[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Pablo Galindo Salgado added the comment: We may need to revert these commits and do another release sigh :( -- ___ Python tracker ___

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Pablo Galindo Salgado added the comment: This is problematic because this has been backported to stable releases. -- nosy: +lukasz.langa ___ Python tracker ___

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Pablo Galindo Salgado added the comment: Commit 393e2bf6bc6effbfe821f051a230978f0edd70df has broken CPython in RedHat 6: [2022-03-16T18:49:20.608Z] 2022/03/16 14:48:55 ERROR /tmp/python3.10-3.10.3-0/Modules/faulthandler.c:28:12: fatal error: sys/auxv.h: No such file or directory # include

[issue45993] Main branch of CPython does not build anymore on macOS

Ned Deily added the comment: @Andrei, see Issue46975. -- nosy: +ned.deily ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: > So where getauxval(AT_MINSIGSTKSZ) < SIGSTKSZ the merged changes actually > resulted in decrease of the allocated signal deliver stack. faulthandler stack is only used in the least likely case: on a fatal error. It should reduce its memory footprint, so

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Oleksandr Pavlyk added the comment: So where getauxval(AT_MINSIGSTKSZ) < SIGSTKSZ the merged changes actually resulted in decrease of the allocated signal deliver stack. On Sapphire Rapids due to tile registers size we have getauxval(AT_MINSIGSTKSZ) > SIGSTKSZ. This is why the initial

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: On my x86-64 Fedora 35 with the CPU "Intel(R) Core(TM) i7-6820HQ CPU @ 2.70GHz", I get: * SIGSTKSZ = 8192 * getauxval(AT_MINSIGSTKSZ) = 2032 * faulthandler stack.ss_size = 10224 * os.sysconf('SC_MINSIGSTKSZ') = 2032 In C, sysconf(_SC_MINSIGSTKSZ) is similar

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: Thanks Oleksandr Pavlyk for your nice enhancement! I merged your change to 3.9, 3.10 and main branches! I also added os.sysconf('SC_MINSIGSTKSZ') to Python 3.11. -- resolution: -> fixed stage: patch review -> resolved status: open -> closed

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: New changeset ba2b7956fa3932769a5c0aa2575de5c8d7e7ba4b by Victor Stinner in branch '3.9': bpo-46968: Fix faulthandler for Sapphire Rapids Xeon (GH-31789) (GH-31831) https://github.com/python/cpython/commit/ba2b7956fa3932769a5c0aa2575de5c8d7e7ba4b

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Change by STINNER Victor : -- pull_requests: +29928 pull_request: https://github.com/python/cpython/pull/31831 ___ Python tracker <https://bugs.python.org/issue46

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: New changeset 393e2bf6bc6effbfe821f051a230978f0edd70df by Victor Stinner in branch '3.10': bpo-46968: Fix faulthandler for Sapphire Rapids Xeon (GH-31789) (GH-31830) https://github.com/python/cpython/commit/393e2bf6bc6effbfe821f051a230978f0edd70df

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: The latest faulthandler bug on sigaltstack() was bpo-21131 about FPU state stored by "XSAVE" and a Linux kernel change to fix a security vulnerability: https://bugs.python.org/issue21131#msg349688 -- ___ Python

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Change by STINNER Victor : -- pull_requests: +29927 pull_request: https://github.com/python/cpython/pull/31830 ___ Python tracker <https://bugs.python.org/issue46

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: New changeset 3b128c054885fe881c3b57a5978de3ea89c81a9c by Oleksandr Pavlyk in branch 'main': bpo-46968: Fix faulthandler for Sapphire Rapids Xeon (GH-31789) https://github.com/python/cpython/commit/3b128c054885fe881c3b57a5978de3ea89c81a9c

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

STINNER Victor added the comment: New changeset dc374ac7b0fabaed49461a2044c220765f48d229 by Victor Stinner in branch 'main': bpo-46968: Add os.sysconf_names['SC_MINSIGSTKSZ'] (GH-31824) https://github.com/python/cpython/commit/dc374ac7b0fabaed49461a2044c220765f48d229

