-
-
Notifications
You must be signed in to change notification settings - Fork 30.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
gh-102701: Fix overflow in dictobject.c #102750
Conversation
methane
commented
Mar 16, 2023
•
edited by bedevere-bot
Loading
edited by bedevere-bot
- Issue: dict() resize failure #102701
The change looks good, but it will need a test and a machine large enough to test it on. |
I used GCP n2d-standard-16 (64GiB RAM):
|
@@ -596,7 +596,7 @@ new_keys_object(PyInterpreterState *interp, uint8_t log2_size, bool unicode) | |||
|
|||
assert(log2_size >= PyDict_LOG_MINSIZE); | |||
|
|||
usable = USABLE_FRACTION(1<<log2_size); | |||
usable = USABLE_FRACTION((size_t)1<<log2_size); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am asking for my curiosity(to become familiar with cpython); How does casting the result of 1<<log2_size
to size_t
fix the overflow in the dict?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1 is int. And int is 32bit on most platforms. So 1 << 32 will overflow.
Here is example:
$ cat x.c
#include <stdio.h>
#include <stdlib.h>
#define USABLE_FRACTION(n) (((n) << 1)/3)
int main() {
size_t x = USABLE_FRACTION(1 << 31);
size_t y = USABLE_FRACTION((size_t)1 << 31);
printf("x=%zd y=%zd\n", x, y);
}
$ gcc x.c && ./a.out
x.c:7:16: warning: shifting a negative signed value is undefined [-Wshift-negative-value]
size_t x = USABLE_FRACTION(1 << 31);
^~~~~~~~~~~~~~~~~~~~~~~~
x.c:4:34: note: expanded from macro 'USABLE_FRACTION'
#define USABLE_FRACTION(n) (((n) << 1)/3)
~~~ ^
1 warning generated.
x=0 y=1431655765
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
Thanks @methane for the PR 🌮🎉.. I'm working now to backport this PR to: 3.11. |
GH-102777 is a backport of this pull request to the 3.11 branch. |
(cherry picked from commit 65fb7c4) Co-authored-by: Inada Naoki <[email protected]>
(cherry picked from commit 65fb7c4) Co-authored-by: Inada Naoki <[email protected]>
* main: (34 commits) pythongh-102701: Fix overflow in dictobject.c (pythonGH-102750) pythonGH-78530: add support for generators in `asyncio.wait` (python#102761) Increase stack reserve size for Windows debug builds to avoid test crashes (pythonGH-102764) pythongh-102755: Add PyErr_DisplayException(exc) (python#102756) Fix outdated note about 'int' rounding or truncating (python#102736) pythongh-102192: Replace PyErr_Fetch/Restore etc by more efficient alternatives (python#102760) pythongh-99726: Improves correctness of stat results for Windows, and uses faster API when available (pythonGH-102149) pythongh-102192: remove redundant exception fields from ssl module socket (python#102466) pythongh-102192: Replace PyErr_Fetch/Restore etc by more efficient alternatives (python#102743) pythongh-102737: Un-ignore ceval.c in the CI globals check (pythongh-102745) pythonGH-102748: remove legacy support for generator based coroutines from `asyncio.iscoroutine` (python#102749) pythongh-102721: Improve coverage of `_collections_abc._CallableGenericAlias` (python#102722) pythonGH-102653: Make recipe docstring show the correct distribution (python#102742) Add comments to `{typing,_collections_abc}._type_repr` about each other (python#102752) pythongh-102594: PyErr_SetObject adds note to exception raised on normalization error (python#102675) pythongh-94440: Fix issue of ProcessPoolExecutor shutdown hanging (python#94468) pythonGH-100112: avoid using iterable coroutines in asyncio internally (python#100128) pythongh-102690: Use Edge as fallback in webbrowser instead of IE (python#102691) pythongh-102660: Fix Refleaks in import.c (python#102744) pythongh-102738: remove from cases generator the code related to register instructions (python#102739) ...