`_interpreters.exec` with invalid parameters segfaults

[devdanzin]

Crash report

What happened?

The code below segfaults on non-debug builds and aborts on debug builds.

import _interpreters

_interpreters.exec(False, "aaaa", 1)

The abort looks like:

python: ./Modules/_interpretersmodule.c:462: _run_in_interpreter: Assertion `!PyErr_Occurred()' failed.
Aborted

The backtrace of the segfault is:

Program received signal SIGSEGV, Segmentation fault.
0x00005555557c4e1c in _PyXI_ApplyError (error=0x0) at Python/crossinterp.c:1057
1057        if (error->code == _PyXI_ERR_UNCAUGHT_EXCEPTION) {
(gdb) bt
#0  0x00005555557c4e1c in _PyXI_ApplyError (error=0x0) at Python/crossinterp.c:1057
#1  0x00007ffff79db912 in _run_in_interpreter (p_excinfo=0x7fffffffd0a0, flags=1, shareables=0x555555abe9d0 <_PyRuntime+14032>,
    codestrlen=<optimized out>, codestr=0x7ffff7a53358 "aaaa", interp=0x555555ad0e48 <_PyRuntime+88904>)
    at ./Modules/_interpretersmodule.c:463
#2  _interp_exec (interp=interp@entry=0x555555ad0e48 <_PyRuntime+88904>, code_arg=<optimized out>,
    shared_arg=0x555555abe9d0 <_PyRuntime+14032>, p_excinfo=p_excinfo@entry=0x7fffffffd0a0, self=<optimized out>)
    at ./Modules/_interpretersmodule.c:950
#3  0x00007ffff79dbaa0 in interp_exec (self=<optimized out>, args=<optimized out>, kwds=<optimized out>)
    at ./Modules/_interpretersmodule.c:995
#4  0x00005555556ac233 in cfunction_call (func=0x7ffff7a6d4e0, args=<optimized out>, kwargs=<optimized out>)
    at Objects/methodobject.c:551
#5  0x00005555556433f0 in _PyObject_MakeTpCall (tstate=0x555555b07b20 <_PyRuntime+313376>, callable=callable@entry=0x7ffff7a6d4e0,
    args=args@entry=0x7ffff7fb0080, nargs=<optimized out>, keywords=keywords@entry=0x0) at Objects/call.c:242
#6  0x0000555555643d16 in _PyObject_VectorcallTstate (kwnames=0x0, nargsf=<optimized out>, args=0x7ffff7fb0080,
    callable=0x7ffff7a6d4e0, tstate=<optimized out>) at ./Include/internal/pycore_call.h:165
#7  0x00005555555d8e85 in _PyEval_EvalFrameDefault (tstate=0x555555b07b20 <_PyRuntime+313376>, frame=0x7ffff7fb0020,
    throwflag=<optimized out>) at Python/generated_cases.c.h:955
#8  0x00005555557a5abc in _PyEval_EvalFrame (throwflag=0, frame=0x7ffff7fb0020, tstate=0x555555b07b20 <_PyRuntime+313376>)
    at ./Include/internal/pycore_ceval.h:116
#9  _PyEval_Vector (args=0x0, argcount=0, kwnames=0x0, locals=0x7ffff7a187c0, func=0x7ffff7a033d0,
    tstate=0x555555b07b20 <_PyRuntime+313376>) at Python/ceval.c:1901
#10 PyEval_EvalCode (co=co@entry=0x7ffff7a3a120, globals=globals@entry=0x7ffff7a187c0, locals=locals@entry=0x7ffff7a187c0)
    at Python/ceval.c:662
#11 0x0000555555811018 in run_eval_code_obj (locals=0x7ffff7a187c0, globals=0x7ffff7a187c0, co=0x7ffff7a3a120,
    tstate=0x555555b07b20 <_PyRuntime+313376>) at Python/pythonrun.c:1338

Found using fusil by @vstinner.

CPython versions tested on:

3.13, CPython main branch

Operating systems tested on:

Linux

Output from running 'python -VV' on the command line:

Python 3.14.0a1+ (heads/main:54c63a32d06, Nov 8 2024, 19:53:10) [GCC 11.4.0]

Linked PRs

• gh-126654: Fix crash in several functions in _interpreters module #126678
• [3.13] gh-126654: Fix crash in several functions in _interpreters module (GH-126678) #126681

[sobolevn]

I am on it! Thanks for the report.