[3.14] gh-148508: Add resilience to SSL preauth tests on iOS (GH-148536) (#148539)
Adds handling for a test case seen in the iOS SSL tests where an SSL connection fails to
handshake correctly.
(cherry picked from commit c40e8b016a90820e4d799922903b90a505ffaf55)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
[3.14] gh-146139: Disable `socketpair` authentication on WASI (GH-146140) (#148526)
gh-146139: Disable `socketpair` authentication on WASI (GH-146140)
Calling `connect(2)` on a non-blocking socket on WASI may leave the socket in a
"connecting" but not yet "connected" state. In the former case, calling
`getpeername(2)` on it will fail, leading to an unhandled exception in Python.
(cherry picked from commit a5b76d53bb29afd864243f44ef22968f6385dfa0)
Co-authored-by: Joel Dice <joel.dice@akamai.com> Co-authored-by: Victor Stinner <vstinner@python.org> Co-authored-by: Brett Cannon <brett@python.org>
[3.14] gh-148393: Use acquire load for _ma_watcher_tag in dict notify event (gh-148509) (#148512)
The watcher-bits read in _PyDict_NotifyEvent needs to use acquire to
synchronize with the release from PyDict_Watch so that the callback
publication is visible before the callback is invoked.
(cherry picked from commit 19f96f99febe9eadbcc58ffc042791fb017ac90b)
Ensures that the testbed's Gradle configuration uses the cross-build environment
variable, and that variable is passed to Gradle by the cross-build script.
(cherry picked from commit b29afe62f7236f7161c2670dccc24368217a7fb1)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com> Co-authored-by: Malcolm Smith <smith@chaquo.com>
[3.14] tests: use errno.EBADF instead of hardcoded number in _close_file() (GH-148345) (#148410)
tests: use errno.EBADF instead of hardcoded number in _close_file() (GH-148345)
test_interpreters: use errno.EBADF instead of hardcoded number in _close_file()
Replace the hardcoded `9` check in `Lib/test/test_interpreters/utils.py` with `errno.EBADF`.
Using `errno.EBADF` makes the helper portable across platforms with different errno numbering while preserving the intended behavior.
(cherry picked from commit cef334fd4c4c24a542ce81ad940b1426b5a7cdbd)
[3.14] gh-105936: Properly update closure cells for `__setattr__` and `__delattr__` in frozen dataclasses with slots (GH-144021) (#148469)
gh-105936: Properly update closure cells for `__setattr__` and `__delattr__` in frozen dataclasses with slots (GH-144021)
(cherry picked from commit 8a398bfbbc6769f6cabb3177702e7a506e203d61)
[3.14] gh-146313: Fix multiprocessing ResourceTracker deadlock after os.fork() (GH-146316) (#148425)
gh-146313: Fix multiprocessing ResourceTracker deadlock after os.fork() (GH-146316)
`ResourceTracker.__del__` (added in gh-88887 circa Python 3.12) calls
os.waitpid(pid, 0) which blocks indefinitely if a process created via os.fork()
still holds the tracker pipe's write end. The tracker never sees EOF, never
exits, and the parent hangs at interpreter shutdown.
Fix with two layers:
- **At-fork handler.** An os.register_at_fork(after_in_child=...)
handler closes the inherited pipe fd in the child unless a preserve
flag is set. popen_fork.Popen._launch() sets the flag before its
fork so mp.Process(fork) children keep the fd and reuse the parent's
tracker (preserving gh-80849). Raw os.fork() children close the fd,
letting the parent reap promptly.
- **Timeout safety-net.** _stop_locked() gains a wait_timeout
parameter. When called from `__del__`, it polls with WNOHANG using
exponential backoff for up to 1 second instead of blocking
indefinitely. The at-fork handler makes this unreachable in
well-behaved paths; it remains for abnormal shutdowns.
(cherry picked from commit 3a7df632c96eb6c5de12fac08d1da42df9e25334)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com> Co-authored-by: Itamar Oren <itamarost@gmail.com>
[3.14] gh-147965: Add shutdown() to multiprocessing.Queue excluded methods (GH-147970) (#148416)
gh-147965: Add shutdown() to multiprocessing.Queue excluded methods (GH-147970)
The multiprocessing.Queue documentation states it implements all
methods of queue.Queue except task_done() and join(). Since
queue.Queue.shutdown() was added in Python 3.13,
multiprocessing.Queue also does not implement it. Update the docs
to include shutdown() in the list of excluded methods.
