Xiang Zhang added the comment: After reading the code I could see the possibility. A weakref object gets two linkedlist pointers which are not initialized by new_weakref (actually they are initialized by insert_head or insert_after). But the weakref object is possible to be destroyed in [1] and [2]. So we are going to dereference two uninitialized pointers in clear_weakref and then crash. So simply initialize the two pointers to NULL in init_weakref could solve this problem? Are you willing to test Saida?
[1] https://github.com/python/cpython/blob/master/Objects/weakrefobject.c#L770 [2] https://github.com/python/cpython/blob/master/Objects/weakrefobject.c#L833 ---------- keywords: +patch stage: -> patch review title: Python 2.7.8 is crashing while creating weakref for a given object. -> Python could crash while creating weakref for a given object Added file: http://bugs.python.org/file46513/weakref_crash.patch _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue29347> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
