[New-bugs-announce] [issue21967] Interpreter crash upon accessing frame.f_restricted of a frame from a dead thread
Anselm Kruis
report at bugs.python.org
Sat Jul 12 18:31:09 CEST 2014
New submission from Anselm Kruis:
If you store a reference to a frame from a dead thread and then access
frame.f_restricted python eventually crashed.
I didn't investigate this bug in depth. Here is my preliminary explanation.
The access of frame.f_restricted causes a call of PyFrame_IsRestricted(f).
PyFrame_IsRestricted is a macro and expands to
((f)->f_builtins != (f)->f_tstate->interp->builtins)
Now, if the thread that created f is already dead, the f_tstate points to an invalid structure. Depending on the content of the memory the access of f_tstate->interp causes an access violation. I use a Win32 debug build to reliable reproduce the issue.
----------
components: Interpreter Core
files: crash_on_f_restricted.py
messages: 222852
nosy: anselm.kruis
priority: normal
severity: normal
status: open
title: Interpreter crash upon accessing frame.f_restricted of a frame from a dead thread
type: crash
versions: Python 2.7
Added file: http://bugs.python.org/file35931/crash_on_f_restricted.py
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue21967>
_______________________________________
More information about the New-bugs-announce
mailing list