-
-
Notifications
You must be signed in to change notification settings - Fork 29.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
_PyFrame_Clear can crash in for loop if frame->localsplus is NULL. #119128
Comments
CC @markshannon |
Can you provide a way to reproduce the issue? |
Yeah I have code in a zip file that can help reproduce it if you want to build it and help debug it. It got so hard to find the issue that even Visual Studio with all the tools it has is no help at all. Note:
To Build:
|
@AraHaan We do not run code on our system without reading it first to see what it will do. So sending us a multi-file application in a zip file is a big ask. As @markshannon indicated, this is probably a bug in your program. I suggest that you debug it with a view to determining whether this is indeed memory corruption in your code. If you think this is a cpython bug, please narrow down your code to at most one C file and one python file, with no dependencies, which demonstrate the issue. |
You have a lot of unnecessary code in that zip file. Here's a much reduced version: dbot_reduced2.zip It seems the issue in the reduced example comes from results = await __get_results('SELECT * FROM V_Tiers')
print[create_tier(result) for result in results] So it probably comes from Here's the simplified code for import asyncio
from DiscordBot._capi import get_tiers
async def main():
# test what these print.
print(1)
print(await get_tiers())
# print(await get_tiers())
# print(await get_tiers())
print(2)
if __name__ == '__main__':
print(0)
asyncio.run(main())
print(3) By running
But if I call I hope this helps finding the root cause. |
I think the issue was in line 70 where I do |
Crash report
What happened?
When I was debugging my C extension I eventually found a way to get it to work using the interactive debug version of the interpreter and using
_PyObject_Dump
to also check the reference counts of everything to ensure my extension module works properly and has proper reference counting.However when I typed in
exit()
to close the interpreter I crashed in_PyFrame_Clear
within the for loop as it fails to check first ifframe->localsplus
is notNULL
before attempting to index into it resulting in an Access Violation.This should be a trivial patch. Issue is how come
frame->localsplus
isNULL
to begin with?CPython versions tested on:
3.11, 3.12, CPython main branch
Operating systems tested on:
Windows
Output from running 'python -VV' on the command line:
python_d.exe -X dev (no script file for interactive console mode)
The text was updated successfully, but these errors were encountered: