Restore `subprocess`'s intended use of `vfork()` by default for performance on Linux;
also fixes the behavior of `extra_groups=[]` which was unintentionally broken in 3.12.0:
Fixed a performance regression in 3.12's :mod:`subprocess` on Linux where it
would no longer use the fast-path ``vfork()`` system call when it could have
due to a logic bug, instead falling back to the safe but slower ``fork()``.
Also fixed a security bug introduced in 3.12.0. If a value of ``extra_groups=[]``
was passed to :mod:`subprocess.Popen` or related APIs, the underlying
``setgroups(0, NULL)`` system call to clear the groups list would not be made
in the child process prior to ``exec()``.
The security issue was identified via code inspection in the process of
fixing the first bug. Thanks to @vain for the detailed report and
analysis in the initial bug on Github.
(cherry picked from commit 9fe7655c6c)
+ Reword NEWS for the bugfix/security release. (mentions the assigned CVE number)
Co-authored-by: Gregory P. Smith [Google LLC] <greg@krypto.org>
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-105967: Work around a macOS bug, limit zlib C library crc32 API calls to 1gig (GH-112615)
Work around a macOS bug, limit zlib crc32 calls to 1GiB.
Without this, `zlib.crc32` and `binascii.crc32` could produce incorrect
results on multi-gigabyte inputs depending on the macOS version's Apple
supplied zlib implementation.
(cherry picked from commit 4eddb4c9d9)
Co-authored-by: Gregory P. Smith <greg@krypto.org>
It breaks import machinery if the test module has submodules used in
other tests.
(cherry picked from commit e08b70fab1)
Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
gh-106550: Fix sign conversion in pycore_code.h (GH-112613)
Fix sign conversion in pycore_code.h: use unsigned integers and cast
explicitly when needed.
(cherry picked from commit a74902a14c)
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-101100: Fix most Sphinx nitpicks in `inspect.rst` (GH-112662)
(cherry picked from commit 45650d1c47)
Co-authored-by: Alex Waygood <Alex.Waygood@Gmail.com>
Examine and update spec -- callable pairs.
Revise run method.
(cherry picked from commit 3855b45874)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Use author link to 'The Perils of Floating Point'.
(cherry picked from commit c27b09c813)
Co-authored-by: Marco Aurélio A. Barbosa <aureliobarbosa@gmail.com>
gh-106560: Fix redundant declarations in Python/frozen.c (#112612)
Avoid duplicated declarations of "extern" functions in
Python/frozen.c.
Compiler warnings seen by building Python with gcc -Wredundant-decls.
(cherry picked from commit d9e444dbb8)
gh-106560: Fix redundant declarations in Include/ (#112611)
Don't declare PyBool_Type and PyLong_Type twice, but only once.
Compiler warnings seen by building Python with gcc -Wredundant-decls.
Revise htest.py docstring and move 2 specs to alphabetical position.
(cherry picked from commit e44f1940bd)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Relocate smtpd deprecation notice to it's own section rather than under
'locale' in docs for What's New in Python 3.12 doc
(cherry picked from commit 1ff212debd)
Co-authored-by: Matt Prodani <mp5908@nyu.edu>
Change 'Dialog' to 'Window' in two places to match the name of the config_key class being tested.
(cherry picked from commit 81261fa67f)
Co-authored-by: Terry Jan Reedy <tjreedy@udel.edu>
Skip tests if no interpreters module.gh-110713 added some tests that use the interpreters module but did not accommodated builds that don't support subinterpreters (incl. an interpreters module). We fix that here by catching ImportError and skipping tests as appropriate.
gh-110707 (0122b4d) added some tests that didn't close file descriptors they created, leading to failures on the refleak buildbots. This closes the leaking file descriptors, resolving the failure.
gh-112431: Unconditionally call `hash -r` (GH-112432)
The `activate` script calls `hash -r` in two places to make sure the shell picks
up the environment changes the script makes. Before that, it checks to
see if the shell running the script is bash or zsh.
`hash -r` is specified by POSIX and is not exclusive to bash and zsh.
This guard prevents the script from calling `hash -r` in other
`GH-!/bin/sh`-compatible shells like dash.
(cherry picked from commit a194938f33)
Co-authored-by: James Morris <6653392+J-M0@users.noreply.github.com>
gh-112105: Make completer delims work on libedit (gh-112106)
(cherry picked from commit 2df26d8348)
Co-authored-by: Tian Gao <gaogaotiantian@hotmail.com>
This should have been done in gh-104148.
(A similar fix has already be done for that slot's value macros, and backported to 3.12. See gh-110968.)
(cherry picked from commit 836e0a75d5)
Co-authored-by: Eric Snow <ericsnowcurrently@gmail.com>
Fixes GH-109894
* set `interp.static_objects.last_resort_memory_error.args` to empty tuple to avoid crash on `PyErr_Display()` call
* allow `_PyExc_InitGlobalObjects()` to be called on subinterpreter init
---------
(cherry picked from commit 47d3e2ed93)
Co-authored-by: Radislav Chugunov <52372310+chgnrdv@users.noreply.github.com>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
We do the following:
* add a per-interpreter XID registry (PyInterpreterState.xidregistry)
* put heap types there (keep static types in _PyRuntimeState.xidregistry)
* clear the registries during interpreter/runtime finalization
* avoid duplicate entries in the registry (when _PyCrossInterpreterData_RegisterClass() is called more than once for a type)
* use Py_TYPE() instead of PyObject_Type() in _PyCrossInterpreterData_Lookup()
The per-interpreter registry helps preserve isolation between interpreters. This is important when heap types are registered, which is something we haven't been doing yet but I will likely do soon.
(cherry-picked from commit 80dc39e1dc)
The existence of background threads running on a subinterpreter was preventing interpreters from getting properly destroyed, as well as impacting the ability to run the interpreter again. It also affected how we wait for non-daemon threads to finish.
We add PyInterpreterState.threads.main, with some internal C-API functions.
(cherry-picked from commit 1dd9dee45d)
