Open
Description
Crash report
What happened?
It's possible to segfault a release build or abort a debug with JIT enabled by running the following MRE:
import email # Any module seems to work, originally this was `sys`
def interact():
email.ps1 = None
prompt = email.ps1
del email.ps1
for _ in range(5000):
interact()Segfault backtrace:
Program received signal SIGSEGV, Segmentation fault.
_Py_uop_sym_new_const (ctx=ctx@entry=0x7ffffffe0d20, const_val=0x0) at Python/optimizer_symbols.c:426
426 _Py_uop_sym_set_const(ctx, res, const_val);
#0 _Py_uop_sym_new_const (ctx=ctx@entry=0x7ffffffe0d20, const_val=0x0) at Python/optimizer_symbols.c:426
#1 0x000055555584a183 in optimize_uops (co=0x7ffff7a50270, trace=trace@entry=0x7fffffff8a30, trace_len=trace_len@entry=73,
curr_stacklen=curr_stacklen@entry=2, dependencies=dependencies@entry=0x7fffffff8990) at Python/optimizer_cases.c.h:1265
#2 0x000055555584aaba in _Py_uop_analyze_and_optimize (frame=frame@entry=0x7ffff7fb0020, buffer=buffer@entry=0x7fffffff8a30,
length=length@entry=73, curr_stacklen=curr_stacklen@entry=2, dependencies=dependencies@entry=0x7fffffff8990) at Python/optimizer_analysis.c:682
#3 0x000055555584424b in uop_optimize (frame=frame@entry=0x7ffff7fb0020, instr=instr@entry=0x7ffff7a3a994,
exec_ptr=exec_ptr@entry=0x7fffffffd690, curr_stackentries=<optimized out>, progress_needed=progress_needed@entry=true)
at Python/optimizer.c:1282
#4 0x0000555555844bec in _PyOptimizer_Optimize (frame=frame@entry=0x7ffff7fb0020, start=0x7ffff7a3a994,
executor_ptr=executor_ptr@entry=0x7fffffffd690, chain_depth=chain_depth@entry=0) at Python/optimizer.c:130
#5 0x00005555555e9645 in _PyEval_EvalFrameDefault (tstate=0x555555b77f70 <_PyRuntime+315216>, frame=<optimized out>, throwflag=<optimized out>)
at Python/generated_cases.c.h:7792
#6 0x00005555557bc6f7 in _PyEval_EvalFrame (throwflag=0, frame=0x7ffff7fb0020, tstate=0x555555b77f70 <_PyRuntime+315216>)
at ./Include/internal/pycore_ceval.h:119
#7 _PyEval_Vector (args=0x0, argcount=0, kwnames=0x0, locals=0x7ffff7a13d40, func=0x7ffff7a0f3d0, tstate=0x555555b77f70 <_PyRuntime+315216>)
at Python/ceval.c:1975
Abort backtrace:
python: Python/optimizer_symbols.c:421: _Py_uop_sym_new_const: Assertion `const_val != NULL' failed.
Program received signal SIGABRT, Aborted.
__pthread_kill_implementation (no_tid=0, signo=6, threadid=140737350575936) at ./nptl/pthread_kill.c:44
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=140737350575936) at ./nptl/pthread_kill.c:44
#1 __pthread_kill_internal (signo=6, threadid=140737350575936) at ./nptl/pthread_kill.c:78
#2 __GI___pthread_kill (threadid=140737350575936, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
#3 0x00007ffff7cdf476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
#4 0x00007ffff7cc57f3 in __GI_abort () at ./stdlib/abort.c:79
#5 0x00007ffff7cc571b in __assert_fail_base (fmt=0x7ffff7e7a130 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
assertion=0x555555b5267c "const_val != NULL", file=0x555555b52648 "Python/optimizer_symbols.c", line=421, function=<optimized out>)
at ./assert/assert.c:94
#6 0x00007ffff7cd6e96 in __GI___assert_fail (assertion=assertion@entry=0x555555b5267c "const_val != NULL",
file=file@entry=0x555555b52648 "Python/optimizer_symbols.c", line=line@entry=421,
