Steve Stagg [Tue, 30 Jun 2026 10:57:28 +0000 (11:57 +0100)]
gh-152635: Raise MemoryError when the lock allocation fails in `_interpchannels.create()` (#152642)
Previously, an allocation failure when creating
the lock for a channel in `_interpchannels` would trigger an assert.
Caused by `handle_channel_error` being passed an error code of -1
which is only allowed if an exception has been set.
(in this case, no exception was set)
`channelsmod_create` now forwards the error code from `channel_create`
which `handle_channel_error` already handled.
Serhiy Storchaka [Tue, 30 Jun 2026 09:19:43 +0000 (12:19 +0300)]
gh-50966: Fix unbounded recursion in turtle drag handlers (GH-152626)
TurtleScreenBase._update() redraws with cv.update(), which also reprocesses
input events, so a handler that moves the turtle (such as
screen.ondrag(turtle.goto)) reenters _update() for every queued event until
the interpreter crashes. A reentrant _update() now only flushes drawing with
update_idletasks().
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Tue, 30 Jun 2026 09:09:09 +0000 (12:09 +0300)]
gh-152325: Gate curses.has_mouse() on the ncurses patch level (GH-152652)
has_mouse() was added to ncurses after the 5.7 release, but the binding
guarded it only with NCURSES_MOUSE_VERSION, which 5.7 already defines, so
the module failed to compile against ncurses 5.7 (such as the system
curses on macOS). Gate it additionally on NCURSES_EXT_FUNCS, which holds
the library's patch date.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
xzkdeng [Tue, 30 Jun 2026 09:08:39 +0000 (17:08 +0800)]
gh-133510: Add links to more info for the match statement in FAQ anwser (#133511)
Co-authored-by: sobolevn <mail@sobolevn.me> Co-authored-by: Adam Turner <9087854+AA-Turner@users.noreply.github.com> Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com> Co-authored-by: Stan Ulbrych <stan@python.org>
Gregory P. Smith [Tue, 30 Jun 2026 00:05:02 +0000 (17:05 -0700)]
gh-146219: Document reusing a thread state across repeated foreign-thread calls (GH-146221)
* Document reusing a thread state across repeated foreign-thread calls
Add a subsection under "Non-Python created threads" explaining the
performance cost of creating/destroying a PyThreadState on every
Ensure/Release cycle and showing how to keep one alive for the
thread's lifetime instead.
* add a comma
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
---------
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
Serhiy Storchaka [Mon, 29 Jun 2026 20:49:19 +0000 (23:49 +0300)]
gh-103878: Return a consistent empty value from cancelled file dialogs (GH-152435)
On cancellation Tcl may report the empty result as '', () or b'' depending
on the platform and Tk version. Normalize it so that askopenfilename(),
asksaveasfilename() and askdirectory() always return '' and
askopenfilenames() always returns ().
Open._fixresult() now distinguishes single from multiple results by the
'multiple' option rather than the result type.
Co-authored-by: Christopher Chavez <chrischavez@gmx.us> Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Mon, 29 Jun 2026 15:30:23 +0000 (18:30 +0300)]
gh-69134: Wait until mapped in keyboard virtual-event tests (GH-152599)
test_virtual_events and test_selection_event generate key events after
focus_force(). On Windows these are only delivered once the toplevel is
mapped, so they could be dropped and the test fail. Wait until the
widget is mapped, as the other GUI tests already do.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Mon, 29 Jun 2026 14:11:03 +0000 (17:11 +0300)]
gh-152587: Make name and value required in tkinter variable methods (GH-152595)
The name parameter of Misc.wait_variable(), setvar() and getvar() and the
value parameter of setvar() no longer have default values, which were not
meaningful ('PY_VAR' and '1').
