Skip to content

Requiring A Current Thread State for PyThreadState_Clear(), etc. is Problematic #101436

New issue
New issue
Open
Open
Requiring A Current Thread State for PyThreadState_Clear(), etc. is Problematic#101436
Labels
3.12only security fixesinterpreter-core(Objects, Python, Grammar, and Parser dirs)topic-subinterpreterstype-bugAn unexpected behavior, bug, or error
@ericsnowcurrently

Description

@ericsnowcurrently
ericsnowcurrently
opened on Jan 30, 2023

In PyThreadState_Clear() and PyInterpreterState_Clear() the code expects a "current" thread state (i.e. set by PyThreadState_Swap()) to be set. Presumably this is for the following:

  • to ensure the GIL is held
  • to use for logging audit events (actually only needs the current interpreter?)
  • to use in object finalizers for objects held by the target thread/interpreter state

For PyThreadState_Clear(), this is a problem when the current thread state is also the target thread state, since the function is progressively rendering the thread state unusable. For PyInterpreterState_Clear() the "current" thread state must belong to the target interpreter, but will be rendered unusable before it's potentially needed.

(FWIW, it isn't clear to me yet why we don't see frequent crashes from this already (at least when we're clearing the main interpreter during finalization). I do suspect that this contributes to some of the occasional CI failures we see relative to finalization.)

Ideally auditing and the various object finalizers could work without having a current thread state, especially in the case where the current thread state could only possibly be the one getting cleared. Could we split up PyThreadState so at least the problematic part is guaranteed not be used in PyThreadState_Clear() or PyInterpreterState_Clear()? Are there other complexities we have to deal with?

(Note that we'd still require that the GIL be held by the current OS thread when PyThreadState_Clear() or PyInterpreterState_Clear() are called.)

FTR, in gh-101308 I noted various cases where the lifecycle of thread states has an unexpected status. Pretty much all of them relate `PyThreadState_Clear()` requiring a current thread state.
Dealing with the main issue above would make it trivial to address the following:
  • an "active" thread state (i.e. "current", holding the GIL) must be "bound" (to an OS thread) already
  • a "bound" thread state must be "alive" (initialized but not finalizing)
  • binding a thread state should be done separately from PyThreadState_New()
  • the thread state passed to PyThreadState_Clear() should no longer be "active" or "bound"
  • the current thread state must belong to the target interpreter of PyThreadState_Clear()
  • the current thread state must belong to the target interpreter of PyInterpreterState_Clear() (for the main interpreter it must be the main thread)

Metadata

Metadata

Assignees

No one assigned

    Labels

    3.12only security fixesinterpreter-core(Objects, Python, Grammar, and Parser dirs)topic-subinterpreterstype-bugAn unexpected behavior, bug, or error

    Projects

    Subinterpreters

    Status

    Todo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions