classification
Title: Access violation
Type: crash Stage:
Components: Versions: Python 3.10
process
Status: open Resolution:
Dependencies: Superseder:
Assigned To: Nosy List: eric.smith, vladexl
Priority: normal Keywords:

Created on 2021-11-23 13:49 by vladexl, last changed 2021-11-24 07:39 by vladexl.

Messages (3)
msg406841 - (view) Author: vladexl (vladexl) Date: 2021-11-23 13:49
It seems object.c hasn't taken into account possible nullptr:

object.c: ...else if (Py_TYPE(v)->tp_as_number != NULL &&...

It seems Py_TYPE(v) returns null

StackTrace:

> python310.dll!PyObject_IsTrue(_object * v=0x1d91e2d4) Line 1444 C
  python310.dll!_PyEval_EvalFrameDefault(_ts * tstate=0x1db76f50, _frame * f=0x1c064028, int throwflag=0) Line 3793 C
  [Inline Frame] python310.dll!_PyEval_EvalFrame(_ts *) Line 46 C
  python310.dll!_PyEval_Vector(_ts * tstate=0x1db76f50, PyFrameConstructor * con=0x1bd91858, _object * locals=0x00000000, _object * const * args=0x1bdf86a8, unsigned int argcount=1, _object * kwnames=0x00000000) Line 5080 C
  python310.dll!_PyFunction_Vectorcall(_object * func=0x1bd91850, _object * const * stack=0x1bdf86a8, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 347 C
  [Inline Frame] python310.dll!_PyObject_VectorcallTstate(_ts *) Line 114 C
  python310.dll!PyObject_Vectorcall(_object * callable=0x1bd91850, _object * const * args, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 123 C
  python310.dll!call_function(_ts * tstate=0x1db76f50, PyTraceInfo * trace_info=0x1bf3f7a0, _object * * * pp_stack=0x1bf3f774, int oparg=1, _object * kwnames=0x00000000) Line 5888 C
  python310.dll!_PyEval_EvalFrameDefault(_ts * tstate=0x1db76f50, _frame * f=0x1bdf8568, int throwflag=0) Line 4222 C
  [Inline Frame] python310.dll!_PyEval_EvalFrame(_ts *) Line 46 C
  python310.dll!_PyEval_Vector(_ts * tstate=0x1db76f50, PyFrameConstructor * con=0x1bd918a0, _object * locals=0x00000000, _object * const * args=0x1bde5334, unsigned int argcount=2, _object * kwnames=0x00000000) Line 5080 C
  python310.dll!_PyFunction_Vectorcall(_object * func=0x1bd91898, _object * const * stack=0x1bde5334, unsigned int nargsf=2, _object * kwnames=0x00000000) Line 347 C
  python310.dll!PyVectorcall_Call(_object * callable=0x1bd91898, _object * tuple=0x1bde5328, _object * kwargs=0x1ef3d618) Line 272 C
  python310.dll!_PyObject_Call(_ts * tstate=0x1db76f50, _object * callable=0x1bd91898, _object * args=0x1bde5328, _object * kwargs=0x1ef3d618) Line 290 C
  [Inline Frame] python310.dll!PyObject_Call(_object *) Line 317 C
  python310.dll!do_call_core(_ts * tstate=0x1db76f50, PyTraceInfo * trace_info=0x1bf3f93c, _object * func=0x1bd91898, _object * callargs=0x1bde5328, _object * kwdict=0x1ef3d618) Line 5940 C
  python310.dll!_PyEval_EvalFrameDefault(_ts * tstate=0x1db76f50, _frame * f=0x1bd7ab28, int throwflag=0) Line 4286 C
  [Inline Frame] python310.dll!_PyEval_EvalFrame(_ts *) Line 46 C
  python310.dll!_PyEval_Vector(_ts * tstate=0x1db76f50, PyFrameConstructor * con=0x1bdef930, _object * locals=0x00000000, _object * const * args=0x1bdfa164, unsigned int argcount=1, _object * kwnames=0x00000000) Line 5080 C
  python310.dll!_PyFunction_Vectorcall(_object * func=0x1bdef928, _object * const * stack=0x1bdfa164, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 347 C
  [Inline Frame] python310.dll!_PyObject_VectorcallTstate(_ts *) Line 114 C
  python310.dll!PyObject_Vectorcall(_object * callable=0x1bdef928, _object * const * args, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 123 C
  python310.dll!call_function(_ts * tstate=0x1db76f50, PyTraceInfo * trace_info=0x1bf3fa94, _object * * * pp_stack=0x1bf3fa70, int oparg=1, _object * kwnames=0x00000000) Line 5888 C
  python310.dll!_PyEval_EvalFrameDefault(_ts * tstate=0x1db76f50, _frame * f=0x1bdfa028, int throwflag=0) Line 4207 C
  [Inline Frame] python310.dll!_PyEval_EvalFrame(_ts *) Line 46 C
  python310.dll!_PyEval_Vector(_ts * tstate=0x1db76f50, PyFrameConstructor * con=0x1bdefa98, _object * locals=0x00000000, _object * const * args=0x1bc9db04, unsigned int argcount=1, _object * kwnames=0x00000000) Line 5080 C
  python310.dll!_PyFunction_Vectorcall(_object * func=0x1bdefa90, _object * const * stack=0x1bc9db04, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 347 C
  [Inline Frame] python310.dll!_PyObject_VectorcallTstate(_ts *) Line 114 C
  python310.dll!PyObject_Vectorcall(_object * callable=0x1bdefa90, _object * const * args, unsigned int nargsf=2147483649, _object * kwnames=0x00000000) Line 123 C
  python310.dll!call_function(_ts * tstate=0x1db76f50, PyTraceInfo * trace_info=0x1bf3fbec, _object * * * pp_stack=0x1bf3fbc8, int oparg=1, _object * kwnames=0x00000000) Line 5888 C
  python310.dll!_PyEval_EvalFrameDefault(_ts * tstate=0x1db76f50, _frame * f=0x1bc9d9c8, int throwflag=0) Line 4207 C
  [Inline Frame] python310.dll!_PyEval_EvalFrame(_ts *) Line 46 C
  python310.dll!_PyEval_Vector(_ts * tstate=0x1db76f50, PyFrameConstructor * con=0x1bdef978, _object * locals=0x00000000, _object * const * args=0x1bf3fce8, unsigned int argcount=1, _object * kwnames=0x00000000) Line 5080 C
  python310.dll!_PyFunction_Vectorcall(_object * func=0x1bdef970, _object * const * stack=0x1bf3fce8, unsigned int nargsf=1, _object * kwnames=0x00000000) Line 347 C
  python310.dll!_PyObject_VectorcallTstate(_ts * tstate=0x1db76f50, _object * callable=0x1bdef970, _object * const * args=0x1bf3fce8, unsigned int nargsf=1, _object * kwnames=0x00000000) Line 115 C
  python310.dll!method_vectorcall(_object * method=0x1e8f56e8, _object * const * args=0x087b41e4, unsigned int nargsf=0, _object * kwnames=0x00000000) Line 61 C
  python310.dll!PyVectorcall_Call(_object * callable=0x1e8f56e8, _object * tuple=0x087b41d8, _object * kwargs=0x00000000) Line 272 C
  python310.dll!_PyObject_Call(_ts * tstate=0x1db76f50, _object * callable=0x1e8f56e8, _object * args=0x087b41d8, _object * kwargs=0x00000000) Line 290 C
  [Inline Frame] python310.dll!PyObject_Call(_object * callable, _object * args=0x087b41d8, _object * kwargs) Line 317 C
  python310.dll!thread_run(void * boot_raw=0x1bdf12d8) Line 1090 C
  python310.dll!bootstrap(void * call=0x1775b860) Line 183 C
  ucrtbase.dll!thread_start<unsigned int (__stdcall*)(void *),1>() Unknown
  kernel32.dll!@BaseThreadInitThunk@12() Unknown
  ntdll.dll!__RtlUserThreadStart() Unknown
  ntdll.dll!__RtlUserThreadStart@8() Unknown
msg406844 - (view) Author: Eric V. Smith (eric.smith) * (Python committer) Date: 2021-11-23 14:54
Please provide the code you used to trigger this error, so that we can reproduce it.
msg406907 - (view) Author: vladexl (vladexl) Date: 2021-11-24 07:39
Sorry i can't provide simple example, but will describe steps. And also i found reason of such behavior.
It was a function from pythonwin: PyWinObject_FromHANDLE.  When i removed it from code - issue gone.