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The name parameter of Misc.wait_variable(), setvar() and getvar() and the
value parameter of setvar() should not be optional. Their default values
('PY_VAR' and '1') are not meaningful and should not be advertised.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Mon, 29 Jun 2026 13:15:02 +0000 (16:15 +0300)]
gh-152584: Reorganize the curses documentation into topic subsections (GH-152583)
Reorganize the curses documentation into topic subsections
Group the module-level functions, window methods and constants by topic
instead of presenting them as flat alphabetical lists, following the
categories used by the ncurses manual pages.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Mon, 29 Jun 2026 12:06:47 +0000 (15:06 +0300)]
gh-152503: Fix garbage text from curses wide-character cell reads (GH-152505)
window.in_wch(), window.in_wchstr() and window.getbkgrnd() read a cell
into an uninitialized cchar_t, relying on the curses library to leave the
text NUL-terminated -- which ncurses does but X/Open does not require, so
some libraries (such as NetBSD curses) returned uninitialized bytes as
wide characters. Zero-initialize the cell buffers before the read and
default the getcchar() output to an empty string.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Mon, 29 Jun 2026 12:02:12 +0000 (15:02 +0300)]
gh-152502: Detect optional curses functions with configure probes (GH-152504)
Some curses functions were called unconditionally or gated only by the
ncurses-specific NCURSES_EXT_FUNCS macro, which broke building the module
against other curses implementations (narrow ncurses, NetBSD curses) even
when they provided the function. Detect each with a configure capability
probe and gate on HAVE_CURSES_*.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Gregory P. Smith [Mon, 29 Jun 2026 08:11:14 +0000 (01:11 -0700)]
gh-110357: hashlib no longer logs at import when a guaranteed hash is unavailable (GH-152538)
When a normally-guaranteed hash algorithm cannot be constructed at import time
(e.g. an OpenSSL FIPS configuration excludes it from the default provider, or
the build used --without-builtin-hashlib-hashes), importing hashlib emitted an
"ERROR:root:hash algorithm ... will not be supported at runtime" message to
stderr. For the many programs that never use the missing algorithm this is
pure noise. Worse, logging.error() lazily calls logging.basicConfig(), which
mutates the root logger's handlers -- a global side effect that the test suite
flags as an altered execution environment.
Stop logging in that path. Code that actually uses a missing algorithm still
gets a clear ValueError from the stub constructor installed in its place.
The stray output has shown up incidentally in FIPS / "No Builtin Hashes"
buildbot reports for years (e.g. gh-110357, gh-76902) without being the
reported subject.
Gregory P. Smith [Mon, 29 Jun 2026 02:04:10 +0000 (19:04 -0700)]
gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation (GH-151573)
* gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation
OrderedDict.copy() walks the internal linked list while building the new
dict. The loop body can run arbitrary Python (a key's __eq__/__hash__, or
a subclass __getitem__/__setitem__) which can clear the source dict and
free the nodes being iterated.
Detect this the same way OrderedDict.__eq__ already does (gh-119004):
snapshot od_state before the loop, hold a strong reference to the key and
read the hash before any reentrant call, and raise RuntimeError if the
state changed before advancing to the next node.
Gregory P. Smith [Mon, 29 Jun 2026 00:27:15 +0000 (17:27 -0700)]
gh-151416: fix a borrowed ref potential use after free via fspath in os.spawnv/spawnve (GH-151417)
* gh-151416: Fix use-after-free in os.spawnv/spawnve when __fspath__ mutates argv
The argv conversion loops passed references borrowed from the argv list
into fsconvert_strdup(). An item's __fspath__() can mutate the list and
release its reference to the item, leaving the converter operating on a
freed object. A shrunk list could also make PyList_GetItem() return
NULL, which PyUnicode_FS{Converter,Decoder}() treat as a request to
release an uninitialized output variable.
Hold a strong reference to each item across the conversion, matching
parse_arglist() and parse_envlist().
* gh-151416: Don't mask non-TypeError argv conversion errors in os.spawnv
os.spawnv() replaced any error raised during argv item conversion,
such as MemoryError, codec errors, or the embedded-null ValueError,
with a generic TypeError. Only add the contextual message when the
conversion actually raised TypeError, matching how os.spawnve() and
the exec functions propagate these errors.
The test is gated to the native C spawnv: the Python fallback used
elsewhere reports conversion failures from the forked child as exit
status 127 instead of raising.
