_PyUnicode_EqualToASCIIId() seems to be incompatible with subinterpreter: it makes the assumption that if direct pointer comparison fails and the string is interned, the two strings are not equal.
--
super_init_without_args() of Objects/typeobject.c calls _PyUnicode_EqualToASCIIId(name, &PyId___class__) to test if the Unicode string 'name' is equal to "__class__".
int
_PyUnicode_EqualToASCIIId(PyObject *left, _Py_Identifier *right)
{
right_uni = _PyUnicode_FromId(right);
...
if (left == right_uni)
return 1;
if (PyUnicode_CHECK_INTERNED(left))
return 0;
...
return unicode_compare_eq(left, right_uni);
}
_PyUnicode_EqualToASCIIId() makes the assumption that left and right are not equal if left and _PyUnicode_FromId(right) pointers are not equal and left is an interned string.
In the reproducer, left object is abc.ABCMeta.__new__.__code__.co_freevars[0].
Depending on how the stdlib abc.py file was loaded (in the main interpreter and in the subinterpreter), __code__.co_freevars[0] may or may not be an interned string.
If __code__.co_freevars[0] is an interned string, _PyUnicode_EqualToASCIIId() fails in a subinterpreter if the direct pointer comparison fails (if left and right_uni pointers are not equal).
--
Reproducer from: https://github.com/ninia/jep/issues/358#issuecomment-988090696
* Build Python 3.10 with "./configure --enable-shared --prefix /opt/py310" and install it.
* Download attached reproducer.c.
* Build the reproducer with:
gcc -o reproducer reproducer.c $(/opt/py310/bin/python3.10-config --embed --cflags --ldflags)
* Remove all stdlib .pyc files:
find /opt/py310 -type d -name __pycache__|xargs rm -rf
* Run the reproducer with:
LD_LIBRARY_PATH=/opt/py310/lib ./reproducer
Output:
---
Before creating sub interpreter
Traceback (most recent call last):
File "/opt/py310/lib/python3.10/io.py", line 52, in <module>
File "/opt/py310/lib/python3.10/abc.py", line 184, in <module>
File "/opt/py310/lib/python3.10/abc.py", line 106, in __new__
RuntimeError: super(): __class__ cell not found
Fatal Python error: _PyThreadState_Delete: tstate 0x7f9f2001c710 is still current
Python runtime state: initialized
Current thread 0x00007f9f27c99640 (most recent call first):
<no Python frame>
Abandon (core dumped)
---
py-bt command in gdb:
---
(gdb) py-bt
Traceback (most recent call first):
File "/opt/py310/lib/python3.10/abc.py", line 106, in __new__
cls = super().__new__(mcls, name, bases, namespace, **kwargs)
<built-in method __build_class__ of module object at remote 0x7fffea0b4cc0>
File "/opt/py310/lib/python3.10/abc.py", line 184, in <module>
class ABC(metaclass=ABCMeta):
<built-in method exec of module object at remote 0x7fffea0b4cc0>
File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
File "<frozen importlib._bootstrap_external>", line 883, in exec_module
File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
File "/opt/py310/lib/python3.10/io.py", line 52, in <module>
import abc
<built-in method exec of module object at remote 0x7fffea0b4cc0>
File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
File "<frozen importlib._bootstrap_external>", line 883, in exec_module
File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
<built-in method __import__ of module object at remote 0x7fffea0b4cc0>
---
|
➜