[issue45993] Main branch of CPython does not build anymore on macOS

Change by Christian Heimes : -- nosy: -christian.heimes ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue45993] Main branch of CPython does not build anymore on macOS

Andrei Kulakov added the comment: I'm getting the same exact error but on `arm64`, and clearing the cache does not help. clang=13.0.0 MacOS=11.5.2 Should I open a new issue for this? 257 warnings generated. 257 warnings generated. Undefined symbols for architecture arm64:

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Change by STINNER Victor : -- pull_requests: +29921 pull_request: https://github.com/python/cpython/pull/31824 ___ Python tracker <https://bugs.python.org/issue46

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Change by Kumar Aditya : -- nosy: +vstinner ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

Change by Oleksandr Pavlyk : -- keywords: +patch pull_requests: +29893 stage: -> patch review pull_request: https://github.com/python/cpython/pull/31789 ___ Python tracker <https://bugs.python.org/issu

[issue46968] Insufficient sigaltstack size used by CPython prevents extensions from using new ISA

GET_XCOMP_PERM, ); if (rc) { printf("rc error\n"); } else { if (( bitmask & XFEATURE_MASK_XTILEDATA) == 0){ printf("verify AMX permission faild bitmask %ld\n",bitmask); } } } ``` This request fails on the account of too small a size

Re: Cpython: when to incref before insertdict

PyDict_FromKeys() **does** > INCREF before calling insertdict, when key/value is borrowed > reference. > https://github.com/python/cpython/blob/6927632492cbad86a250aa006c1847e03b03e70b/Objects/dictobject.c#L2287-L2290 > https://github.com/python/cpython/blob/6927632492cbad86a250a

Re: Cpython: when to incref before insertdict

ference from its caller to the dict. merge_dict is very special and complex case. I assume you are talking about this part. https://github.com/python/cpython/blob/6927632492cbad86a250aa006c1847e03b03e70b/Objects/dictobject.c#L2885-L2912 In general, when reference is borrowed from a caller, t

Cpython: when to incref before insertdict

I noticed that some functions inside dictobject.c that call insertdict or PyDict_SetItem do an incref of key and value before the call, and a decref after it. An example is dict_merge. Other functions, such as _PyDict_FromKeys, don't do an incref before. When an incref of key and value is needed

[issue46906] Make _PyFloat_(Pack|Unpack)(4|8) cpython API, not internal.

Change by Inada Naoki : -- resolution: -> rejected stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue46906] Make _PyFloat_(Pack|Unpack)(4|8) cpython API, not internal.

Inada Naoki added the comment: OK. By quick grepping, I found only msgpack and bitstruct use these API. It is not enough number to make them public. -- ___ Python tracker ___

[issue46906] Make _PyFloat_(Pack|Unpack)(4|8) cpython API, not internal.

STINNER Victor added the comment: I disagree. A function should be either fully public: tested, documented. Or fully internal. In the past, many functions were in both, in the gray area. If these functions are useful, please make them *public* and document them. I'm +1 to make these

[issue46906] Make _PyFloat_(Pack|Unpack)(4|8) cpython API, not internal.

Change by Inada Naoki : -- keywords: +patch pull_requests: +29769 stage: -> patch review pull_request: https://github.com/python/cpython/pull/31649 ___ Python tracker <https://bugs.python.org/issu

[issue46906] Make _PyFloat_(Pack|Unpack)(4|8) cpython API, not internal.

don't reveal CPython internal strucutre. It just convert double and float into char[]. So please keep these APIs public for libraries like msgpack. -- components: C API messages: 414401 nosy: methane, vstinner priority: normal severity: normal status: open title: Make _PyFloat_(Pack

[issue41028] Move docs.python.org language and version switcher out of cpython

Change by Ned Deily : -- stage: commit review -> resolved status: open -> closed ___ Python tracker ___ ___ Python-bugs-list

[issue41028] Move docs.python.org language and version switcher out of cpython

Łukasz Langa added the comment: New changeset 4c48cac1c44fbbfe3f5fd0c623b7768e2a709da8 by Miss Islington (bot) in branch '3.8': bpo-41028: Doc: Move switchers to docsbuild-scripts. (GH-20969) (GH-30344) https://github.com/python/cpython/commit/4c48cac1c44fbbfe3f5fd0c623b7768e2a709da8