Gregory P. Smith [Sun, 28 Jun 2026 19:06:41 +0000 (12:06 -0700)]
gh-150743: Limit trailer lines and interim responses read by http.client (GH-150741)
http.client read chunked-response trailer lines and skipped interim (1xx)
responses in unbounded loops, so a server streaming either forever would
hang the client even with a socket timeout set (data keeps arriving, so
the timeout never fires).
Trailer lines are now limited to max_response_headers (100 by default)
and interim responses to 100; HTTPException is raised past either limit.
Follow-up to gh-88188 for CVE-2021-3737, which bounded header lines
within an interim response but not these two sibling loops.
---
This issue was reported to us via [GHSA-w4q2-g22w-6fr4](https://github.com/python/cpython/security/advisories/GHSA-w4q2-g22w-6fr4) and was determined not to be high enough severity to handle privately.
Serhiy Storchaka [Sun, 28 Jun 2026 17:11:47 +0000 (20:11 +0300)]
gh-69134: Harden tkinter GUI tests that depend on a mapped widget (GH-152499)
Add wait_until_mapped() and AbstractTkTest.require_mapped() to
test_tkinter.support and use them to guard the assertions that need a
widget to be actually mapped (winfo_width(), identify(), coords(), ...).
This avoids intermittent failures under window managers that do not map
the widget promptly, without skipping the unrelated checks.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 16:30:04 +0000 (19:30 +0300)]
gh-110904: Recommend windows-curses in the curses HOWTO (GH-152491)
The HOWTO pointed at UniCurses, which is unmaintained and exposes its own
API. windows-curses provides the standard curses interface on Windows, so
existing code runs unchanged.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 16:14:27 +0000 (19:14 +0300)]
gh-78335: Complete the widget option lists in tkinter docstrings (GH-152485)
Several widget __init__ docstrings omitted valid options, and Menubutton and
Message had no option list at all. List every option supported by the widget,
tagging those added in Tk 9.0 and 9.1.
Add test_options_in_docstring, asserting that every option in OPTIONS is named
in the widget's __init__ docstring. Options reported by keys() but not in the
docstring are only printed in verbose mode, as some depend on the Tk version.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 14:09:03 +0000 (17:09 +0300)]
gh-152325: Add curses.has_mouse() and curses.window.mouse_trafo() (GH-152484)
has_mouse() reports whether the mouse driver was successfully initialized.
window.mouse_trafo(y, x, to_screen) converts a coordinate pair between
window-relative and screen-relative coordinates, returning the (y, x) pair or
None if it lies outside the window. Together these complete the curses mouse
interface.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 14:03:22 +0000 (17:03 +0300)]
gh-87881: Document the result of curses inch() and getbkgd() (GH-152488)
Explain the character/attribute bit layout and how to extract the parts
(A_CHARTEXT and A_ATTRIBUTES bit-masks, pair_number() for the color pair),
or use in_wch() to get a complexchar.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 12:49:28 +0000 (15:49 +0300)]
gh-133031: Support the full Unicode range in curses.textpad.Textbox (GH-152482)
Read input with get_wch() and the window back with in_wch(), so combining
characters and characters outside the locale encoding now work where curses has
wide-character support.
edit() passes non-ASCII characters to validate() as strings, keeping ASCII and
key codes as integers so existing validators keep working.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 09:35:37 +0000 (12:35 +0300)]
gh-152470: Make wide-character curses functions work on a narrow build (GH-152476)
curses.window.get_wch, curses.window.get_wstr, curses.unget_wch,
curses.erasewchar, curses.killwchar and curses.wunctrl now also work when
Python is built against a non-wide curses library, on an 8-bit locale, where
each character is a single byte in the relevant encoding. curses.ungetch now
also accepts a one-character string, like curses.unget_wch.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 05:22:43 +0000 (08:22 +0300)]
gh-152233: Make the curses cell API work without ncursesw (ПР-152466)
Back complexchar, complexstr and the cell read methods (in_wch,
in_wchstr, in_wstr, getbkgrnd) with a chtype instead of a cchar_t when
ncursesw is absent, so the same code works on both builds. A narrow
build is limited to one character per cell, encodable as a single byte in
the window's encoding (8-bit locales), with the color pair limited to the
color_pair() range.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sun, 28 Jun 2026 05:14:33 +0000 (08:14 +0300)]
gh-133031: Support non-ASCII characters in curses.textpad.Textbox (GH-152451)
Textbox mangled non-ASCII characters of an 8-bit locale encoding: it masked
reads with curses.ascii.ascii(), which clears the 8th bit, and tested input
with curses.ascii.isprint(), which rejects bytes above 127.