function=function@entry=0x555555b52de0 <__PRETTY_FUNCTION__.7> "_Py_uop_sym_new_const") at ./assert/assert.c:103
#7 0x000055555595b2dc in _Py_uop_sym_new_const (ctx=ctx@entry=0x7ffffffc4790, const_val=<optimized out>) at Python/optimizer_symbols.c:421
#8 0x0000555555956e33 in optimize_uops (co=0x7ffff7b93940, trace=trace@entry=0x7fffffff3e00, trace_len=trace_len@entry=73,
curr_stacklen=curr_stacklen@entry=2, dependencies=dependencies@entry=0x7fffffff3de0) at Python/optimizer_cases.c.h:1265
#9 0x000055555595a424 in _Py_uop_analyze_and_optimize (frame=frame@entry=0x7ffff7fb0020, buffer=buffer@entry=0x7fffffff3e00,
length=length@entry=73, curr_stacklen=curr_stacklen@entry=2, dependencies=dependencies@entry=0x7fffffff3de0)
at ./Include/internal/pycore_interpframe.h:24
#10 0x0000555555951cd5 in uop_optimize (frame=frame@entry=0x7ffff7fb0020, instr=instr@entry=0x7ffff7a7e744,
exec_ptr=exec_ptr@entry=0x7fffffffd550, curr_stackentries=2, progress_needed=progress_needed@entry=true) at Python/optimizer.c:1282
#11 0x0000555555952253 in _PyOptimizer_Optimize (frame=frame@entry=0x7ffff7fb0020, start=start@entry=0x7ffff7a7e744,
executor_ptr=executor_ptr@entry=0x7fffffffd550, chain_depth=chain_depth@entry=0) at Python/optimizer.c:130
#12 0x0000555555863072 in _PyEval_EvalFrameDefault (tstate=tstate@entry=0x555555d6f7c0 <_PyRuntime+331232>, frame=frame@entry=0x7ffff7fb0020,
throwflag=throwflag@entry=0) at Python/generated_cases.c.h:7792
#13 0x0000555555877340 in _PyEval_EvalFrame (throwflag=0, frame=0x7ffff7fb0020, tstate=0x555555d6f7c0 <_PyRuntime+331232>)
at ./Include/internal/pycore_ceval.h:119
#14 _PyEval_Vector (tstate=tstate@entry=0x555555d6f7c0 <_PyRuntime+331232>, func=func@entry=0x7ffff7a4a750, locals=locals@entry=0x7ffff7a5c110,
args=args@entry=0x0, argcount=argcount@entry=0, kwnames=kwnames@entry=0x0) at Python/ceval.c:1975
#15 0x000055555587743f in PyEval_EvalCode (co=co@entry=0x7ffff7a7e640, globals=globals@entry=0x7ffff7a5c110, locals=locals@entry=0x7ffff7a5c110)
at Python/ceval.c:866Output from PYTHON_LLTRACE=2:
Optimizing <module> (/home/fusil/runs/python-555/code-cpu_load-assertion/source2.py:1) at byte offset 52
1 ADD_TO_TRACE: _START_EXECUTOR (0, target=26, operand0=0x7ffff7a7e744, operand1=0)
2 ADD_TO_TRACE: _MAKE_WARM (0, target=0, operand0=0, operand1=0)
26: JUMP_BACKWARD_JIT(12)
3 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=26, operand0=0, operand1=0)
4 ADD_TO_TRACE: _SET_IP (0, target=26, operand0=0x7ffff7a7e744, operand1=0)
5 ADD_TO_TRACE: _CHECK_PERIODIC (0, target=26, operand0=0, operand1=0, error_target=0)
16: FOR_ITER_RANGE(10)
6 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=16, operand0=0, operand1=0)
7 ADD_TO_TRACE: _SET_IP (0, target=16, operand0=0x7ffff7a7e730, operand1=0)
8 ADD_TO_TRACE: _ITER_CHECK_RANGE (10, target=16, operand0=0, operand1=0)
9 ADD_TO_TRACE: _GUARD_NOT_EXHAUSTED_RANGE (10, target=16, operand0=0, operand1=0)
10 ADD_TO_TRACE: _ITER_NEXT_RANGE (10, target=16, operand0=0, operand1=0, error_target=0)
18: STORE_NAME(3)
11 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=18, operand0=0, operand1=0)
12 ADD_TO_TRACE: _SET_IP (0, target=18, operand0=0x7ffff7a7e734, operand1=0)
13 ADD_TO_TRACE: _STORE_NAME (3, target=18, operand0=0, operand1=0, error_target=0)
19: LOAD_NAME(1)
14 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=19, operand0=0, operand1=0)
15 ADD_TO_TRACE: _SET_IP (0, target=19, operand0=0x7ffff7a7e736, operand1=0)
16 ADD_TO_TRACE: _LOAD_NAME (1, target=19, operand0=0, operand1=0, error_target=0)
20: PUSH_NULL(0)
17 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=20, operand0=0, operand1=0)
18 ADD_TO_TRACE: _SET_IP (0, target=20, operand0=0x7ffff7a7e738, operand1=0)
19 ADD_TO_TRACE: _PUSH_NULL (0, target=20, operand0=0, operand1=0)
21: CALL_PY_EXACT_ARGS(0)
20 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=21, operand0=0, operand1=0)
21 ADD_TO_TRACE: _SET_IP (0, target=21, operand0=0x7ffff7a7e73a, operand1=0)
22 ADD_TO_TRACE: _CHECK_PEP_523 (0, target=21, operand0=0, operand1=0)
23 ADD_TO_TRACE: _CHECK_FUNCTION_VERSION (0, target=21, operand0=0x2cb, operand1=0)
24 ADD_TO_TRACE: _CHECK_FUNCTION_EXACT_ARGS (0, target=21, operand0=0, operand1=0)
25 ADD_TO_TRACE: _CHECK_STACK_SPACE (0, target=21, operand0=0, operand1=0)
26 ADD_TO_TRACE: _CHECK_RECURSION_REMAINING (0, target=21, operand0=0, operand1=0)
27 ADD_TO_TRACE: _INIT_CALL_PY_EXACT_ARGS (0, target=21, operand0=0, operand1=0)
28 ADD_TO_TRACE: _SAVE_RETURN_OFFSET (4, target=21, operand0=0, operand1=0)
Function: version=0x2cb; new_func=0x7ffff7a4a8d0, new_code=0x7ffff7b93940
29 ADD_TO_TRACE: _PUSH_FRAME (0, target=21, operand0=0x7ffff7a4a8d0, operand1=0)
Continuing in interact (/home/fusil/runs/python-555/code-cpu_load-assertion/source2.py:3) at byte offset 0
0: RESUME_CHECK(0)
30 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=0, operand0=0, operand1=0)
31 ADD_TO_TRACE: _SET_IP (0, target=0, operand0=0x7ffff7b93a10, operand1=0)
32 ADD_TO_TRACE: _RESUME_CHECK (0, target=0, operand0=0, operand1=0)
1: LOAD_CONST(0)
33 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=1, operand0=0, operand1=0)
34 ADD_TO_TRACE: _SET_IP (0, target=1, operand0=0x7ffff7b93a12, operand1=0)
35 ADD_TO_TRACE: _LOAD_CONST (0, target=1, operand0=0, operand1=0)
2: LOAD_GLOBAL_MODULE(0)
36 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=2, operand0=0, operand1=0)
37 ADD_TO_TRACE: _SET_IP (0, target=2, operand0=0x7ffff7b93a14, operand1=0)
38 ADD_TO_TRACE: _NOP (0, target=2, operand0=0, operand1=0)
39 ADD_TO_TRACE: _LOAD_GLOBAL_MODULE (0, target=2, operand0=0x2c, operand1=0)
40 ADD_TO_TRACE: _PUSH_NULL_CONDITIONAL (0, target=2, operand0=0, operand1=0)
7: STORE_ATTR(1)
41 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=7, operand0=0, operand1=0)
42 ADD_TO_TRACE: _SET_IP (0, target=7, operand0=0x7ffff7b93a1e, operand1=0)
43 ADD_TO_TRACE: _STORE_ATTR (1, target=7, operand0=0, operand1=0, error_target=0)
12: LOAD_GLOBAL_MODULE(0)
44 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=12, operand0=0, operand1=0)
45 ADD_TO_TRACE: _SET_IP (0, target=12, operand0=0x7ffff7b93a28, operand1=0)
46 ADD_TO_TRACE: _NOP (0, target=12, operand0=0, operand1=0)
47 ADD_TO_TRACE: _LOAD_GLOBAL_MODULE (0, target=12, operand0=0x2c, operand1=0)
48 ADD_TO_TRACE: _PUSH_NULL_CONDITIONAL (0, target=12, operand0=0, operand1=0)
17: LOAD_ATTR_MODULE(2)
49 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=17, operand0=0, operand1=0)
50 ADD_TO_TRACE: _SET_IP (0, target=17, operand0=0x7ffff7b93a32, operand1=0)
51 ADD_TO_TRACE: _LOAD_ATTR_MODULE (2, target=17, operand0=0x2e, operand1=0)
52 ADD_TO_TRACE: _PUSH_NULL_CONDITIONAL (2, target=17, operand0=0, operand1=0)
27: STORE_FAST(0)
53 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=27, operand0=0, operand1=0)
54 ADD_TO_TRACE: _SET_IP (0, target=27, operand0=0x7ffff7b93a46, operand1=0)
55 ADD_TO_TRACE: _STORE_FAST (0, target=27, operand0=0, operand1=0)
28: LOAD_GLOBAL_MODULE(0)
56 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=28, operand0=0, operand1=0)
57 ADD_TO_TRACE: _SET_IP (0, target=28, operand0=0x7ffff7b93a48, operand1=0)
58 ADD_TO_TRACE: _NOP (0, target=28, operand0=0, operand1=0)
59 ADD_TO_TRACE: _LOAD_GLOBAL_MODULE (0, target=28, operand0=0x2c, operand1=0)
60 ADD_TO_TRACE: _PUSH_NULL_CONDITIONAL (0, target=28, operand0=0, operand1=0)
33: DELETE_ATTR(1)
61 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=33, operand0=0, operand1=0)
62 ADD_TO_TRACE: _SET_IP (0, target=33, operand0=0x7ffff7b93a52, operand1=0)
63 ADD_TO_TRACE: _DELETE_ATTR (1, target=33, operand0=0, operand1=0, error_target=0)
34: LOAD_CONST(0)
64 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=34, operand0=0, operand1=0)
65 ADD_TO_TRACE: _SET_IP (0, target=34, operand0=0x7ffff7b93a54, operand1=0)
66 ADD_TO_TRACE: _LOAD_CONST (0, target=34, operand0=0, operand1=0)
35: RETURN_VALUE(0)
67 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=35, operand0=0, operand1=0)
68 ADD_TO_TRACE: _SET_IP (0, target=35, operand0=0x7ffff7b93a56, operand1=0)
69 ADD_TO_TRACE: _RETURN_VALUE (0, target=35, operand0=0x7ffff7a4a750, operand1=0)
Returning to <module> (/home/fusil/runs/python-555/code-cpu_load-assertion/source2.py:1) at byte offset 50
25: POP_TOP(0)
70 ADD_TO_TRACE: _CHECK_VALIDITY (0, target=25, operand0=0, operand1=0)
71 ADD_TO_TRACE: _SET_IP (0, target=25, operand0=0x7ffff7a7e742, operand1=0)
72 ADD_TO_TRACE: _POP_TOP (0, target=25, operand0=0, operand1=0)
73 ADD_TO_TRACE: _JUMP_TO_TOP (0, target=0, operand0=0, operand1=0)
Created a proto-trace for <module> (/home/fusil/runs/python-555/code-cpu_load-assertion/source2.py:1) at byte offset 52 -- length 73
Output from PYTHON_OPT_DEBUG=4
0 abs: _START_EXECUTOR (0, target=26, operand0=0x7f167283ad34, operand1=0) stack_level 2
1 abs: _MAKE_WARM (0, target=0, operand0=0, operand1=0) stack_level 2
2 abs: _CHECK_VALIDITY (0, target=26, operand0=0, operand1=0) stack_level 2
3 abs: _SET_IP (0, target=26, operand0=0x7f167283ad34, operand1=0) stack_level 2
4 abs: _CHECK_PERIODIC (0, target=26, operand0=0, operand1=0, error_target=0) stack_level 2
5 abs: _CHECK_VALIDITY (0, target=16, operand0=0, operand1=0) stack_level 2
6 abs: _SET_IP (0, target=16, operand0=0x7f167283ad20, operand1=0) stack_level 2
7 abs: _ITER_CHECK_RANGE (10, target=16, operand0=0, operand1=0) stack_level 2
8 abs: _GUARD_NOT_EXHAUSTED_RANGE (10, target=16, operand0=0, operand1=0) stack_level 2
9 abs: _ITER_NEXT_RANGE (10, target=16, operand0=0, operand1=0, error_target=0) stack_level 3
10 abs: _CHECK_VALIDITY (0, target=18, operand0=0, operand1=0) stack_level 3
11 abs: _SET_IP (0, target=18, operand0=0x7f167283ad24, operand1=0) stack_level 3
12 abs: _STORE_NAME (3, target=18, operand0=0, operand1=0, error_target=0) stack_level 2
13 abs: _CHECK_VALIDITY (0, target=19, operand0=0, operand1=0) stack_level 2
14 abs: _SET_IP (0, target=19, operand0=0x7f167283ad26, operand1=0) stack_level 2
15 abs: _LOAD_NAME (1, target=19, operand0=0, operand1=0, error_target=0) stack_level 3
16 abs: _CHECK_VALIDITY (0, target=20, operand0=0, operand1=0) stack_level 3
17 abs: _SET_IP (0, target=20, operand0=0x7f167283ad28, operand1=0) stack_level 3
18 abs: _PUSH_NULL (0, target=20, operand0=0, operand1=0) stack_level 4
19 abs: _CHECK_VALIDITY (0, target=21, operand0=0, operand1=0) stack_level 4
20 abs: _SET_IP (0, target=21, operand0=0x7f167283ad2a, operand1=0) stack_level 4
21 abs: _CHECK_PEP_523 (0, target=21, operand0=0, operand1=0) stack_level 4
22 abs: _CHECK_FUNCTION_VERSION (0, target=21, operand0=0x760, operand1=0) stack_level 4
23 abs: _CHECK_FUNCTION_EXACT_ARGS (0, target=21, operand0=0, operand1=0) stack_level 4
24 abs: _CHECK_STACK_SPACE (0, target=21, operand0=0, operand1=0x7ffda9a1bf20) stack_level 4
25 abs: _CHECK_RECURSION_REMAINING (0, target=21, operand0=0, operand1=0x56468d06ff63) stack_level 4
26 abs: _INIT_CALL_PY_EXACT_ARGS (0, target=21, operand0=0, operand1=0x3c) func=0x7f16728068d0 code=0x7f1672953940 stack_level 3
27 abs: _SAVE_RETURN_OFFSET (4, target=21, operand0=0, operand1=0x56468d081cef) stack_level 3
28 abs: _PUSH_FRAME (0, target=21, operand0=0x7f16728068d0, operand1=0x56468d620878) stack_level 0
29 abs: _CHECK_VALIDITY (0, target=0, operand0=0, operand1=0x56468cff61e1) stack_level 0
30 abs: _SET_IP (0, target=0, operand0=0x7f1672953a10, operand1=0) stack_level 0
31 abs: _RESUME_CHECK (0, target=0, operand0=0, operand1=0) stack_level 0
32 abs: _CHECK_VALIDITY (0, target=1, operand0=0, operand1=0) stack_level 0
33 abs: _SET_IP (0, target=1, operand0=0x7f1672953a12, operand1=0) stack_level 0
34 abs: _LOAD_CONST (0, target=1, operand0=0, operand1=0) stack_level 1
35 abs: _CHECK_VALIDITY (0, target=2, operand0=0, operand1=0) stack_level 1
36 abs: _SET_IP (0, target=2, operand0=0x7f1672953a14, operand1=0) stack_level 1
37 abs: _CHECK_FUNCTION (0, target=2, operand0=0x760, operand1=0) stack_level 1
38 abs: _LOAD_CONST_INLINE (0, target=2, operand0=0x7f1672884bf0, operand1=0x8) stack_level 2
39 abs: _PUSH_NULL_CONDITIONAL (0, target=2, operand0=0, operand1=0) stack_level 2
40 abs: _CHECK_VALIDITY (0, target=7, operand0=0, operand1=0) stack_level 2
41 abs: _SET_IP (0, target=7, operand0=0x7f1672953a1e, operand1=0) stack_level 2
42 abs: _STORE_ATTR (1, target=7, operand0=0, operand1=0, error_target=0) stack_level 0
43 abs: _CHECK_VALIDITY (0, target=12, operand0=0, operand1=0) stack_level 0
44 abs: _SET_IP (0, target=12, operand0=0x7f1672953a28, operand1=0) stack_level 0
45 abs: _NOP (0, target=12, operand0=0, operand1=0) stack_level 0
46 abs: _LOAD_CONST_INLINE (0, target=12, operand0=0x7f1672884bf0, operand1=0x8) stack_level 1
47 abs: _PUSH_NULL_CONDITIONAL (0, target=12, operand0=0, operand1=0) stack_level 1
48 abs: _CHECK_VALIDITY (0, target=17, operand0=0, operand1=0) stack_level 1
49 abs: _SET_IP (0, target=17, operand0=0x7f1672953a32, operand1=0) stack_level 1
Please let me know whether PYTHON_LLTRACE output is useful in JIT issues. Any suggestions about format or content also very welcome :)
Found using fusil by @vstinner.
CPython versions tested on:
CPython main branch
Operating systems tested on:
Linux
Output from running 'python -VV' on the command line:
Python 3.15.0a0 (heads/main:b706ff003c5, Jun 17 2025, 06:07:17) [GCC 11.4.0]