[issue46072] Unify handling of stats in the CPython VM

Brandt Bucher added the comment: New changeset 580cd9ab2992b7df6f4815020b5841e14a5a6977 by Brandt Bucher in branch 'main': bpo-46072: Add detailed failure stats for BINARY_OP (GH-31289) https://github.com/python/cpython/commit/580cd9ab2992b7df6f4815020b5841e14a5a6977

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29481 pull_request: https://github.com/python/cpython/pull/31324 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Brandt Bucher : -- nosy: +brandtbucher nosy_count: 2.0 -> 3.0 pull_requests: +29449 pull_request: https://github.com/python/cpython/pull/31289 ___ Python tracker <https://bugs.python.org/issu

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29425 pull_request: https://github.com/python/cpython/pull/31259 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29422 pull_request: https://github.com/python/cpython/pull/31254 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29420 pull_request: https://github.com/python/cpython/pull/31251 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29419 pull_request: https://github.com/python/cpython/pull/31250 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29404 pull_request: https://github.com/python/cpython/pull/31234 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset f71a69aa9209cf67cc1060051b147d6afa379bba by Mark Shannon in branch 'main': bpo-46072: Output stats as markdown with collapsible sections. (GH-31228) https://github.com/python/cpython/commit/f71a69aa9209cf67cc1060051b147d6afa379bba

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29398 pull_request: https://github.com/python/cpython/pull/31228 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29381 pull_request: https://github.com/python/cpython/pull/31211 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset 9c979d7afd839abbb080028bdfeb73727e5cf633 by Mark Shannon in branch 'main': bpo-46072: Merge dxpairs into py_stats. (GH-31197) https://github.com/python/cpython/commit/9c979d7afd839abbb080028bdfeb73727e5cf633

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29368 pull_request: https://github.com/python/cpython/pull/31197 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset 062460e8fd54e53c9a1a6f175ef49c9d730851b8 by Mark Shannon in branch 'main': bpo-46072: Improve LOAD_METHOD stats (GH-31104) https://github.com/python/cpython/commit/062460e8fd54e53c9a1a6f175ef49c9d730851b8

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29291 pull_request: https://github.com/python/cpython/pull/31108 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29288 pull_request: https://github.com/python/cpython/pull/31105 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29287 pull_request: https://github.com/python/cpython/pull/31104 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29263 pull_request: https://github.com/python/cpython/pull/31079 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset 187930f74c44e460ba09c60ba5d9bb4fac543d8f by Mark Shannon in branch 'main': bpo-46072: Add some frame stats. (GH-31060) https://github.com/python/cpython/commit/187930f74c44e460ba09c60ba5d9bb4fac543d8f

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29242 pull_request: https://github.com/python/cpython/pull/31060 ___ Python tracker <https://bugs.python.org/issue46

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset 48be46ec1f3f8010570165daa1da4bf9961f3a83 by Mark Shannon in branch 'main': bpo-46072: Add some object layout and allocation stats (GH-31051) https://github.com/python/cpython/commit/48be46ec1f3f8010570165daa1da4bf9961f3a83

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29233 pull_request: https://github.com/python/cpython/pull/31051 ___ Python tracker <https://bugs.python.org/issue46

[issue35134] Add a new Include/cpython/ subdirectory for the "CPython API" with implementation details

Change by STINNER Victor : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[Python-announce] ANN: Austin -- CPython frame stack sampler v3.3.0 is now available

I am delighted to announce the release 3.3.0 of Austin. If you haven't heard of Austin before, it is an open-source frame stack sampler for CPython, distributed under the GPLv3 license. It can be used to obtain statistical profiling data out of a running Python application without a single line

[issue46072] Unify handling of stats in the CPython VM

Mark Shannon added the comment: New changeset 90ab138bbdc63763ad825ed6d4821367c09c4015 by Mark Shannon in branch 'main': bpo-46072: Add simple stats for Python calls. (GH-30989) https://github.com/python/cpython/commit/90ab138bbdc63763ad825ed6d4821367c09c4015

