don't think there's any point in trying to fixing this now.

----------
nosy: +pitrou

_______________________________________
Python tracker <report [at] bugs>
<http://bugs.python.org/issue9751>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/list-python-bugs%40lists.gossamer-threads.com


report at bugs

May 9, 2012, 12:31 PM

Post #3 of 3 (35 views)
Permalink
[issue9751] _PyInstance_Lookup() defeats its purpose [In reply to]
Armin Rigo <arigo [at] users> added the comment:

Unlike other crashers I'm a bit concerned about this one. It can occur on any code that stores custom instances as keys in the __dict__ of an old-style instance. Such code might be unusual-looking, but certainly not unheard-of. And the segfault that we get then is very rare and impossible to reproduce in practice because it depends on when exactly the GC is running and on the low bits of hashes colliding.

----------

_______________________________________
Python tracker <report [at] bugs>
<http://bugs.python.org/issue9751>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/list-python-bugs%40lists.gossamer-threads.com

Python bugs RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.