Decode cells and input bytes with the window's encoding instead. Cells are
read with instr() and the lower-right cell is written as text, since inch() and
insch() with an int byte mishandle a non-ASCII character on a wide build. This
uses only the byte-oriented curses API, so it works without wide-character
support.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 21:26:11 +0000 (00:26 +0300)]
gh-83274: Don't crash when a Tcl interpreter is deallocated in the wrong thread (GH-152323)
Deallocating the interpreter from a thread other than the one it was created
in ran Tcl_DeleteInterp() there, which makes Tcl abort the process
("Tcl_AsyncDelete: async handler deleted by the wrong thread").
Tkapp_Dealloc() now leaks the interpreter in that case and reports a
RuntimeWarning instead.
Co-Authored-By: E. Paine <63801254+E-Paine@users.noreply.github.com> Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 19:16:32 +0000 (22:16 +0300)]
gh-152415: Exercise curses non-ASCII tests under 8-bit locale encodings (GH-152416)
The non-ASCII tests only exercised what the runner's locale could encode (in
practice UTF-8). Add 8-bit-encoding cases to the character and string I/O
tests, each guarded by the existing encodability check: ASCII, a character
common to the Latin encodings ('é'), and ones distinctive to a single encoding
(byte 0xA4 is '¤' in ISO-8859-1, '€' in ISO-8859-15, 'є' in KOI8-U). Run the
whole suite under different locales to cover them; unrepresentable cases skip.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
* gh-152415: Verify character output round-trips in test_output_character
Read each written character back with in_wch() or instr() rather than
inch(), which on a wide build returns the low byte of the code point
instead of the locale-encoded byte and so mangles a non-ASCII character
of an 8-bit locale. This lets the int-argument cases cover '€'/'є', and
adds matching coverage for the str argument.
insch() with an int byte > 127 is checked only for Latin-1: on a wide
build ncurses winsch stores a printable byte directly as a code point
instead of decoding it through the locale.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
gh-151613: Fix remote debugging frame cache ABA (#151614)
The remote debugging frame cache previously used only the last_profiled_frame address as its cache anchor. If a frame returned and a later frame reused the same _PyInterpreterFrame address, the profiler could accept a stale cache entry and splice parent frames from a different call chain into the current stack.
This adds a last_profiled_frame_seq counter next to last_profiled_frame, increments it when the anchor advances, stores it in frame cache entries, and validates cache hits against both the frame address and the sequence. Cache miss walks now copy stack chunks before storing new cache entries so stored continuations come from a stable snapshot. The new regression test exercises alternating call chains and checks that cached stacks never contain frames from both branches.
Serhiy Storchaka [Sat, 27 Jun 2026 12:42:41 +0000 (15:42 +0300)]
gh-152275: Add integer overflow guards to the curses chtype and color-pair packing path (GH-152303)
curses.color_pair() now raises OverflowError for a pair number too large
to be packed, instead of silently masking it to a different pair.
The attr argument of the character-cell and attribute methods (addch,
addstr, attron, attrset and others) now goes through the checked attr
converter, so an out-of-range or non-integer attribute is rejected rather
than silently truncated.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 11:37:41 +0000 (14:37 +0300)]
gh-70273: Document default class bindings in tkinter (GH-152389)
Note in the Bindings and events section that every widget inherits Tk
class bindings for its standard behavior, where they are documented, and
how to suppress an unwanted one by returning "break" from a callback.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 07:10:11 +0000 (10:10 +0300)]
gh-87904: Report the public module name in curses types and exceptions (GH-152341)
The curses C types and exceptions now set their tp_name to the public
module, so __module__, repr() and help() report curses.window,
curses.complexchar, curses.complexstr, curses.screen, curses.error,
curses.panel.panel and curses.panel.error instead of the underscore
extension modules.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 07:09:07 +0000 (10:09 +0300)]
gh-151678: Add more tests for tkinter.dnd (GH-152362)
Cover the drag cursor, the Motion and ButtonRelease bindings, switching
between targets, the target search up the master chain, dnd_accept()
returning None, and restarting after a drag has finished.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Sat, 27 Jun 2026 07:08:04 +0000 (10:08 +0300)]
gh-71880: Allow editing the last cell in curses.textpad.Textbox (GH-152363)
Textbox.edit() ignored typing in the lower-right cell of the window. It is
now written with insch(), which fills the cell without moving the cursor out
of the window (addch() there raises an error and scrolls a scrollable window).