[issue46072] Unify handling of stats in the CPython VM

Change by Mark Shannon : -- pull_requests: +29168 pull_request: https://github.com/python/cpython/pull/30989 ___ Python tracker <https://bugs.python.org/issue46

[issue35134] Add a new Include/cpython/ subdirectory for the "CPython API" with implementation details

STINNER Victor added the comment: New changeset d4a85f104bf9d2e368f25c9a567eaaa2cc39a96a by Victor Stinner in branch 'main': bpo-35134: Add Include/cpython/descrobject.h (GH-30923) https://github.com/python/cpython/commit/d4a85f104bf9d2e368f25c9a567eaaa2cc39a96a

[issue35134] Add a new Include/cpython/ subdirectory for the "CPython API" with implementation details

Change by STINNER Victor : -- pull_requests: +29102 pull_request: https://github.com/python/cpython/pull/30923 ___ Python tracker <https://bugs.python.org/issue35

[issue45860] Mutithread leads to Illegal instruction crashing CPython

Change by Xinmeng Xia : -- title: UnboundLocalError leads to Illegal instruction crashing CPython -> Mutithread leads to Illegal instruction crashing CPython ___ Python tracker <https://bugs.python.org/issu

[issue45860] UnboundLocalError leads to Illegal instruction crashing CPython

Xinmeng Xia added the comment: A simpler example to reproduce it: test.py import threading import ctypes from test import test_code def test_free_different_thread(): f = test_code.CoExtra().get_func() class ThreadTest(threading.Thread):

[issue5404] Cross-compiling CPython - need a buildbot

Change by Gregory P. Smith : -- title: Cross-compiling Python -> Cross-compiling CPython - need a buildbot versions: +Python 3.11 -Python 3.4 ___ Python tracker <https://bugs.python.org/iss

[issue46280] About vulnerabilities in Cpython native code

miss-islington added the comment: New changeset ae6e255cb362557ff713ff2967aecb92f7eb069c by Miss Islington (bot) in branch '3.9': bpo-46280: Fix tracemalloc_copy_domain() (GH-30591) https://github.com/python/cpython/commit/ae6e255cb362557ff713ff2967aecb92f7eb069c

[issue46280] About vulnerabilities in Cpython native code

miss-islington added the comment: New changeset 86d18019e96167c5ab6f5157fa90598202849904 by Miss Islington (bot) in branch '3.10': bpo-46280: Fix tracemalloc_copy_domain() (GH-30591) https://github.com/python/cpython/commit/86d18019e96167c5ab6f5157fa90598202849904

[issue46280] About vulnerabilities in Cpython native code

Change by miss-islington : -- pull_requests: +28791 pull_request: https://github.com/python/cpython/pull/30593 ___ Python tracker <https://bugs.python.org/issue46

[issue46280] About vulnerabilities in Cpython native code

Change by miss-islington : -- nosy: +miss-islington nosy_count: 7.0 -> 8.0 pull_requests: +28790 pull_request: https://github.com/python/cpython/pull/30592 ___ Python tracker <https://bugs.python.org/issu

[issue46280] About vulnerabilities in Cpython native code

STINNER Victor added the comment: New changeset 7c770d3350813a82a639fcb3babae0de2b87aaae by Victor Stinner in branch 'main': bpo-46280: Fix tracemalloc_copy_domain() (GH-30591) https://github.com/python/cpython/commit/7c770d3350813a82a639fcb3babae0de2b87aaae

[issue46280] About vulnerabilities in Cpython native code

STINNER Victor added the comment: #389 Modules/_tracemalloc.c:1245: error: Null Dereference pointer `traces2` last assigned on line 1243 could be null and is dereferenced by call to `_Py_hashtable_destroy()` at line 1245, column 9. 1243. _Py_hashtable_t *traces2 =

[issue46280] About vulnerabilities in Cpython native code

Change by STINNER Victor : -- nosy: +vstinner nosy_count: 6.0 -> 7.0 pull_requests: +28789 pull_request: https://github.com/python/cpython/pull/30591 ___ Python tracker <https://bugs.python.org/issu

