[3.14] gh-148022: Add threat model to remote debugging docs (GH-148024) (#148039)
gh-148022: Add threat model to remote debugging docs (GH-148024)
The remote debugging protocol has been generating spurious
vulnerability reports from automated scanners that pattern-match
on "remote access" and "memory operations" without understanding
the privilege model. This section documents the security boundaries
so reporters can self-triage before submitting.
The threat model clarifies three points: attaching requires the
same OS-level privileges as GDB (ptrace, task_for_pid, or
SeDebugPrivilege), crashes caused by reading corrupted target
process memory are not security issues, and a compromised target
process is out of scope. A subsection explains when operators
should use PYTHON_DISABLE_REMOTE_DEBUG for defence-in-depth.
(cherry picked from commit edab6860a7d6c49b5d5762e1c094aa0261245a9c)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
Sam Gross [Tue, 31 Mar 2026 19:20:24 +0000 (15:20 -0400)]
[3.14] gh-144438: Fix false sharing between QSBR and tlbc_index (gh-144554) (#144923)
Align the QSBR thread state array to a 64-byte cache line boundary
and add padding at the end of _PyThreadStateImpl. Depending on heap
layout, the QSBR array could end up sharing a cache line with a
thread's tlbc_index, causing QSBR quiescent state updates to contend
with reads of tlbc_index in RESUME_CHECK. This is sensitive to
earlier allocations during interpreter init and can appear or
disappear with seemingly unrelated changes.
Either change alone is sufficient to fix the specific issue, but both
are worthwhile to avoid similar problems in the future.
[3.14] gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901) (#147331)
gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901)
The long_from_string_base() might return a small integer, when the
_pylong.py is used to do conversion. Hence, we must be careful here to
not smash it "small int" bit by using the _PyLong_FlipSign().
(cherry picked from commit db5936c5b89aa19e04d63120e0cf5bbc73bf2420)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
The TypeError in _zstd_set_d_parameters incorrectly referred to
compression options; say decompression options instead.
(cherry picked from commit 4d0e8ee649ceff96b130e1676a73c20c469624a9)
[3.14] gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557) (#146622)
gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557)
(cherry picked from commit 2cf6a68f028da164bdb9b0ce8ad2cc9bf8f72750)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
[3.14] gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357) (#146534)
gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357)
Path('') resolves to CWD, so an empty WHEEL_PKG_DIR string caused
ensurepip to search the current working directory for wheel files.
Add a truthiness check to treat empty strings the same as None.
(cherry picked from commit 73cc1fd4f45b4daf2b2f9a6be69148775c7c2bff)
Co-authored-by: Imgyu Kim <kimimgo@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617) (#146464)
gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617)
When Python is running on 32-bit ARM Android on a 64-bit ARM kernel, `os.uname().machine` is `armv8l`. Such devices run the same userspace code as `armv7l` devices, so apply the same `armeabi_v7a` Android ABI to them, which works.
(cherry picked from commit 3a2b81e919103c0be3bc60a47aaa74d34fea6e9e)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
[3.14] gh-146480: Override the exception in _PyErr_SetKeyError() (GH-146486) (#146511)
gh-146480: Override the exception in _PyErr_SetKeyError() (GH-146486)
If _PyErr_SetKeyError() is called with an exception set, it now
replaces the current exception with KeyError (as expected), instead
of setting a SystemError or failing with a fatal error (in debug
mode).
(cherry picked from commit d4153a9f76736128306c4af01776729da846d926)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-146059: Cleanup pickle fast_save_enter() test (GH-146481) (#146509)
gh-146059: Cleanup pickle fast_save_enter() test (GH-146481)
Remove {"key": data}, it's not required to reproduce the bug.
Simplify also deep_nested_struct(): remove the seed parameter.
Fix a typo in a comment.
(cherry picked from commit 0c7a75aeef4dae87f02536ed4c42a57c13ef20e2)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-146498: Ensure binary content is correctly processed in multi-arch iOS XCframeworks (GH-146499) (#146502)
Ensure that multi-arch libpython dylibs aren't copied into the app, and the
standard lib is always found for framework post-processing.
(cherry picked from commit 5684b3a04c6985e48b9a3d5394e3b7878901d6aa)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Modifies the iOS build script so that the clean target is more selective about
what is cleaned, the test target has a valid fallback value for ci mode, and the
cross-build directory can be customised.
