Message104319
Didn't have much sleep last night, so please forgive me if I say something stupid, but:
Python/pystate.c:
void
PyThreadState_DeleteCurrent()
{
PyThreadState *tstate = _PyThreadState_Current;
if (tstate == NULL)
Py_FatalError(
"PyThreadState_DeleteCurrent: no current tstate");
_PyThreadState_Current = NULL;
tstate_delete_common(tstate);
if (autoTLSkey && PyThread_get_key_value(autoTLSkey) == tstate)
PyThread_delete_key_value(autoTLSkey);
PyEval_ReleaseLock();
}
the current tstate is deleted and freed before releasing the GIL, so if another thread calls take_gil after the current thread has called tstate_delete_common but before it calls PyEval_ReleaseLock (which calls drop_gil and set gil_locked to 0), then it will enter this section and dereference gil_last_holder.
I just checked with valgrind, and he also reports an illegal dereference at this precise line. |
|
Date |
User |
Action |
Args |
2010-04-27 13:24:12 | neologix | set | recipients:
+ neologix, loewis, jhylton, gregory.p.smith, jcea, pitrou, movement, larry, eric.smith, kevinwatters, tarek, djc, karld, carljm, coderanger, durin42, eric.araujo, nirai, alex, andrix, konryd, brian.curtin, flox, DazWorrall, cool-RR, rh0dium, rcohen, dabeaz, mahmoudimus, aconrad, ysj.ray, thouis, donaldjeo |
2010-04-27 13:24:12 | neologix | set | messageid: <1272374652.33.0.64652266623.issue7946@psf.upfronthosting.co.za> |
2010-04-27 13:24:10 | neologix | link | issue7946 messages |
2010-04-27 13:24:10 | neologix | create | |
|