Bug report
Bug description:
The PyType_Watch function is used heavily in the JIT and we rely on it to deoptimize when a class changes.
However, it does not trigger the callback function when a class is deallocated
which can lead to the following situation.
- We have jitted code that depends on the state of a class.
- That code does a pointer comparison on the address of a watched class and then assumes that class to be identical to when the code was compiled.
- The class is deallocated
- Another, different class is allocated at the same address
- Crash and burn
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Linked PRs
Bug report
Bug description:
The
PyType_Watchfunction is used heavily in the JIT and we rely on it to deoptimize when a class changes.However, it does not trigger the callback function when a class is deallocated
which can lead to the following situation.
CPython versions tested on:
CPython main branch
Operating systems tested on:
No response
Linked PRs