(cherry picked from commit 22290ed011a8ac4060390e57f53053ab932fb3f3)
gh-146333: Fix quadratic regex backtracking in configparser option parsing (GH-146399)
Use negative lookahead in option regex to prevent backtracking, and to avoid changing logic outside the regexes (since people could use the regex directly).
(cherry picked from commit 7e0a0be4097f9d29d66fe23f5af86f18a34ed7dd)
[3.14] gh-145105: Fix crash in csv.reader with re-entrant iterator (GH-145106) (#148404)
gh-145105: Fix crash in csv.reader with re-entrant iterator (GH-145106)
When a custom iterator calls next() on the same csv.reader from
within __next__, the inner iteration sets self->fields to NULL.
The outer iteration then crashes in parse_save_field() by passing
NULL to PyList_Append.
Add a guard after PyIter_Next() to detect that fields was set to
NULL by a re-entrant call, and raise csv.Error instead of crashing.
(cherry picked from commit 20994b1809f9c162e4cae01a5af08bd492ede9f9)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
decoded[:-1] only strips one character, leaving a stray \r when eol
is two characters. Fix: decoded[:-len(eol)].
(cherry picked from commit 1a0edb1fa899c067f19b09598b45cdb6e733c4ee)
Co-authored-by: Stefan Zetzsche <120379523+stefanzetzsche@users.noreply.github.com>
[3.14] gh-144503: Pass sys.argv to forkserver as real argv elements (GH-148194) (#148195)
Avoid embedding the parent's sys.argv into the forkserver -c command
string via repr(). When sys.argv is large (e.g. thousands of file
paths from a pre-commit hook), the resulting single argument could
exceed the OS per-argument length limit (MAX_ARG_STRLEN on Linux,
typically 128 KiB), causing posix_spawn to fail and the parent to
observe a BrokenPipeError.
Instead, append the argv entries as separate command-line arguments
after -c; the forkserver child reads them back as sys.argv[1:]. This
cannot exceed any limit the parent itself did not already satisfy.
Pre-create the Android emulator image so that the the configuration can be
modified to use 4GB of RAM.
(cherry picked from commit a95ee3a21d97afdbe6bd2ce4cd8343a36cd13b02)
[3.14] gh-148144: Initialize visited on copied interpreter frames (GH-148143) (#148147)
gh-148144: Initialize visited on copied interpreter frames (GH-148143)
_PyFrame_Copy() copied interpreter frames into generator and
frame-object storage without initializing the visited byte. Incremental
GC later reads frame->visited in mark_stacks() on non-start passes, so
copied frames could expose an uninitialized value once they became live
on a thread stack again.
Reset visited when copying a frame so copied frames start with defined
GC bookkeeping state. Preserve lltrace in Py_DEBUG builds.
(cherry picked from commit fbfc6ccb0abf362a0ecdc02cd0aa2d16c1a4ce44)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
[3.14] gh-146450: Normalise feature set of Android build script with other platform build scripts (GH-146451) (#148065)
Allows for cleaning a subset of targets, customization of the download cache and
cross-build directories, and modifies the build command to allow 'all', 'build'
and 'hosts' targets.
(cherry picked from commit b8470deb5d52f524ae18c6f232fecfc99b133397)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
[3.14] gh-146541: Allow building the Android testbed for 32-bit targets (GH-146542) (#148064)
Allows building the Android testbed for 32-bit targets, adding the target triplets
`arm-linux-androideabi` and `i686-linux-android`.
(cherry picked from commit 848bbe9ff21ae0a3ee412cc25843835ace4f75df)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com> Co-authored-by: Malcolm Smith <smith@chaquo.com>
[3.14] gh-148022: Add threat model to remote debugging docs (GH-148024) (#148039)
gh-148022: Add threat model to remote debugging docs (GH-148024)
The remote debugging protocol has been generating spurious
vulnerability reports from automated scanners that pattern-match
on "remote access" and "memory operations" without understanding
the privilege model. This section documents the security boundaries
so reporters can self-triage before submitting.
The threat model clarifies three points: attaching requires the
same OS-level privileges as GDB (ptrace, task_for_pid, or
SeDebugPrivilege), crashes caused by reading corrupted target
process memory are not security issues, and a compromised target
process is out of scope. A subsection explains when operators
should use PYTHON_DISABLE_REMOTE_DEBUG for defence-in-depth.
