Stan Ulbrych [Sun, 15 Mar 2026 21:46:06 +0000 (21:46 +0000)]
gh-145986: Avoid unbound C recursion in `conv_content_model` in `pyexpat.c` (CVE 2026-4224) (#145987)
Fix C stack overflow (CVE-2026-4224) when an Expat parser
with a registered `ElementDeclHandler` parses inline DTD
containing deeply nested content model.
the lazy imports PEP initial implementation (3.15 alpha) inadvertently incremented the length of the sys.flags tuple. In a way that did not do anything useful or related to the lazy imports setting (it exposed sys.flags.gil in the tuple). This fixes that to hard code the length to the 3.13 & 3.14 released length of 18 and have our tests and code comments make it clear that we've since stopped making new sys.flags attributes available via sequence index.
Serhiy Storchaka [Fri, 13 Mar 2026 11:05:41 +0000 (13:05 +0200)]
gh-145850: Change some implementation details in struct.Struct (GH-145851)
* calling it with non-ASCII string format will now raise a ValueError
instead of UnicodeEncodeError
* calling it with non-ASCII bytes format will now raise a ValueError
instead of struct.error
* getting the format attribute of uninitialized object will now raise
an AttributeError instead of RuntimeError.
Victor Stinner [Thu, 12 Mar 2026 22:48:51 +0000 (23:48 +0100)]
gh-145801: Use gcc -fprofile-update=atomic for PGO builds (#145802)
When Python build is optimized with GCC using PGO, use
-fprofile-update=atomic option to use atomic operations when updating
profile information. This option reduces the risk of gcov Data Files
(.gcda) corruption which can cause random GCC crashes.
Charlie Lin [Thu, 12 Mar 2026 16:56:07 +0000 (12:56 -0400)]
gh-145717: Add a few Microsoft-specific MIME types, and synchronize between `mimetypes` module and tests (#145718)
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com> Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com> Co-authored-by: Petr Viktorin <encukou@gmail.com>
Thomas Kowalski [Thu, 12 Mar 2026 13:27:07 +0000 (14:27 +0100)]
gh-145681: do not deallocate list buffer in `_PyList_AsTupleAndClear` (GH-145680)
Setting the size to 0 turns the list contents into overallocated memory that the deallocator will free.
Ownership is transferred to the new tuple so no refcount adjustment is needed.
Serhiy Storchaka [Thu, 12 Mar 2026 07:44:11 +0000 (09:44 +0200)]
gh-143715: Deprecate incomplete initialization of struct.Struct() (GH-145580)
* Struct.__new__() will require a mandatory argument (format)
* Calls of __init__() method with a different format argument on initialized
Struct are deprecated
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Shrey Naithani [Wed, 11 Mar 2026 12:08:48 +0000 (17:38 +0530)]
gh-145587: fix busy loop in multiprocessing.connection.wait on Windows (GH-145597)
Ensure wait() blocks for the specified timeout when object_list is empty, preventing 100% CPU usage. This aligns the Windows behavior with the Unix implementation.
Co-authored-by: AN Long <aisk@users.noreply.github.com>
gh-145633: Remove support for ancient ARM platforms with mixed-endian doubles (#145634)
* Drop DOUBLE_IS_ARM_MIXED_ENDIAN_IEEE754 macro.
* Use DOUBLE_IS_BIG/LITTLE_ENDIAN_IEEE754 to detect endianness of
float/doubles.
* Drop "unknown_format" code path in PyFloat_Pack/Unpack*().
Co-authored-by: Victor Stinner <vstinner@python.org>
Previously, component-wise relative error bound was tested. However,
such bound can't exist already for complex multiplication as one can be
used to perform subtraction of floating-point numbers, e.g. x and y for
z0=1+1j and z1=x+yj.
```pycon
>>> x, y = 1e-9+1j, 1+1j
>>> a = x*y*y.conjugate()/2;a
(1.0000000272292198e-09+1j)
>>> b = x*(y*y.conjugate()/2);b
(1e-09+1j)
>>> b == x
True
>>> (a.real-b.real)/math.ulp(b.real) 131672427.0
```
Farhan Saif [Tue, 10 Mar 2026 16:23:39 +0000 (11:23 -0500)]
gh-125053: Document that ob_mutex must only be used via critical section API (#144599)
Add a warning in the free-threading extensions howto explaining that
PyObject.ob_mutex is reserved for the critical section API and must not
be locked directly with PyMutex_Lock, as this can cause deadlocks.
Extension authors who need their own lock should add a separate PyMutex
field to their object struct.
Also add an ob_mutex member entry under PyObject in the C API reference
(Doc/c-api/structures.rst) with a cross-reference to the howto.
Co-authored-by: Victor Stinner <vstinner@python.org>
Sam Gross [Mon, 9 Mar 2026 22:41:07 +0000 (18:41 -0400)]
gh-145685: Stop the world when updating MRO of existing types (gh-145707)
We already have a stop-the-world pause elsewhere in this code path
(type_set_bases) and this makes will make it easier to avoid contention
on the TYPE_LOCK when looking up names in the MRO hierarchy.
Also use deferred reference counting for non-immortal MROs.
Sam Gross [Mon, 9 Mar 2026 17:24:34 +0000 (13:24 -0400)]
gh-145615: Fix mimalloc page leak in the free-threaded build (gh-145626)
Fix three issues that caused mimalloc pages to be leaked until the
owning thread exited:
1. In _PyMem_mi_page_maybe_free(), move pages out of the full queue
when relying on QSBR to defer freeing the page. Pages in the full
queue are never searched by mi_page_queue_find_free_ex(), so a page
left there is unusable for allocations.
2. Move _PyMem_mi_page_clear_qsbr() from _mi_page_free_collect() to
_mi_page_thread_free_collect() where it only fires when all blocks
on the page are free (used == 0). The previous placement was too
broad: it cleared QSBR state whenever local_free was non-NULL, but
_mi_page_free_collect() is called from non-allocation paths (e.g.,
page visiting in mi_heap_visit_blocks) where the page is not being
reused.
3. In _PyMem_mi_page_maybe_free(), use the page's heap tld to find the
correct thread state for QSBR list insertion instead of
PyThreadState_GET(). During stop-the-world pauses, the function may
process pages belonging to other threads, so the current thread
state is not necessarily the owner of the page.
projects / thirdparty / Python / cpython.git / log
