GH-151672: `__lazy_import__` always resolves to the module being imported (GH-151827)
(cherry picked from commit 2d0003c0b2)
Co-authored-by: Brandt Bucher <brandt@python.org>
They were read and written using the locale encoding, which could corrupt
non-ASCII paths and made them non-portable.
(cherry picked from commit f6e904e1a6)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
gh-110357: hashlib no longer logs at import when a guaranteed hash is unavailable (GH-152538)
When a normally-guaranteed hash algorithm cannot be constructed at import time
(e.g. an OpenSSL FIPS configuration excludes it from the default provider, or
the build used --without-builtin-hashlib-hashes), importing hashlib emitted an
"ERROR:root:hash algorithm ... will not be supported at runtime" message to
stderr. For the many programs that never use the missing algorithm this is
pure noise. Worse, logging.error() lazily calls logging.basicConfig(), which
mutates the root logger's handlers -- a global side effect that the test suite
flags as an altered execution environment.
Stop logging in that path. Code that actually uses a missing algorithm still
gets a clear ValueError from the stub constructor installed in its place.
The stray output has shown up incidentally in FIPS / "No Builtin Hashes"
buildbot reports for years (e.g. gh-110357, gh-76902) without being the
reported subject.
(cherry picked from commit 8ae1a236fd)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
wm_manage() works only with the classic tkinter Frame, LabelFrame and
Toplevel widgets, not their tkinter.ttk counterparts.
(cherry picked from commit 2670cb062c)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation (GH-151573)
* gh-148660: Fix use-after-free in OrderedDict.copy() on reentrant mutation
OrderedDict.copy() walks the internal linked list while building the new
dict. The loop body can run arbitrary Python (a key's __eq__/__hash__, or
a subclass __getitem__/__setitem__) which can clear the source dict and
free the nodes being iterated.
Detect this the same way OrderedDict.__eq__ already does (gh-119004):
snapshot od_state before the loop, hold a strong reference to the key and
read the hash before any reentrant call, and raise RuntimeError if the
state changed before advancing to the next node.
* gh-148660: fix NEWS nit, suppress undocumented OrderedDict.copy xref
(cherry picked from commit 7d128e319f)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
gh-151416: fix a borrowed ref potential use after free via fspath in os.spawnv/spawnve (GH-151417)
* gh-151416: Fix use-after-free in os.spawnv/spawnve when __fspath__ mutates argv
The argv conversion loops passed references borrowed from the argv list
into fsconvert_strdup(). An item's __fspath__() can mutate the list and
release its reference to the item, leaving the converter operating on a
freed object. A shrunk list could also make PyList_GetItem() return
NULL, which PyUnicode_FS{Converter,Decoder}() treat as a request to
release an uninitialized output variable.
Hold a strong reference to each item across the conversion, matching
parse_arglist() and parse_envlist().
* gh-151416: Don't mask non-TypeError argv conversion errors in os.spawnv
os.spawnv() replaced any error raised during argv item conversion,
such as MemoryError, codec errors, or the embedded-null ValueError,
with a generic TypeError. Only add the contextual message when the
conversion actually raised TypeError, matching how os.spawnve() and
the exec functions propagate these errors.
The test is gated to the native C spawnv: the Python fallback used
elsewhere reports conversion failures from the forked child as exit
status 127 instead of raising.
(cherry picked from commit f57d3d6db3)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
gh-150743: Limit trailer lines and interim responses read by http.client (GH-150741)
http.client read chunked-response trailer lines and skipped interim (1xx)
responses in unbounded loops, so a server streaming either forever would
hang the client even with a socket timeout set (data keeps arriving, so
the timeout never fires).
Trailer lines are now limited to max_response_headers (100 by default)
and interim responses to 100; HTTPException is raised past either limit.
Follow-up to gh-88188 for CVE-2021-3737, which bounded header lines
within an interim response but not these two sibling loops.
