From 3944e9b3b24de994d46eb7f4af6eec49b3324271 Mon Sep 17 00:00:00 2001 From: "Miss Islington (bot)" <31488909+miss-islington@users.noreply.github.com> Date: Thu, 23 Oct 2025 16:44:21 +0200 Subject: [PATCH] [3.14] gh-140431: Fix GC crash due to partially initialized coroutines (gh-140470) (gh-140504) The `make_gen()` function creates and tracks generator/coro objects, but doesn't fully initialize all the fields. At a minimum, we need to initialize all the fields that may be accessed by gen_traverse because the call to `compute_cr_origin()` can trigger a GC. (cherry picked from commit 574405c19e9b5de0504be46a3925027ded4495ae) Co-authored-by: Sam Gross --- .../2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst | 3 +++ Objects/genobject.c | 1 + 2 files changed, 4 insertions(+) create mode 100644 Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst new file mode 100644 index 000000000000..3d62d210f1f0 --- /dev/null +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst @@ -0,0 +1,3 @@ +Fix a crash in Python's :term:`garbage collector ` due to +partially initialized :term:`coroutine` objects when coroutine origin tracking +depth is enabled (:func:`sys.set_coroutine_origin_tracking_depth`). diff --git a/Objects/genobject.c b/Objects/genobject.c index f1fd995a246e..f429bc47678f 100644 --- a/Objects/genobject.c +++ b/Objects/genobject.c @@ -922,6 +922,7 @@ make_gen(PyTypeObject *type, PyFunctionObject *func) gen->gi_weakreflist = NULL; gen->gi_exc_state.exc_value = NULL; gen->gi_exc_state.previous_item = NULL; + gen->gi_iframe.f_executable = PyStackRef_None; assert(func->func_name != NULL); gen->gi_name = Py_NewRef(func->func_name); assert(func->func_qualname != NULL); -- 2.47.3