[Python-checkins] [python/cpython] 49d094: [3.6] bpo-30039: Don't run signal handlers while r...

GitHub noreply at github.com
Wed May 17 19:23:14 EDT 2017 

  Branch: refs/heads/backport-ab4413a-3.6
  Home:   https://github.com/python/cpython
  Commit: 49d094206c314d25a9a91c338aeae72a7d8bde36
      https://github.com/python/cpython/commit/49d094206c314d25a9a91c338aeae72a7d8bde36
  Author: Nathaniel J. Smith <njs at pobox.com>
  Date:   2017-05-17 (Wed, 17 May 2017)

  Changed paths:
    M Lib/test/test_generators.py
    M Misc/NEWS
    M Modules/_testcapimodule.c
    M Python/ceval.c

  Log Message:
  -----------
  [3.6] bpo-30039: Don't run signal handlers while resuming a yield from stack (GH-1081)

If we have a chain of generators/coroutines that are 'yield from'ing
each other, then resuming the stack works like:

- call send() on the outermost generator
- this enters _PyEval_EvalFrameDefault, which re-executes the
  YIELD_FROM opcode
- which calls send() on the next generator
- which enters _PyEval_EvalFrameDefault, which re-executes the
  YIELD_FROM opcode
- ...etc.

However, every time we enter _PyEval_EvalFrameDefault, the first thing
we do is to check for pending signals, and if there are any then we
run the signal handler. And if it raises an exception, then we
immediately propagate that exception *instead* of starting to execute
bytecode. This means that e.g. a SIGINT at the wrong moment can "break
the chain" – it can be raised in the middle of our yield from chain,
with the bottom part of the stack abandoned for the garbage collector.

The fix is pretty simple: there's already a special case in
_PyEval_EvalFrameEx where it skips running signal handlers if the next
opcode is SETUP_FINALLY. (I don't see how this accomplishes anything
useful, but that's another story.) If we extend this check to also
skip running signal handlers when the next opcode is YIELD_FROM, then
that closes the hole – now the exception can only be raised at the
innermost stack frame.

This shouldn't have any performance implications, because the opcode
check happens inside the "slow path" after we've already determined
that there's a pending signal or something similar for us to process;
the vast majority of the time this isn't true and the new check
doesn't run at all..
(cherry picked from commit ab4413a7e9bda95b6fcd517073e2a51dafaa1624)

More information about the Python-checkins mailing list