(cherry picked from commit 41cc78a7a4)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
---
This issue was reported to us via [GHSA-w4q2-g22w-6fr4](https://github.com/python/cpython/security/advisories/GHSA-w4q2-g22w-6fr4) and was determined not to be high enough severity to handle privately.
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Docs: link to language reference instead of PEP (GH-152462)
(cherry picked from commit 54524ab669)
Co-authored-by: Ned Batchelder <ned@nedbatchelder.com>
Explain the character/attribute bit layout and how to extract the parts
(A_CHARTEXT and A_ATTRIBUTES bit-masks, pair_number() for the color pair).
(cherry picked from commit d831a69076)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Several widget __init__ docstrings omitted valid options, and Menubutton and
Message had no option list at all. List every option supported by the widget,
tagging those added in Tk 9.0 and 9.1.
Add test_options_in_docstring, asserting that every option in OPTIONS is named
in the widget's __init__ docstring. Options reported by keys() but not in the
docstring are only printed in verbose mode, as some depend on the Tk version.
(cherry picked from commit ba0c0e6be1)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The HOWTO pointed at UniCurses, which is unmaintained and exposes its own
API. windows-curses provides the standard curses interface on Windows, so
existing code runs unchanged.
(cherry picked from commit 7b0dff7d16)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
The non-ASCII tests only exercised what the runner's locale could encode (in
practice UTF-8). Add 8-bit-encoding cases to the character and string I/O
tests, each guarded by the existing encodability check: ASCII, a character
common to the Latin encodings ('é'), and ones distinctive to a single encoding
(byte 0xA4 is '¤' in ISO-8859-1, '€' in ISO-8859-15, 'є' in KOI8-U). Run the
whole suite under different locales to cover them; unrepresentable cases skip.
* gh-152415: Verify character output round-trips in test_output_character
Read each written character back with in_wch() or instr() rather than
inch(), which on a wide build returns the low byte of the code point
instead of the locale-encoded byte and so mangles a non-ASCII character
of an 8-bit locale. This lets the int-argument cases cover '€'/'є', and
adds matching coverage for the str argument.
insch() with an int byte > 127 is checked only for Latin-1: on a wide
build ncurses winsch stores a printable byte directly as a code point
instead of decoding it through the locale.
(cherry picked from commit 003d3620cc)
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
gh-151613: Fix remote debugging frame cache ABA (#151614)
The remote debugging frame cache previously used only the last_profiled_frame address as its cache anchor. If a frame returned and a later frame reused the same _PyInterpreterFrame address, the profiler could accept a stale cache entry and splice parent frames from a different call chain into the current stack.
This adds a last_profiled_frame_seq counter next to last_profiled_frame, increments it when the anchor advances, stores it in frame cache entries, and validates cache hits against both the frame address and the sequence. Cache miss walks now copy stack chunks before storing new cache entries so stored continuations come from a stable snapshot. The new regression test exercises alternating call chains and checks that cached stacks never contain frames from both branches.
(cherry picked from commit 8cda6ae2f1)
gh-152434: Block --async-aware with --binary (GH-152444)
The binary writer does not currently handle AwaitedInfo samples and
crashes when running in --async-aware mode.
(cherry picked from commit 876c06cab9)
Co-authored-by: László Kiss Kollár <kiss.kollar.laszlo@gmail.com>
gh-151029: Fix sys.remote_exec() unable to find writable memory when libpython replaced on disk (GH-151032)
(cherry picked from commit a69d0fc41e)
Co-authored-by: Łukasz Langa <lukasz@langa.pl>
Co-authored-by: Pablo Galindo <pablogsal@gmail.com>
Note in the Bindings and events section that every widget inherits Tk
class bindings for its standard behavior, where they are documented, and
how to suppress an unwanted one by returning "break" from a callback.
