[PATCH] tevent: Do not use uninitialized tv in py_tevent_context_add_timer
Douglas Bagnall
douglas.bagnall at catalyst.net.nz
Fri Jan 18 22:26:37 UTC 2019
[Resending, because I used the wrong from: address the first time]
On 19/01/19 4:52 AM, Lukas Slebodnik via samba-technical wrote:
> ehlo,
>
> I could see valgrind error in python bindings
>
> LS
>
Yes. Good, almost.
We are trying to switch to C99 initialisers
(c.f. https://gitlab.com/samba-team/samba/merge_requests/198), and it would be
even better if you could initialise callback to NULL.
> --- a/lib/tevent/pytevent.c
> +++ b/lib/tevent/pytevent.c
> @@ -476,7 +476,7 @@ static PyObject *py_tevent_context_add_timer_internal(TeventContext_Object *self
>
> static PyObject *py_tevent_context_add_timer(TeventContext_Object *self, PyObject *args)
> {
> - struct timeval next_event;
> + struct timeval next_event = { 0 };
> PyObject *callback;
> if (!PyArg_ParseTuple(args, "lO", &next_event, &callback))
> return NULL;
BUT the underlying question is where is used uninitialised?
PyArg_ParseTuple() promises to initialise it or return NULL. Except it is
asked to initialise a signed long ("l" in the format string), while
struct timeval is two numbers (seemingly always longs), so this is just
initialising the tv_sec, not the tv_usec:
PyArg_ParseTuple(args, "lO", &next_event, &callback)
Anyway, if you can C99 it, RB+ from me, but this needs more looking at, probably
with the python argument converted to a double, then mangled into secs/usecs
in C.
Looking at this:
$ git grep add_timer :/*.py
lib/tevent/bindings.py: timer = self.ctx.add_timer(0, lambda t: collecting_list.append(True))
lib/tevent/bindings.py: timer = self.ctx.add_timer(0, lambda t: collecting_list.append(True))
lib/tevent/bindings.py: timer = self.ctx.add_timer(0, lambda t: collecting_list.append(True))
lib/tevent/bindings.py: self.ctx.add_timer_offset(0.2, lambda t: collecting_list.append(2))
lib/tevent/bindings.py: self.ctx.add_timer_offset(0.1, lambda t: collecting_list.append(1))
With this patch those last two won't work as expected (rounded to 0 int).
Currently NONE of them would work as expected, resulting in 0 secs + $RAND usecs.
It is possible you have just discovered why we have an infinite supply of timing
related flapping tests, though this is not the first time I have thought that.
cheers,
Douglas
More information about the samba-technical
mailing list