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: Update on #324 and #325. Not only are these false positives, but Serhiy pointed-out the existing logic is intentional and should not be rewritten. -- ___ Python tracker

[issue46280] About vulnerabilities in Cpython native code

Change by Raymond Hettinger : -- keywords: +patch pull_requests: +28651 stage: -> patch review pull_request: https://github.com/python/cpython/pull/30445 ___ Python tracker <https://bugs.python.org/issu

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #654 is a false positive. The value of ptrs[0] is initialized to NULL via a pointer alias a few lines before: pp = ptrs; ... *pp = NULL; ... if (ptrs[0] == NULL) -- ___ Python tracker

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #632 should be left as is. Technically, the second "field++" is a dead store. However, it is harmless and has some advantages. It keeps the the assignments parallel and it reduces the chance of introducing a new bug if a new field is added (i.e. like

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #606 is similar to #584 and #585. The "dead store" is used only in an assertion: have_dict = 1;<== Presumed dead store } assert(have_dict);<== Used in an assert In the case, it would be reasonable to add an #ifdef.

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #584 and #585: The code is correct but there are dead stores only when the asserts are turned off: 2635. carry = v_lshift(w->ob_digit, w1->ob_digit, size_w, d); 2636. assert(carry == 0); Elsewhere we use ifdefs around code like this to

[issue46280] About vulnerabilities in Cpython native code

Serhiy Storchaka added the comment: The CPython source code is irregularly scanned by different code analysis tools. The results shown extremely high quality of code in comparison with other open source and proprietary code. Most of reports are false positive. Last time real bugs (2 or 3

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #533, #534, #535, and #536 are false positives for the same reason as #511 and #512. The two "dead stores" in 533 and 534 match the "uninitialized variables" in 535 and 536. -- ___ Python tracker

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #511 and #512 are false positives. The "kind" variable is indeed uninitialized in the bytes_writer case: else if (bytes_writer) { *bytes_str = _PyBytesWriter_Prepare(bytes_writer, *bytes_str, strlen); if (*bytes_str == NULL) {

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: The dead store notices for all the DISPATCH calls in ceval.c are false positives. The "oparg" value is used in many of the case statements. The dead store notices the clinic generated code all relate to "!--noptargs" which is sometimes used in generated

[issue46280] About vulnerabilities in Cpython native code

Pablo Galindo Salgado added the comment: > Anyway, (if I'm right,) this makes my points that a) there are false > positives, and b) we should have separate issues for each actual problem. Sorry Eric, I failed to clarify my comment: you are absolutely right in your analysis. I was trying to

[issue46280] About vulnerabilities in Cpython native code

Change by Zachary Ware : -- nosy: +414039482 -zach.ware ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue46280] About vulnerabilities in Cpython native code

Terry J. Reedy added the comment: Last I knew, CPython C code is a) regularly scanned by Valgrind and b) Valgrind is somehow informed as to false positives to not report. But I know none of the details. So I suggest you look into this and how to not report the same false positives. I

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #420 and #421 are false positives. The value of "c" is initialized a few lines before use. for (;;) { c = tok_nextc(tok); ... } ... tok_backup(tok, c); if (c == '#' || c == '\n' || c ==

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #382 is false positive. The "iterable" variable is only accessed when known to not be NULL. # Line 970 if (iterable != NULL) { if (set_update_internal(so, iterable)) { Py_DECREF(so); return NULL; } }

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #324 and #325 are false positives. The result variable is initialized in the preceding lines: if (len_a == length) { left = *((volatile const unsigned char**)); result = 0; } if (len_a != length) { left = b;

[issue46280] About vulnerabilities in Cpython native code

Eric V. Smith added the comment: I don't want to belabor this, but hey, it's in f-strings! And if it's an actual problem I'd like to fix it. > It can be uninitialized if the parenstack[nested_depth] value is itself > initialized, which can happen if the memory block pointed by parenstack