So, in order to start 2 python scripts simultaneously:
1. 2 interpreters was created (Py_NewInterpreter)
2. 2 windows threads started and 2 python scripts inside (PyRun_AnyFileExFlags(hFile, filePath, true, nullptr);
3. Python scripts like this:  (i started additional thread inside python script, it's necessary)
@entry
def main():
	import time
	i = 100
	while i < 103 :
		print("iter {0} ".format(i))
		time.sleep(1)
		i = i +1
def entry(function):	
	def entry_decorator():
		import threading
		thread = threading.Thread(target=_threadmain, args=(function,))
		thread.start()
	return entry_decorator
def _threadmain(function):
	# call entry point from primary script
	function()
        myevent = __mymodule.GetStopEvent()
	while True:
                rc = win32event.MsgWaitForMultipleObjects((myevent,), 1, 1000, win32event.QS_ALLINPUT);
		if rc == win32event.WAIT_OBJECT_0:
			break
		pythoncom.PumpWaitingMessages()
	pythoncom.CoUninitialize() 
4. GetStopEvent like this:
PyObject* GetStopEvent(PyObject *self, PyObject *args)
{
     HANDLE hEvent = CreateEvent(...);
     return PyWinObject_FromHANDLE(hEvent);
}
5. Exception appears after starting/stopping(firing event) 3..4 times. It works fine in case of single starting.
History
Date User Action Args
2021-11-24 07:39:37vladexlsetmessages: + msg406907
2021-11-23 14:54:35eric.smithsetnosy: + eric.smith
messages: + msg406844
2021-11-23 13:49:04vladexlcreate