paulross / pythonextensionpatterns Goto Github PK

Based on the issues I have raised already, I think your whole goto-based approach is flawed. The right way is to adopt an overall structured-programming pattern that looks like this:

«pointer» = NULL;
do /*once*/
  {
    ... possible preceding code ...
    allocate «pointer»;
    if («error_occurred»)
        break;
    ... do something with «pointer» ...
  }
while (false);
Py_XDECREF(«pointer»);

This kind of structure nests easily and scales to more complex cases, which is vital for dealing with allocation inside loops, for example. (I notice you don’t discuss these.) Avoiding gotos helps guarantee that control paths from inner structures cannot avoid going through the cleanup on their way out.

I have a couple of more concrete examples to offer, in the form of Python modules I wrote for my grainypy and dvd_menu_animator projects, which demonstrate this idea in action.

I spent a bit of time following the (normally excellent) advice in this tutorial to try a COUNT_ALLOCS build while debugging a reference leak and found that it did nothing. It turns out CPython removed the functionality in Python 3.9. See python/cpython#18259.

Unfortunately there isn't a replacement.

Should all the text referencing COUNT_ALLOCS just be removed? It would avoid wasting the time of future people who would like to debug reference issues.

I ended up fixing the issue I had by setting a breakpoint on the variable in the debug python build tracking the total number of allocations and then over the course of a python for loop that leaked memory every loop, simply printed out the objects getting increfd and decrefd and found the place where an object was getting an extra incref. Maybe I could describe this debugging process?

Looking at your _parse_args_with_python_defaults routine defined here, your pyObjDefaultArg_0 and pyObjDefaultArg_1 remain partially allocated even if an exception occurred after they were allocated, but before they were completely initialized. What if the user trapped that exception, let their script continue execution, and then tried calling into your code again? This time it would assume the default objects were fine, and you could end up returning a partially-initialized object. You need to completely free up partially-allocated objects on an exception.

I see a couple of concerns in your section on Getting and Setting Module Globals.

In a statement like

if (PyModule_AddObject(m, NAME_TUP, Py_BuildValue("iii", 66, 68, 73))) {
    goto except;

the doc says that the reference to the object is only stolen on success. So if the PyModule_AddObject call fails, then the object created by the Py_BuildValue call in this case will be leaked.

Further down that page, the calls to PyDict_SetItem (e.g. PyDict_SetItem(pMap, PyBytes_FromString("123"), PyLong_FromLong(123))) leak references to the key and value objects.

1. a typo: Uncomment PyObject_Free and PyObject_Realloc in the valgring suppression file.
   valgring should be valgrind
2. I installed debug version of python3 as detailed in the doc, when I use it with valgrind(just open python and exit), it still reports tons of possible leaks, is that possible to suppress them?

this is a really nice book/tutorial, I read it a few months ago, when I tried to search and read it again today, it is really hard to find it, I think it would be better to have keyword like C extension in the title. Anyway, just some random thoughts. Thank you for the writing.

Introduction: pLast is probably pObj here:

PyObject_Print(pLast, stdout, 0);