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 23:00:38 +0000 (02:00 +0300)]
gh-88758: Handle non-tkinter widgets in tkinter focus methods (GH-152337)
focus_get(), focus_displayof(), focus_lastfor() and winfo_containing()
now return None instead of raising KeyError when the focused widget was
not created by tkinter (for example a torn-off menu).
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Add define_key(), key_defined() and keyok(), the ncurses extensions for
managing how control strings are recognized as key codes, beyond the
predefined terminfo keys and the all-or-nothing window.keypad().
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 22:45:30 +0000 (01:45 +0300)]
gh-152260: Fix test_scr_dump() on macOS (GH-152340)
The dump format embeds raw pointers on some platforms, so two dumps of the
same screen are not always byte-identical. Only compare dump files when
the format proves deterministic.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 18:52:10 +0000 (21:52 +0300)]
gh-80937: Fix memory leak in tkinter createcommand (GH-152294)
A command created with createcommand() held a strong reference to the
interpreter, forming an uncollectable cycle (interpreter -> command ->
interpreter) that kept the interpreter and the callback alive until the
command was removed with deletecommand() or destroy(). The command now
borrows the reference; it cannot outlive the interpreter, which deletes its
commands when finalized.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Neil Schemenauer [Fri, 26 Jun 2026 18:20:41 +0000 (11:20 -0700)]
gh-152238: Revert gh-150490 and gh-152200. (gh-152232)
Revert commits:
gh-151593: Fix dead lock in PyDict insert_split_key() (#152200)
gh-150490: Raise PyType_Modified for insertion into split dictionary (#150489)
For gh-150489, it violates locking discipline and results in deadlocks,
gh-151593 is an example of it being hit in CI. The attempted fix
gh-152200 avoids the deadlock but introduces a data-race. The race
window is small but can be triggered with pure Python code.
Serhiy Storchaka [Fri, 26 Jun 2026 16:36:31 +0000 (19:36 +0300)]
gh-152260: Add curses.scr_dump(), scr_restore(), scr_init() and scr_set() (GH-152261)
These module-level functions write the whole virtual screen to a file and
load it back -- the screen-wide counterpart of window.putwin()/getwin().
The filename argument accepts a string or a path-like object.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 15:50:30 +0000 (18:50 +0300)]
gh-151776: Fix test_state_getters on terminals without insert/delete capability (GH-152304)
idcok() and idlok() take effect only when the terminal can insert or
delete characters or lines, so check their getters against the
terminal's capabilities instead of asserting an unconditional round-trip.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 14:28:53 +0000 (17:28 +0300)]
gh-152258: Add curses.window.dupwin() (GH-152259)
dupwin() returns a new window that is an independent duplicate of an existing
one -- same size, position, contents and attributes, but with its own cell
buffer, so changes to one do not affect the other.
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Serhiy Storchaka [Fri, 26 Jun 2026 14:14:43 +0000 (17:14 +0300)]
gh-139145: Fix tkinter event loop in interactive mode (GH-152257)
When a Tcl command running its own event loop (such as vwait or
wait_variable) was active and the user typed input on stdin, the event
loop kept spinning at 100% CPU. The stdin file handler is now removed as
soon as input becomes available.
Also fix gh-139816: an exception raised in a callback no longer stops the
event loop to wait for Enter on a Python built without readline; pending
callbacks keep running until input is actually available on stdin.
Co-authored-by: mdehoon <mjldehoon@yahoo.com> Co-authored-by: Christopher Chavez <chrischavez@gmx.us> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
projects / thirdparty / Python / cpython.git / log
