[Python-Dev] segfaults due to hash randomization in C OrderedDict (original) (raw)

Eric Snow ericsnowcurrently at gmail.com
Thu May 21 23:52:52 CEST 2015

Good catch. Unfortunately, sticking "keys = ((PyDictObject *)od)->ma_keys;" right after "hash = ..." did not make a difference. I still get the same segfault.

-eric

On Thu, May 21, 2015 at 11:17 AM, MRAB <python at mrabarnett.plus.com> wrote:

On 2015-05-21 15:55, Eric Snow wrote:

(see http://bugs.python.org/issue16991) I an working on resolving an intermittent segfault that my C OrderedDict patch introduces. The failure happens in testconfigparser (RawConfigParser uses OrderedDict internally), but only sporadically. However, Ned pointed out to me that it appears to be related to hash randomization, which I have verified. I'm looking into it. In the meantime, here's a specific question. What would lead to the pattern of failures I'm seeing? I've verified that the segfault happens consistently for certain hash randomization seeds and never for the rest. I don't immediately recognize the pattern but expect that it would shed some light on where the problem lies. I ran the following command with the OrderedDict patch applied: for i in seq 1 100; do echo i;PYTHONHASHSEED=i; PYTHONHASHSEED=i;PYTHONHASHSEED=i ./python -m test.regrtest -m testbasic testconfigparser ; done Through 100 I get segfaults with seeds of 7, 15, 35, 37, 39, 40, 42, 47, 50, 66, 67, 85, 87, 88, and 92. I expect the distribution across all seeds is uniform, but I haven't verified that. Thoughts? In "odictgetindex", for example (there are others), you're caching "makeys": PyDictKeysObject *keys = ((PyDictObject *)od)->makeys; If it resizes, you go back to the label "start", which is after that line, but could "makeys" change when it's resized?

Python-Dev mailing list Python-Dev at python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/ericsnowcurrently%40gmail.com

More information about the Python-Dev mailing list