Message 360309 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	vstinner
Date	2020-01-20.11:58:53
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1579521534.52.0.738486244649.issue39395@roundup.psfhosted.org>
In-reply-to

Content
os.environ[key] = value has to keep internally the string "key=value\0" after putenv("key=value\0") has been called, since the glibc doesn't copy the string. Python has to manage the string memory. Internally, the posix module uses a "posix_putenv_garbage" dictionary mapping key (bytes) to value (bytes). Values are "key=value\0" strings. The bpo-35381 issue converted the os ("posix" in practice) module PEP 384: "Remove all static state from posixmodule": commit b3966639d28313809774ca3859a347b9007be8d2. The _posix_clear() function is now called by _PyImport_Cleanup(). Problem: the glibc is not aware that Python is exiting and that the memory of the environment variable has been released. Next access to environment variables ("environ" C variable, putenv, setenv, unsetenv, ...) can crash. Sometimes, it doesn't crash even if the memory has been released, because free() does not always dig immediately holes in the heap memory (the complex problelm of memory fragmentation). The posix module should notify the glibc that the memory will be released before releasing the memory, to avoid keeping dangling pointers in the "environ" C variable. The following crash in the Elements module is an example of crash introduced by commit b3966639d28313809774ca3859a347b9007be8d2 which introduced this issue: https://bugzilla.redhat.com/show_bug.cgi?id=1791761

os.environ[key] = value has to keep internally the string "key=value\0" after putenv("key=value\0") has been called, since the glibc doesn't copy the string. Python has to manage the string memory.

Internally, the posix module uses a "posix_putenv_garbage" dictionary mapping key (bytes) to value (bytes). Values are "key=value\0" strings.

The bpo-35381 issue converted the os ("posix" in practice) module PEP 384: "Remove all static state from posixmodule": commit b3966639d28313809774ca3859a347b9007be8d2. The _posix_clear() function is now called by _PyImport_Cleanup().

Problem: the glibc is not aware that Python is exiting and that the memory of the environment variable has been released. Next access to environment variables ("environ" C variable, putenv, setenv, unsetenv, ...) can crash. Sometimes, it doesn't crash even if the memory has been released, because free() does not always dig immediately holes in the heap memory (the complex problelm of memory fragmentation).

The posix module should notify the glibc that the memory will be released before releasing the memory, to avoid keeping dangling pointers in the "environ" C variable.

The following crash in the Elements module is an example of crash introduced by commit b3966639d28313809774ca3859a347b9007be8d2 which introduced this issue:
https://bugzilla.redhat.com/show_bug.cgi?id=1791761

History
Date	User	Action	Args
2020-01-20 11:58:54	vstinner	set	recipients: + vstinner
2020-01-20 11:58:54	vstinner	set	messageid: <1579521534.52.0.738486244649.issue39395@roundup.psfhosted.org>
2020-01-20 11:58:54	vstinner	link	issue39395 messages
2020-01-20 11:58:53	vstinner	create