[issue46280] About vulnerabilities in Cpython native code

Raymond Hettinger added the comment: #244 is a false positive. The value of new_state[i] on line 454 was initialized on line 442 with: new_state[i] = (uint32_t)element. #387 is also a false positive. There is an assertion on the previous line that the item != NULL. That assertion passes

[issue46280] About vulnerabilities in Cpython native code

Pablo Galindo Salgado added the comment: > I don't see how this could be an uninitialized read, although I'm willing to > be wrong. It can be uninitialized if the parenstack[nested_depth] value is itself initialized, which can happen if the memory block pointed by parenstack has not been

[issue46280] About vulnerabilities in Cpython native code

Joannah Nanjekye added the comment: > You mention here that your tool automatically "repairs" the code. Could you > >submit a sample PR with the repairs that your tool does so we can evaluate > it? I second this. I obviously, am assuming good intentions from the author, not experimenting

[issue46280] About vulnerabilities in Cpython native code

Zachary Ware added the comment: As an aside, there's an issue with Roundup where a username composed of all digits causes it to think that name is a user ID in the nosy list. I recommend changing your username to include a non-digit character so that others can interact with you on your

[issue46280] About vulnerabilities in Cpython native code

Change by Zachary Ware : -- nosy: +414039482 ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe:

[issue46280] About vulnerabilities in Cpython native code

Pablo Galindo Salgado added the comment: > Based on the research of the result, I tried to design a tool to > automatically detect and repair vulnerabilities in CPython and make this tool > available. See: You mention here that your tool automatically "repairs" the code

[issue46280] About vulnerabilities in Cpython native code

Eric V. Smith added the comment: Thank you for posting this. Some of these look like false positives. For example: #263 Parser/string_parser.c:670: error: Uninitialized Value The value read from parenstack[_] was never initialized. 668. } 669. nested_depth--;

[issue46280] About vulnerabilities in Cpython native code

New submission from Xinrong Lin <414039...@qq.com>: I am currently doing some research on the security of CPython. I used the open source vulnerability analysis engine, Infer(https://fbinfer.com/), to scan the native code of CPython 3.10.0. The scan results show that there are

[issue41028] Move docs.python.org language and version switcher out of cpython

Ned Deily added the comment: I went ahead and auto-backported the full PR to 3.9 and 3.8 since it applies cleanly there and did a manual backport of just the sidebar changes to 3.7 and 3.6 (added in the final merge before EOL). Now just awaiting @ambv approval for 3.8. For reference,

[issue41028] Move docs.python.org language and version switcher out of cpython

Ned Deily added the comment: New changeset b28b0222e360669463ffe31d27c1fd374361cb23 by Miss Islington (bot) in branch '3.9': bpo-41028: Doc: Move switchers to docsbuild-scripts. (GH-20969) (GH-30343) https://github.com/python/cpython/commit/b28b0222e360669463ffe31d27c1fd374361cb23

[issue41028] Move docs.python.org language and version switcher out of cpython

Ned Deily added the comment: New changeset 811f65ba263140b6ba28151246b52efe149a6382 by Ned Deily in branch '3.7': bpo-41028: use generic version links in Docs index. https://github.com/python/cpython/commit/811f65ba263140b6ba28151246b52efe149a6382

[issue41028] Move docs.python.org language and version switcher out of cpython

Change by miss-islington : -- pull_requests: +28556 pull_request: https://github.com/python/cpython/pull/30344 ___ Python tracker <https://bugs.python.org/issue41

[issue41028] Move docs.python.org language and version switcher out of cpython

Change by miss-islington : -- nosy: +miss-islington nosy_count: 2.0 -> 3.0 pull_requests: +28555 pull_request: https://github.com/python/cpython/pull/30343 ___ Python tracker <https://bugs.python.org/issu

[Python-announce] ANN: Austin -- CPython frame stack sampler v3.2.0 is now available

I am delighted to announce the release 3.2.0 of Austin. If you haven't heard of Austin before, it is an open-source frame stack sampler for CPython, distributed under the GPLv3 license. It can be used to obtain statistical profiling data out of a running Python application without a single line

<    1   2   3   4   5   6   7   8   9   10   >