(cherry picked from commit 4fd69ef97a)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Textbox.edit() ignored typing in the lower-right cell of the window. It is
now written with insch(), which fills the cell without moving the cursor out
of the window (addch() there raises an error and scrolls a scrollable window).
(cherry picked from commit 11b394381f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Cover the drag cursor, the Motion and ButtonRelease bindings, switching
between targets, the target search up the master chain, dnd_accept()
returning None, and restarting after a drag has finished.
(cherry picked from commit 389e00f13f)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Map the auto-generated name of a cloned menu (a menu used as a menubar
or a cascade) back to the original widget instead of raising KeyError.
(cherry picked from commit 5c3555bdc5)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
focus_get(), focus_displayof(), focus_lastfor() and winfo_containing()
now return None instead of raising KeyError when the focused widget was
not created by tkinter (for example a torn-off menu).
(cherry picked from commit 5fed5ce85d)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
IDLE: fix dedent() usage in htest (GH-152256)
Fix typos: in GH-112642, initial string concatenation quotes were left when switching to textwrap.dedent().
(cherry picked from commit 74272d4f0b)
Co-authored-by: Inada Naoki <songofacandy@gmail.com>
gh-98894: Skip test_dtrace when building without dtrace (GH-152239)
(cherry picked from commit 671357691f)
Co-authored-by: stratakis <cstratak@redhat.com>
A command created with createcommand() held a strong reference to the
interpreter, forming an uncollectable cycle (interpreter -> command ->
interpreter) that kept the interpreter and the callback alive until the
command was removed with deletecommand() or destroy(). The command now
borrows the reference; it cannot outlive the interpreter, which deletes its
commands when finalized.
(cherry picked from commit bbf7786a90)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
When a Tcl command running its own event loop (such as vwait or
wait_variable) was active and the user typed input on stdin, the event
loop kept spinning at 100% CPU. The stdin file handler is now removed as
soon as input becomes available.
Also fix gh-139816: an exception raised in a callback no longer stops the
event loop to wait for Enter on a Python built without readline; pending
callbacks keep running until input is actually available on stdin.
(cherry picked from commit 3ffda34f5c)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Co-authored-by: mdehoon <mjldehoon@yahoo.com>
Co-authored-by: Christopher Chavez <chrischavez@gmx.us>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
gh-121249: Soft deprecate F and D struct format types (#149346)
Remove F/D type codes from table in the struct module documentation.
(cherry picked from commit 5f17434a1e)
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
gh-152235: Defer GC tracking in more set operations (gh-152273)
(cherry picked from commit a87d24a69d)
Co-authored-by: Donghee Na <donghee.na@python.org>
gh-151722: Defer GC tracking in frozendict.copy() (GH-152230)
Fix _PyDict_Or() and frozendict.copy(): only track the frozendict by
the GC once the dictionary is fully initialized.
Functions modifying frozendict now ensures that the object is not
tracked by the GC (in debug mode).
* can_modify_dict() checks that _PyObject_GC_IS_TRACKED() is false
for frozendicts.
* dict_merge_api() makes sure that the dictionary is tracked by the
GC.
(cherry picked from commit 05679f3576)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-152156: Fix a crash in `interpeters.create` under limited memory conditions (GH-152163)
(cherry picked from commit 3ad66bf10d)
Co-authored-by: sobolevn <mail@sobolevn.me>
gh-152235: Defer GC tracking of set and frozenset to end of construction (gh-152237)
(cherry picked from commit 908f438e19)
Co-authored-by: Donghee Na <donghee.na@python.org>
gh-151722: Do not track the frozendict in the GC in _PyDict_FromKeys() (GH-152067)
_PyDict_FromKeys() now creates a frozendict copy which is
not tracked by the GC.
dict_merge() no longer requires the dictionary to be tracked by the
GC.
(cherry picked from commit 55bc3126e0)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Donghee Na <donghee.na@python.org>
Co-authored-by: Inada Naoki <songofacandy@gmail.com>