(cherry picked from commit edab6860a7d6c49b5d5762e1c094aa0261245a9c)
Co-authored-by: Pablo Galindo Salgado <Pablogsal@gmail.com>
Sam Gross [Tue, 31 Mar 2026 19:20:24 +0000 (15:20 -0400)]
[3.14] gh-144438: Fix false sharing between QSBR and tlbc_index (gh-144554) (#144923)
Align the QSBR thread state array to a 64-byte cache line boundary
and add padding at the end of _PyThreadStateImpl. Depending on heap
layout, the QSBR array could end up sharing a cache line with a
thread's tlbc_index, causing QSBR quiescent state updates to contend
with reads of tlbc_index in RESUME_CHECK. This is sensitive to
earlier allocations during interpreter init and can appear or
disappear with seemingly unrelated changes.
Either change alone is sufficient to fix the specific issue, but both
are worthwhile to avoid similar problems in the future.
[3.14] gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901) (#147331)
gh-143050: Correct PyLong_FromString() to use _PyLong_Negate() (GH-145901)
The long_from_string_base() might return a small integer, when the
_pylong.py is used to do conversion. Hence, we must be careful here to
not smash it "small int" bit by using the _PyLong_FlipSign().
(cherry picked from commit db5936c5b89aa19e04d63120e0cf5bbc73bf2420)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
The TypeError in _zstd_set_d_parameters incorrectly referred to
compression options; say decompression options instead.
(cherry picked from commit 4d0e8ee649ceff96b130e1676a73c20c469624a9)
[3.14] gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557) (#146622)
gh-146556: Fix infinite loop in annotationlib.get_annotations() on circular __wrapped__ (GH-146557)
(cherry picked from commit 2cf6a68f028da164bdb9b0ce8ad2cc9bf8f72750)
Co-authored-by: Ramin Farajpour Cami <ramin.blackhat@gmail.com>
[3.14] gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357) (#146534)
gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357)
Path('') resolves to CWD, so an empty WHEEL_PKG_DIR string caused
ensurepip to search the current working directory for wheel files.
Add a truthiness check to treat empty strings the same as None.
(cherry picked from commit 73cc1fd4f45b4daf2b2f9a6be69148775c7c2bff)
Co-authored-by: Imgyu Kim <kimimgo@gmail.com> Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617) (#146464)
gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617)
When Python is running on 32-bit ARM Android on a 64-bit ARM kernel, `os.uname().machine` is `armv8l`. Such devices run the same userspace code as `armv7l` devices, so apply the same `armeabi_v7a` Android ABI to them, which works.
(cherry picked from commit 3a2b81e919103c0be3bc60a47aaa74d34fea6e9e)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
[3.14] gh-146480: Override the exception in _PyErr_SetKeyError() (GH-146486) (#146511)
gh-146480: Override the exception in _PyErr_SetKeyError() (GH-146486)
If _PyErr_SetKeyError() is called with an exception set, it now
replaces the current exception with KeyError (as expected), instead
of setting a SystemError or failing with a fatal error (in debug
mode).
(cherry picked from commit d4153a9f76736128306c4af01776729da846d926)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-146059: Cleanup pickle fast_save_enter() test (GH-146481) (#146509)
gh-146059: Cleanup pickle fast_save_enter() test (GH-146481)
Remove {"key": data}, it's not required to reproduce the bug.
Simplify also deep_nested_struct(): remove the seed parameter.
Fix a typo in a comment.
(cherry picked from commit 0c7a75aeef4dae87f02536ed4c42a57c13ef20e2)
Co-authored-by: Victor Stinner <vstinner@python.org>
[3.14] gh-146498: Ensure binary content is correctly processed in multi-arch iOS XCframeworks (GH-146499) (#146502)
Ensure that multi-arch libpython dylibs aren't copied into the app, and the
standard lib is always found for framework post-processing.
(cherry picked from commit 5684b3a04c6985e48b9a3d5394e3b7878901d6aa)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Modifies the iOS build script so that the clean target is more selective about
what is cleaned, the test target has a valid fallback value for ci mode, and the
cross-build directory can be customised.
(cherry picked from commit ca6dfa0f31132c80aaad40855087c2d931dc2d0f)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
projects / thirdparty / Python / cpython.git / log
