diff options
| author | Victor Stinner <vstinner@python.org> | 2023-10-02 15:44:51 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-10-02 15:44:51 (GMT) |
| commit | d0641ab676ac117bcf71fb8b0fd531a82bff6501 (patch) | |
| tree | f83bff78c5b5d5e40c603472cff80149dc346969 /Python | |
| parent | a2074911baaa75216a6a3bc78487ee2254f031d5 (diff) | |
| download | cpython-d0641ab676ac117bcf71fb8b0fd531a82bff6501.zip cpython-d0641ab676ac117bcf71fb8b0fd531a82bff6501.tar.gz cpython-d0641ab676ac117bcf71fb8b0fd531a82bff6501.tar.bz2 | |
[3.12] gh-110052: Fix faulthandler for freed tstate (#110069) (#110071)
gh-110052: Fix faulthandler for freed tstate (#110069)
faulthandler now detected freed interp and freed tstate, and no
longer dereference them.
(cherry picked from commit 2e37a38bcbfbe1357436e030538290e7d00b668d)
Diffstat (limited to 'Python')
| -rw-r--r-- | Python/traceback.c | 47 |
1 files changed, 37 insertions, 10 deletions
diff --git a/Python/traceback.c b/Python/traceback.c index dc25870..0070f15 100644 --- a/Python/traceback.c +++ b/Python/traceback.c @@ -1218,23 +1218,45 @@ dump_frame(int fd, _PyInterpreterFrame *frame) PUTS(fd, "\n"); } +static int +tstate_is_freed(PyThreadState *tstate) +{ + if (_PyMem_IsPtrFreed(tstate)) { + return 1; + } + if (_PyMem_IsPtrFreed(tstate->interp)) { + return 1; + } + return 0; +} + + +static int +interp_is_freed(PyInterpreterState *interp) +{ + return _PyMem_IsPtrFreed(interp); +} + + static void dump_traceback(int fd, PyThreadState *tstate, int write_header) { - _PyInterpreterFrame *frame; - unsigned int depth; - if (write_header) { PUTS(fd, "Stack (most recent call first):\n"); } - frame = tstate->cframe->current_frame; + if (tstate_is_freed(tstate)) { + PUTS(fd, " <tstate is freed>\n"); + return; + } + + _PyInterpreterFrame *frame = tstate->cframe->current_frame; if (frame == NULL) { PUTS(fd, " <no Python frame>\n"); return; } - depth = 0; + unsigned int depth = 0; while (1) { if (MAX_FRAME_DEPTH <= depth) { PUTS(fd, " ...\n"); @@ -1298,9 +1320,6 @@ const char* _Py_DumpTracebackThreads(int fd, PyInterpreterState *interp, PyThreadState *current_tstate) { - PyThreadState *tstate; - unsigned int nthreads; - if (current_tstate == NULL) { /* _Py_DumpTracebackThreads() is called from signal handlers by faulthandler. @@ -1316,6 +1335,10 @@ _Py_DumpTracebackThreads(int fd, PyInterpreterState *interp, current_tstate = PyGILState_GetThisThreadState(); } + if (current_tstate != NULL && tstate_is_freed(current_tstate)) { + return "tstate is freed"; + } + if (interp == NULL) { if (current_tstate == NULL) { interp = _PyGILState_GetInterpreterStateUnsafe(); @@ -1330,14 +1353,18 @@ _Py_DumpTracebackThreads(int fd, PyInterpreterState *interp, } assert(interp != NULL); + if (interp_is_freed(interp)) { + return "interp is freed"; + } + /* Get the current interpreter from the current thread */ - tstate = PyInterpreterState_ThreadHead(interp); + PyThreadState *tstate = PyInterpreterState_ThreadHead(interp); if (tstate == NULL) return "unable to get the thread head state"; /* Dump the traceback of each thread */ tstate = PyInterpreterState_ThreadHead(interp); - nthreads = 0; + unsigned int nthreads = 0; _Py_BEGIN_SUPPRESS_IPH do { |