[Bug 1887847] [NEW] python3.8 subinterpereters cause use-after-free in asyncio

Paul Hollinsky 1887847 at bugs.launchpad.net
Thu Jul 16 18:43:21 UTC 2020 

Public bug reported:

Python 3.8.0 to 3.8.2 include a bug which breaks subinterpereters nearly
in their entirety.

If a subinterpereter initializes asyncio (a library used by many other
libraries), then exits, and another subinterpereter initializes asyncio,
there will be a use-after-free and segmentation fault.

See: https://bugs.python.org/issue40294

A main.c small test program is attached to that bug which replicates the
issue.

The bug has been fixed as of 3.8.3 and 3.9.0. I attached a patch which
backports the one-line fix to a 3.8.2-1ubuntu1.2 version for focal.

I am writing a piece of software that I fear will be unusable on focal
without this backport, since the default python3 is python
3.8.2-1ubuntu1.1 at the time of writing. Since it does not contain the
fix, my application crashes.

** Affects: python3.8 (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: after asyncio bpo40294 free gh-19542 gh-19565 use use-after-free

** Patch added: "1-3.8.2-1ubuntu1.2.debdiff"
   https://bugs.launchpad.net/bugs/1887847/+attachment/5393231/+files/1-3.8.2-1ubuntu1.2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to python3.8 in Ubuntu.
https://bugs.launchpad.net/bugs/1887847

Title:
  python3.8 subinterpereters cause use-after-free in asyncio

Status in python3.8 package in Ubuntu:
  New

Bug description:
  Python 3.8.0 to 3.8.2 include a bug which breaks subinterpereters
  nearly in their entirety.

  If a subinterpereter initializes asyncio (a library used by many other
  libraries), then exits, and another subinterpereter initializes
  asyncio, there will be a use-after-free and segmentation fault.

  See: https://bugs.python.org/issue40294

  A main.c small test program is attached to that bug which replicates
  the issue.

  The bug has been fixed as of 3.8.3 and 3.9.0. I attached a patch which
  backports the one-line fix to a 3.8.2-1ubuntu1.2 version for focal.

  I am writing a piece of software that I fear will be unusable on focal
  without this backport, since the default python3 is python
  3.8.2-1ubuntu1.1 at the time of writing. Since it does not contain the
  fix, my application crashes.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python3.8/+bug/1887847/+subscriptions

More information about the foundations-bugs mailing list