From: Sam Gross Date: Thu, 23 Oct 2025 14:18:13 +0000 (-0400) Subject: gh-140431: Fix GC crash due to partially initialized coroutines (gh-140470) X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=574405c19e9b5de0504be46a3925027ded4495ae;p=thirdparty%2FPython%2Fcpython.git gh-140431: Fix GC crash due to partially initialized coroutines (gh-140470) The `make_gen()` function creates and tracks generator/coro objects, but doesn't fully initialize all the fields. At a minimum, we need to initialize all the fields that may be accessed by gen_traverse because the call to `compute_cr_origin()` can trigger a GC. --- diff --git a/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst b/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst new file mode 100644 index 000000000000..3d62d210f1f0 --- /dev/null +++ b/Misc/NEWS.d/next/Core_and_Builtins/2025-10-22-17-22-22.gh-issue-140431.m8D_A-.rst @@ -0,0 +1,3 @@ +Fix a crash in Python's :term:`garbage collector ` due to +partially initialized :term:`coroutine` objects when coroutine origin tracking +depth is enabled (:func:`sys.set_coroutine_origin_tracking_depth`). diff --git a/Objects/genobject.c b/Objects/genobject.c index c9ca2f1de51d..2371ad16d5c1 100644 --- a/Objects/genobject.c +++ b/Objects/genobject.c @@ -932,6 +932,7 @@ make_gen(PyTypeObject *type, PyFunctionObject *func) gen->gi_weakreflist = NULL; gen->gi_exc_state.exc_value = NULL; gen->gi_exc_state.previous_item = NULL; + gen->gi_iframe.f_executable = PyStackRef_None; assert(func->func_name != NULL); gen->gi_name = Py_NewRef(func->func_name); assert(func->func_qualname != NULL);