Skip to content

Segfault in 3.13 when calling PyEval_SetTrace from a thread with no Python frames #121814

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
godlygeek opened this issue Jul 15, 2024 · 4 comments
Closed

Segfault in 3.13 when calling PyEval_SetTrace from a thread with no Python frames #121814

godlygeek opened this issue Jul 15, 2024 · 4 comments
Labels
type-bug An unexpected behavior, bug, or error

Comments

@godlygeek
Copy link
Contributor

godlygeek commented Jul 15, 2024
edited by bedevere-app bot
Loading

Bug report

Bug description:

Given a setup.py with:

from setuptools import Extension
from setuptools import setup

setup(
    name="testext",
    version="0.0",
    ext_modules=[
        Extension("testext", language="c++", sources=["testext.cpp"]),
    ],
    zip_safe=False,
)

and a testext.cpp with:

#define PY_SSIZE_T_CLEAN
#include <Python.h>

#include <assert.h>
#include <pthread.h>
#include <unistd.h>

int tracefunc(PyObject *, PyFrameObject *, int, PyObject *)
{
    return 0;
}

void*
thread_body(void*)
{
    PyGILState_STATE gilstate = PyGILState_Ensure();
    PyEval_SetTrace(&tracefunc, Py_None);
    PyGILState_Release(gilstate);
    return NULL;
}

PyObject*
trace_in_thread(PyObject*, PyObject*)
{
    pthread_t thread;
    int ret = pthread_create(&thread, NULL, &thread_body, NULL);
    assert(0 == ret);

    Py_BEGIN_ALLOW_THREADS
    ret = pthread_join(thread, NULL);
    assert(0 == ret);
    Py_END_ALLOW_THREADS

    Py_RETURN_NONE;
}

static PyMethodDef methods[] = {
        {"trace_in_thread", trace_in_thread, METH_NOARGS, "Call PyEval_SetTrace in a thread"},
        {NULL, NULL, 0, NULL},
};

static struct PyModuleDef moduledef = {PyModuleDef_HEAD_INIT, "testext", "", -1, methods};

PyMODINIT_FUNC
PyInit_testext(void)
{
    return PyModule_Create(&moduledef);
}

doing:

python3.13 -m pip install .
python3.13 -c 'import testext; testext.trace_in_thread()'

gives a segmentation fault, because of this code in _PyEval_SetTrace:

cpython/Python/legacy_tracing.c

Lines 607 to 608 in 7b41395

PyFrameObject* frame = PyEval_GetFrame();
if (frame->f_trace_opcodes) {

This reproducer enters _PyEval_SetTrace with no Python frames on the stack, and so PyEval_GetFrame returns a null pointer and frame->f_trace_opcodes dereferences it. It seems that this needs to be guarded:

        PyFrameObject* frame = PyEval_GetFrame();
        if (frame && frame->f_trace_opcodes) {

CPython versions tested on:

3.13

Operating systems tested on:

Linux

Linked PRs
@godlygeek godlygeek added the type-bug An unexpected behavior, bug, or error label Jul 15, 2024
@bedevere-app bedevere-app bot mentioned this issue Jul 15, 2024
Merged
@gaogaotiantian
Copy link
Member

Thanks, this was my fault and I'll fix this with you as co-author.

gaogaotiantian added a commit that referenced this issue Jul 15, 2024
@gaogaotiantian @godlygeek
gh-121814: Only check f_trace_opcodes if Python frame exists (#121818)
2b1b689 
Co-authored-by: Matt Wozniski <godlygeek@gmail.com>
@gaogaotiantian
Copy link
Member

Fixed in #121818.

@pablogsal
Copy link
Member

@gaogaotiantian this needs to be backported to 3.13

@pablogsal pablogsal reopened this Jul 16, 2024
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Jul 16, 2024
@gaogaotiantian @godlygeek @miss-islington
pythongh-121814: Only check f_trace_opcodes if Python frame exists (p…
e4bfbb7 
…ythonGH-121818)

(cherry picked from commit 2b1b689)

Co-authored-by: Tian Gao <gaogaotiantian@hotmail.com>
Co-authored-by: Matt Wozniski <godlygeek@gmail.com>
@bedevere-app bedevere-app bot mentioned this issue Jul 16, 2024
Merged
gaogaotiantian added a commit that referenced this issue Jul 16, 2024
@miss-islington @gaogaotiantian @godlygeek
[3.13] gh-121814: Only check f_trace_opcodes if Python frame exists (G…
54db42f 
…H-121818) (#121861)

gh-121814: Only check f_trace_opcodes if Python frame exists (GH-121818)
(cherry picked from commit 2b1b689)

Co-authored-by: Tian Gao <gaogaotiantian@hotmail.com>
Co-authored-by: Matt Wozniski <godlygeek@gmail.com>
@gaogaotiantian
Copy link
Member

Backported in #121861.

estyxx pushed a commit to estyxx/cpython that referenced this issue Jul 17, 2024
@gaogaotiantian @godlygeek @estyxx
pythongh-121814: Only check f_trace_opcodes if Python frame exists (p…
4614134 
…ython#121818)

Co-authored-by: Matt Wozniski <godlygeek@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
type-bug An unexpected behavior, bug, or error
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@godlygeek @pablogsal @gaogaotiantian