New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pickle segfault with infinite loop in __getattr__ #47764
Comments
I found a segfault in pickle.load when you overload __getattr__ and ########################################
import pickle
class Foo:
def __getattr__(self, key):
self.foo
with open('foo.db', 'wb') as f:
foo = Foo()
pickle.dump(foo, f)
with open('foo.db', 'rb') as f:
pickle.load(f)
######################################## This results in this stack trace on my mac: Reason: KERN_PROTECTION_FAILURE at address: 0x0000000c It seems that this isn't just for infinite loops. If you replace the class Foo:
def __init__(self):
self.foo = {}
def __getattr__(self, key):
self.foo[5] It still errors out. So I'm guessing pickle is just not handling |
Does this occur in 2.6 or 2.5? |
It doesn't in python 2.5. The RuntimeError manages to get printed out. ########################
import pickle
class Foo:
def __getattr__(self, key):
self.foo
f = open('foo.db', 'w')
foo = Foo()
pickle.dump(foo, f)
f.close()
f = open('foo.db', 'r')
pickle.load(f)
f.close()
######################## This also happens with cPickle. |
This is a bug in the C implementation of pickle (i.e., the _pickle static int
load_build(UnpicklerObject *self)
{
...
setstate = PyObject_GetAttrString(inst, "__setstate__");
if (setstate == NULL && PyErr_ExceptionMatches(PyExc_AttributeError)) {
PyErr_Clear();
}
/*---missing else-if case---------
else if (setstate == NULL) {
return NULL;
}
----------------------------------*/
else {
PyObject *result;
/* The explicit __setstate__ is responsible for everything. */
result = unpickler_call(self, setstate, state);
Py_DECREF(setstate);
if (result == NULL)
return -1;
Py_DECREF(result);
return 0;
}
... |
Good find Alexandre! Can you work up a patch? Would be even better if |
Committed fix in r65689. Thanks! |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: