`PyFrame_LocalsToFast` misbehaving when there is a comprehension with colliding local variable

[kycutler]

Bug report

Bug description:

The following fails in Python 3.12 (but not 3.11 or 3.13):

# Setup: in global scope, use a comprehension with colliding variable name
foo = None
[foo for foo in [0]]

# Repro: assigning to frame.f_locals and then merging to fast works only the first time
import inspect, ctypes
frame = inspect.currentframe()

frame.f_locals['a'] = 1
ctypes.pythonapi.PyFrame_LocalsToFast(ctypes.py_object(frame), ctypes.c_int(0))
print(a)  # 1

frame.f_locals['b'] = 2
ctypes.pythonapi.PyFrame_LocalsToFast(ctypes.py_object(frame), ctypes.c_int(0))
print(b)  # NameError: name 'b' is not defined

This impacts debuggers' ability to assign and evaluate local variables -- see microsoft/debugpy#1849 and microsoft/debugpy#1636.

Possibly related changes:

• gh-105340: include hidden fast-locals in locals() #105715
• gh-108732: include comprehension locals in frame.f_locals #109026

CPython versions tested on:

3.12

Operating systems tested on:

Windows

Linked PRs

• [3.12] gh-130809: Fix PyFrame_LocalsToFast copying the wrong value #130816

[ZeroIntensity]

Hi there! You've discovered the unfortunate truth about f_locals prior to PEP-667. In the reproducer, b isn't even getting set in f_locals:

foo = None
[foo for foo in [0]]

import inspect, ctypes
frame = inspect.currentframe()

frame.f_locals['a'] = 1
print(frame.f_locals['a'])
ctypes.pythonapi.PyFrame_LocalsToFast(ctypes.py_object(frame), ctypes.c_int(0))

frame.f_locals['b'] = 2
print(frame.f_locals['b'])  # KeyError :(

There's probably some way to fix it, but keep in mind that 3.12's final bugfix release is coming up in about a month. I'm not sure we can get this fixed by then, or if it's worth doing at all. (f_locals is notoriously unstable prior to 3.13--we'd probably rather not risk breaking all the existing cases in the last release.)

[gaogaotiantian]

PyFrame_LocalsToFast is an undocumented C API, and people using it should know well about how it works. For example, you are not supposed to call it twice in a frame. Actually, you are not supposed to call it at all, unless you really know what's going on. This is not a bug, the seemingly different behavior compared to 3.11 is due to PEP 709 - which could potentially introduce "local" variables in global scope. If you put the whole thing in local scope (in a function), the behavior would be consistent.

[gaogaotiantian]

Also, the original bug in debugpy is obviously a bug for their debugger. pdb does not have that issue - it can be done, but they are doing it wrong.

[ZeroIntensity]

For example, you are not supposed to call it twice in a frame. Actually, you are not supposed to call it at all, unless you really know what's going on

Ah! There's a reason we got rid of it :)

[kycutler]

Thank you both for the context and quick response!

@gaogaotiantian, I still believe the issue should be considered a bug in Python and not simply misuse by debugpy. Here is a repro that does not utilize the C APIs:

# Setup: in global scope, use a comprehension with colliding variable name
foo = 123
[foo for foo in [0]]

# Import * merges locals to fast internally, triggering the bug. The module here is arbitrary.
from abc import *

# Now modifications to locals (e.g. via exec) do not persist.
exec("b = 1")
print(b) # NameError: name 'b' is not defined

Please consider merging #130816 to fix the issue. I've updated it with a test and blurb as well.

[gaogaotiantian]

No, you can't expect print(b) to work after exec("b = 1") - that's just wrong. If you put it in a function scope, that just doesn't work.