Message 155027 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	Jim.Jewett
Recipients	Jim.Jewett, Mark.Shannon, gvanrossum, python-dev, rhettinger, vstinner
Date	2012-03-06.17:43:09
SpamBayes Score	8.542678e-11
Marked as misclassified	No
Message-id	<CA+OGgf5SpDT7xnbS+xZ1F=qRE2s7jBxK3gPSVruNzLdbiTfokA@mail.gmail.com>
In-reply-to	<4F5641BE.40301@hotpy.org>

Content
On Tue, Mar 6, 2012 at 11:56 AM, Mark Shannon wrote: > Jim Jewett: >> Can't this be triggered by non-malicious code that just happened >> to have a python comparison and get hit with a thread switch? > So, they are writing to a dict in one thread while reading from the > same dict in another thread, without any external locks and with > keys written in Python. Correct. For example, it could be a configuration manager, or a cache, or even a worklist. If they're just adding new keys, or even deleting other (==> NOT the one being looked up) keys, why should that keep them from finding the existing, unchanged keys? >> I'm not sure how often it happens, but today it would not be visible >> to the user; after the patch, users will see a sporadic failure that >> they can't easily defend against. > I suspect, they are already seeing sporadic failures. How? The chain terminates as soon as the dict doesn't resize; without malicious intent, the odds of hitting several resizes in a row are so miniscule that it probably hasn't even slowed them down.

On Tue, Mar 6, 2012 at 11:56 AM, Mark Shannon wrote:

> Jim Jewett:
>> Can't this be triggered by non-malicious code that just happened
>> to have a python comparison and get hit with a thread switch?

> So, they are writing to a dict in one thread while reading from the
> same dict in another thread, without any external locks and with
> keys written in Python.

Correct.  For example, it could be a configuration manager, or a
cache, or even a worklist.  If they're just adding new keys, or even
deleting other (==> NOT the one being looked up) keys, why should that
keep them from finding the existing, unchanged keys?

>> I'm not sure how often it happens, but today it would not be visible
>> to the user; after the patch, users will see a sporadic failure that
>> they can't easily defend against.

> I suspect, they are already seeing sporadic failures.

How?

The chain terminates as soon as the dict doesn't resize; without
malicious intent, the odds of hitting several resizes in a row are so
miniscule that it probably hasn't even slowed them down.

History
Date	User	Action	Args
2012-03-06 17:43:11	Jim.Jewett	set	recipients: + Jim.Jewett, gvanrossum, rhettinger, vstinner, Mark.Shannon, python-dev
2012-03-06 17:43:10	Jim.Jewett	link	issue14205 messages
2012-03-06 17:43:09	Jim.Jewett	create