(cherry picked from commit ca6dfa0f31132c80aaad40855087c2d931dc2d0f)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
[3.14] gh-144837: Improve documentation for more collection methods (GH-144841) (GH-146483)
Use uniform standard signature syntax in the tutorial and in
the array and collections modules documentation.
(cherry picked from commit 17070f41d4ccf5e82e5841e467b3aef5294f2c9a)
[3.14] gh-146358: Fix warnings.catch_warnings on Free Threading (GH-146374) (#146418)
gh-146358: Fix warnings.catch_warnings on Free Threading (GH-146374)
catch_warnings now also overrides warnings.showwarning() on Free
Threading to support custom warnings.showwarning().
(cherry picked from commit 0055140b2cf3e3a86ef9ab7a39e2083212b27c58)
Co-authored-by: Victor Stinner <vstinner@python.org>
Hood Chatham [Wed, 25 Mar 2026 11:34:43 +0000 (12:34 +0100)]
[3.14] gh-146352: In Emscripten pyrepl test, pick port dynamically (GH-146375) (#146411)
Dynamically allocates the port for the pyrepl browser test, so that multiple
tests can run at the same time. Also allows the pyrepl test to honor the
CROSS_BUILD_DIR environment variable.
(cherry picked from commit 2be147e1e75022d66eecb80b46904ed61a7a574f)
Sam Gross [Wed, 25 Mar 2026 01:42:19 +0000 (21:42 -0400)]
[3.14] gh-146041: Avoid lock in sys.intern() for already interned strings (gh-146072) (#146390)
Fix free-threading scaling bottleneck in sys.intern and `PyObject_SetAttr` by
avoiding the interpreter-wide lock when the string is already interned and
immortalized.
[3.14] gh-146202: Create tmp_dir in regrtest worker (GH-146347) (#146349)
gh-146202: Create tmp_dir in regrtest worker (GH-146347)
Create tmp_dir in libregrtest.worker since the directory can be
different than the --tempdir directory.
(cherry picked from commit bcff99cb3f3b887a08c4f0ace1279ced38dd9e62)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-145870: Fix Format.SOURCE reference in get_annotations docstring (GH-145889) (GH-146036)
The get_annotations() docstring incorrectly referred to the SOURCE
format, which was renamed to STRING during PEP 749 development.
(cherry picked from commit 2a0fa500f82fc160feb726c0631f58c9a2f76796)
Co-authored-by: wavebyrd <160968744+wavebyrd@users.noreply.github.com> Co-authored-by: Carson Jones <carson@Carsons-MacBook-Pro.local>
Serhiy Storchaka [Mon, 23 Mar 2026 23:20:26 +0000 (01:20 +0200)]
[3.14] gh-145264: Do not ignore excess Base64 data after the first padded quad (GH-145267) (GH-146326)
Base64 decoder (see binascii.a2b_base64(), base64.b64decode(), etc)
no longer ignores excess data after the first padded quad in non-strict
(default) mode. Instead, in conformance with RFC 4648, it ignores the
pad character, "=", if it is present before the end of the encoded data.
(cherry picked from commit 4561f6418a691b3e89aef0901f53fe0dfb7f7c0e)
Co-authored-by: Hood Chatham <roberthoodchatham@gmail.com> Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-136672: Docs: Move parts of Enum HOWTO to API Docs (GH-139176) (GH-144802)
To avoid duplicate content in the Enum HOWTO and
API documentation which is not automatically synced,
the section about supported __dunder__ and _sunder
names is moved from HOWTO to API docs.
[3.14] gh-138234: clarify returncode behavior for subprocesses created with `shell=True` (GH-138536) (#146254)
gh-138234: clarify returncode behavior for subprocesses created with `shell=True` (GH-138536)
(cherry picked from commit 8a531f89df8f8bf4c4fe395f9edcdc19852bdf1c)
[3.14] gh-145754: Update signature retrieval in unittest.mock to use forwardref annotation format (GH-145756) (#146191)
gh-145754: Update signature retrieval in unittest.mock to use forwardref annotation format (GH-145756)
(cherry picked from commit d357a7dbf38868844415ec1d5df80379ea5a2326)
[3.14] gh-145177: Add emscripten run --test, uses test args from config.toml (GH-146160) (#146186)
This allows us to change the test arguments from the python repo rather
than having to change buildmaster-config.
