Regression from 1.9.1 to 1.9.2

Issue #327 resolved
Anonymous created an issue

Hi Armin,

I noticed a regression (or maybe my code was using a bad behavior of cffi ;-).

In my Vulkan wrapper github, Berserker66 opened an issue about a struct with random value. You can see the issue here

The developer sent a test case (here) to reproduce the issue.

I tested it with several version of cffi and I noticed that the issue is introduced by this commit here

The problem is that the variable extent is garbage collected although it's referenced (self.extent). I noticed in the commit that you set the tp_free function for CDataOwningGC_Type, CDataOwning_Type...

I wait for your answer !

Comments (7)

  1. realitix

    Please Armin, can you reopen this issue, I have updated the code and I still face the problem.

    After more digging, I found out that this line is responsible of the error: https://bitbucket.org/cffi/cffi/commits/b6adad5f4ea343f515563917826b4c66e2705ac8#Lc/_cffi_backend.cF3085

    If we use cd = (CDataObject *)PyObject_Calloc(1, size); or cd = (CDataObject *)PyObject_Malloc(size); -> OK

    if we use malloc or calloc -> KO

    Why do you manually allocate memory instead of using CPython functions. I don't know exactly what is leading to this error but it may be a serious problem. I wait for your answer ! ;-)

  2. Armin Rigo

    I still suspect that the real problem is not this line, but a mistake you make in your code. Whatever it is, though, I need to see an updated version of the crasher in order to debug.

  3. realitix

    Hi @Armin Rigo, you were right since the beginning. I was not returning a new struct but a child struct (https://github.com/realitix/vulkan/commit/608213158c79a4ecdb44395af77f2d138f1029ca).

    My toughs about why it works with Py_Malloc and why not with malloc: Py_Malloc asks python to manage the memory. Python allocates a big buffer and selects a free zone in that buffer. I suspect that when the block is then freed, Python doesn't really free the memory but marks the block as available for future allocation.s As long as this block is not used by another variable, you can think the value stills alive. So it's ok now ! This bug allowed me to look deeper inside CPython.

  4. Log in to comment