Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

undefined behavior: tstate->datastack_top == NULL #96569

Closed
Assignees
markshannon
Labels
3.11only security fixes3.12only security fixesinterpreter-core(Objects, Python, Grammar, and Parser dirs)release-blockertype-crashA hard crash of the interpreter, possibly with a core dump
@matthiasgoergens

Description

@matthiasgoergens

I was chasing down some C trouble in code I had been experimenting. I used all the debug options I could find:

export CC="clang"configure --with-assertions --with-address-sanitizer --with-trace-refs --with-undefined-behavior-sanitizer --with-pydebugnice make -j8

For sanity checking, I ran this on current main. I got:

../../Python/pystate.c:2199:27: runtime error: applying non-zero offset 112 to null pointerSUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../Python/pystate.c:2199:27 in ../../Python/pystate.c:2199:27: runtime error: applying non-zero offset 112 to null pointerSUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../Python/pystate.c:2199:27 in ../../Python/pystate.c:2199:27: runtime error: applying non-zero offset 112 to null pointerSUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../Python/pystate.c:2199:27 in

For a minimal reproducible example, have a look atmy example PR that adds this check andfails to build:

diff--gita/Python/pystate.cb/Python/pystate.cindexa11f1622ecd..09543add9dd100644---a/Python/pystate.c+++b/Python/pystate.c@@-2196,6+2196,7 @@_PyThreadState_PushFrame(PyThreadState*tstate,size_tsize) {assert(size<INT_MAX/sizeof(PyObject*));PyObject**base=tstate->datastack_top;+assert(base!=NULL);PyObject**top=base+size;if (top >=tstate->datastack_limit) {base=push_chunk(tstate, (int)size);

Error messages

Enter any relevant error message caused by the crash, including a core dump if there is one.

I already pasted the error message I get from the sanitizers above. Here's the error message I get from my assertion instead (and building with just sequentialmake):

./Programs/_freeze_module zipimport ../../Lib/zipimport.py Python/frozen_modules/zipimport.h./_bootstrap_python ../../Programs/_freeze_module.py abc ../../Lib/abc.py Python/frozen_modules/abc.h_bootstrap_python: ../../Python/pystate.c:2199: _PyInterpreterFrame *_PyThreadState_PushFrame(PyThreadState *, size_t): Assertion `base != NULL' failed.make: *** [Makefile:1238: Python/frozen_modules/abc.h] Aborted (core dumped)

Your environment

I tested this on Archlinux against latestmain. You can also see it in action on thefailed test run for my PR on github.

Metadata

Metadata

Assignees

Labels

3.11only security fixes3.12only security fixesinterpreter-core(Objects, Python, Grammar, and Parser dirs)release-blockertype-crashA hard crash of the interpreter, possibly with a core dump

Projects

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions

    [8]ページ先頭
    ©2009-2025 Movatter.jp