(cherry picked from commit 6b5511d66bab0754d1d959cfe98947c536bf4d82)
Co-authored-by: Hood Chatham <roberthoodchatham@gmail.com> Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Adds a standalone target for building all dependencies so that the buildbot
script is independent of a specific dependency list.
(cherry picked from commit db11623694d1231323ee3a9339f7f7504a839478)
[3.14] gh-145177: Put node version into emscripten/config.toml. (GH-146156) (#146159)
Configure node version as part of the emscripten build script, and install
that node version if it isn't available.
(cherry picked from commit 91e1312b950e3a98a9e968da02500db127e06f43)
Sam Gross [Thu, 19 Mar 2026 14:49:12 +0000 (10:49 -0400)]
[3.14] gh-145779: Improve classmethod/staticmethod scaling in free-threaded build (gh-145826) (#146088)
Add special cases for classmethod and staticmethod descriptors in
_PyObject_GetMethodStackRef() to avoid calling tp_descr_get, which
avoids reference count contention on the bound method and underlying
callable. This improves scaling when calling classmethods and
staticmethods from multiple threads.
Also refactor method_vectorcall in classobject.c into a new
_PyObject_VectorcallPrepend() helper so that it can be used by
PyObject_VectorcallMethod as well.
Victor Stinner [Thu, 19 Mar 2026 11:14:33 +0000 (12:14 +0100)]
[3.14] gh-146092: Fix error handling in _BINARY_OP_ADD_FLOAT opcode (#146119)
Fix error handling in _PyFloat_FromDouble_ConsumeInputs() used by
_BINARY_OP_ADD_FLOAT, _BINARY_OP_SUBTRACT_FLOAT and
_BINARY_OP_MULTIPLY_FLOAT opcodes. PyStackRef_FromPyObjectSteal()
must not be called with a NULL pointer.
[3.14] gh-145254: Fix formatting of thread safety annotations (GH-146111) (#146163)
- Add leading space so that the spacing between the previous annotation
and the thread safety annotation looks correct.
- Remove trailing period from the link to the thread safety level.
(cherry picked from commit 580043dfae90331de15cf1504d09e2c7216182a6)
Provides a `run` command in the Emscripten build tooling, and adds
environment variable configuration for EMSDK_CACHE, CROSS_BUILD_DIR
and QUIET.
(cherry picked from commit abd5246305655fc09e4e3c668c8ca09a1b0fc638)
[3.14] gh-142183: Cache one datachunk per tstate to prevent alloc/dealloc thrashing (GH-145789) (#145828)
Cache one datachunk per tstate to prevent alloc/dealloc thrashing when repeatedly hitting the same call depth at exactly the wrong boundary.
Move new _ts member to the end to not mess up remote debuggers' ideas of the
struct's layout. (The struct is only created by the runtime, and the new
field only used by the runtime, so it should be safe.)
(cherry picked from commit 706fd4ec08acbf1b1def3630017ebe55d224adfa) Co-authored-by: T. Wouters <thomas@python.org> Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
Serhiy Storchaka [Tue, 17 Mar 2026 10:55:15 +0000 (12:55 +0200)]
[3.14] gh-144545: Improve handling of default values in Argument Clinic (GH-146016) (GH-146052)
* Add the c_init_default attribute which is used to initialize the C variable
if the default is not explicitly provided.
* Add the c_default_init() method which is used to derive c_default from
default if c_default is not explicitly provided.
* Explicit c_default and py_default are now almost always have precedence
over the generated value.
* Add support for bytes literals as default values.
* Improve support for str literals as default values (support non-ASCII
and non-printable characters and special characters like backslash or quotes).
* Fix support for str and bytes literals containing trigraphs, "/*" and "*/".
* Improve support for default values in converters "char" and "int(accept={str})".
* Converter "int(accept={str})" now requires 1-character string instead of
integer as default value.
* Add support for non-None default values in converter "Py_buffer": NULL,
str and bytes literals.
* Improve error handling for invalid default values.
* Rename Null to NullType for consistency.
(cherry picked from commit 99e2c5eccd2b83ac955125522a952a4ff5c7eb43)
projects / thirdparty / Python / cpython.git / log
