New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Garbage Collector can cause Segfault whilst iterating dictionary items #74669
Comments
We discovered this issue whilst using h5py (HDF5 python library) under python 3.5.2 on Ubuntu 16.04.2 x86_64. The construct used is very dubious, and I will separately be raising an issue with the h5py team. However I thought you might like to know there is a possible way to cause a segmentation violation using pure python. There appears to be a new implementation of dictionaries in 3.6 vs 3.5, so I compiled up 3.6.1 and it also segfaults, but not so obviously related to the dictionary iteration (both stack traces are included below). Regards, Jim. -------- $ cat segfault.py
#!/usr/bin/python3 class CyclicObject:
def __init__(self, key, register):
self.key = key
self.self = self
self.register = register
self.register[self.key] = None
def __del__(self):
del self.register[self.key]
while True:
register = { }
objs = set([CyclicObject(i, register) for i in range(10000)])
while len(objs) > 0:
objs.remove(next(iter(objs)))
-------- $ python3 --version
Python 3.5.2
$ gdb --args python3 segfault.py
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.04) 7.11.1 (gdb) r Program received signal SIGSEGV, Segmentation fault. (gdb) bt -------- $ ./python --version
Python 3.6.1
$ gdb --args ./python ./segfault.py
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.04) 7.11.1 (gdb) r Program received signal SIGSEGV, Segmentation fault. (gdb) bt |
I could reproduce this on 3.4, but not on 3.3, 2.7, or master. |
Hi Jelle, I think you're right about master; it looks like this very recent change: could have fixed the issue, but I didn't find it whilst doing my original investigation of the issue on our side. |
3.4 is open only for security fixes. Can this crash be considered a security issue? In that case I can backport the bpo-27945 patch to 3.4. |
Larry, does it worth to fix this issue in 3.4? |
Yes, and thank you for submitting the PR to backport it to 3.4! (And thank you for backporting it to 3.3, too!) |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: