Skip to content

Fix free-threaded GC crash from inherited C-stack refs (issue #515)#517

Open
ddorian wants to merge 1 commit into
python-greenlet:masterfrom
ddorian:issue515-c-stack-refs
Open

Fix free-threaded GC crash from inherited C-stack refs (issue #515)#517
ddorian wants to merge 1 commit into
python-greenlet:masterfrom
ddorian:issue515-c-stack-refs

Conversation

@ddorian

@ddorian ddorian commented Jul 3, 2026

Copy link
Copy Markdown

fixes #515

…greenlet#515)

set_initial_state copied the parent thread state's _PyCStackRef list head
into every newly-started greenlet. Those nodes live on the parent greenlet's
C stack, so once the child ran on its own stack and overwrote that region the
next pointers dangled. The free-threaded collector walks c_stack_refs for
every thread in gc_visit_thread_stacks(), so a collection on any thread would
follow the dangling nodes and segfault while a child greenlet was active
(fault inside gc_collect_main). This reproduced on 3.14t and 3.15t alike.

Start new greenlets with an empty C-stack-ref list, the way a fresh thread
does. Adds a pure-greenlet regression test that crashes a regressed build and
runs clean once fixed.
@ddorian ddorian force-pushed the issue515-c-stack-refs branch from 8e12181 to 14e24b2 Compare July 3, 2026 16:02
@ngoldbaum

Copy link
Copy Markdown

Ping @kumaraditya303

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Segmentation fault in free-threading 3.14.6

2 participants