_ast allows smuggling objects across subinterpreters

[encukou]

The _ast module uses global state with heap types, so it is possible to do:

import _xxsubinterpreters
import _ast
_ast.Lambda.smuggled = 'any object'
interp = _xxsubinterpreters.create()
_xxsubinterpreters.run_string(interp, 'import _ast; print(_ast.Lambda.smuggled)')
_xxsubinterpreters.destroy(interp)

(And any object might store any kind of interpreter-specific state.)

See bpo-41631 for some related discussion.

Aside from this particular issue, there's the bigger issue of identifying other cases like this. It's not enough to remove statics; we also need to isolate the dynamics.