gh-146310: Fix ensurepip to treat empty WHEEL_PKG_DIR as unset (GH-146357)
Path('') resolves to CWD, so an empty WHEEL_PKG_DIR string caused
ensurepip to search the current working directory for wheel files.
Add a truthiness check to treat empty strings the same as None.
(cherry picked from commit 73cc1fd4f4)
Co-authored-by: Imgyu Kim <kimimgo@gmail.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
gh-145616: Detect Android sysconfig ABI correctly on 32-bit ARM Android on 64-bit ARM kernel (GH-145617)
When Python is running on 32-bit ARM Android on a 64-bit ARM kernel, `os.uname().machine` is `armv8l`. Such devices run the same userspace code as `armv7l` devices, so apply the same `armeabi_v7a` Android ABI to them, which works.
(cherry picked from commit 3a2b81e919)
Co-authored-by: Robert Kirkman <31490854+robertkirkman@users.noreply.github.com>
Ensure that multi-arch libpython dylibs aren't copied into the app, and the
standard lib is always found for framework post-processing.
(cherry picked from commit 5684b3a04c)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
Modifies the iOS build script so that the clean target is more selective about
what is cleaned, the test target has a valid fallback value for ci mode, and the
cross-build directory can be customised.
(cherry picked from commit ca6dfa0f31)
Co-authored-by: Russell Keith-Magee <russell@keith-magee.com>
gh-145633: Fix struct.pack('f') on s390x (GH-146422)
Use PyFloat_Pack4() to raise OverflowError.
Add more tests on packing/unpacking floats.
(cherry picked from commit 8de70b31c5)
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Sergey B Kirpichev <skirpichev@gmail.com>
Fix free-threading scaling bottleneck in sys.intern and `PyObject_SetAttr` by
avoiding the interpreter-wide lock when the string is already interned and
immortalized.
(cherry picked from commit 60093096ba)
gh-146202: Create tmp_dir in regrtest worker (GH-146347)
Create tmp_dir in libregrtest.worker since the directory can be
different than the --tempdir directory.
(cherry picked from commit bcff99cb3f)
Co-authored-by: Victor Stinner <vstinner@python.org>
Base64 decoder (see binascii.a2b_base64(), base64.b64decode(), etc)
no longer ignores excess data after the first padded quad in non-strict
(default) mode. Instead, in conformance with RFC 4648, it ignores the
pad character, "=", if it is present before the end of the encoded data.
(cherry picked from commit 4561f6418a)
Also fix a few related issues in the pyatomic headers:
* Fix _Py_atomic_store_uint_release in pyatomic_msc.h to use __stlr32
on ARM64 instead of a plain volatile store (which is only relaxed on
ARM64).
* Add missing _Py_atomic_store_uint_release to pyatomic_gcc.h.
* Fix pseudo-code comment for _Py_atomic_store_ptr_release in
pyatomic.h.
(cherry picked from commit 1eff27f2c0)
gh-145754: Update signature retrieval in unittest.mock to use forwardref annotation format (GH-145756)
(cherry picked from commit d357a7dbf3)
Co-authored-by: Matthias Schoettle <git@mattsch.com>
Add special cases for classmethod and staticmethod descriptors in
_PyObject_GetMethodStackRef() to avoid calling tp_descr_get, which
avoids reference count contention on the bound method and underlying
callable. This improves scaling when calling classmethods and
staticmethods from multiple threads.
Also refactor method_vectorcall in classobject.c into a new
_PyObject_VectorcallPrepend() helper so that it can be used by
PyObject_VectorcallMethod as well.
(cherry picked from commit e0f7c1097e)
Fix error handling in _PyFloat_FromDouble_ConsumeInputs() used by
_BINARY_OP_ADD_FLOAT, _BINARY_OP_SUBTRACT_FLOAT and
_BINARY_OP_MULTIPLY_FLOAT opcodes. PyStackRef_FromPyObjectSteal()
must not be called with a NULL pointer.
Fix also _BINARY_OP_INPLACE_ADD_UNICODE opcode.
Cache one datachunk per tstate to prevent alloc/dealloc thrashing when repeatedly hitting the same call depth at exactly the wrong boundary.
Move new _ts member to the end to not mess up remote debuggers' ideas of the
struct's layout. (The struct is only created by the runtime, and the new
field only used by the runtime, so it should be safe.)
(cherry picked from commit 706fd4ec08)
Co-authored-by: T. Wouters <thomas@python.org>
Co-authored-by: blurb-it[bot] <43283697+blurb-it[bot]@users.noreply.github.com>
gh-145599, CVE 2026-3644: Reject control characters in `http.cookies.Morsel.update()` (GH-145600)
Reject control characters in `http.cookies.Morsel.update()` and `http.cookies.BaseCookie.js_output`.
(cherry picked from commit 57e88c1cf9)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
Co-authored-by: Victor Stinner <victor.stinner@gmail.com>
gh-145649: Fix man page text wrapping for -X option (GH-145656)
Replace hardcoded space indentation with proper troff macros
(.TP, .RS/.RE, .IP) for -X sub-options so text wraps correctly
at any terminal width.
(cherry picked from commit 36b5284f04)
Co-authored-by: Matt Van Horn <mvanhorn@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
gh-140814: Fix freeze_support() setting start method as side effect (GH-144608)
freeze_support() called get_start_method() without allow_none=True,
which locked in the default start method context. This caused a
subsequent set_start_method() call to raise "context has already been
set". Use allow_none=True and accept None as a matching value, since
spawn.freeze_support() independently detects spawned child processes.
Test that freeze_support() does not lock in the default start method,
which would prevent a subsequent set_start_method() call.
(cherry picked from commit ee5318025b)
Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-145986: Avoid unbound C recursion in `conv_content_model` in `pyexpat.c` (CVE 2026-4224) (GH-145987)
Fix C stack overflow (CVE-2026-4224) when an Expat parser
with a registered `ElementDeclHandler` parses inline DTD
containing deeply nested content model.
---------
(cherry picked from commit eb0e8be3a7)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
gh-145801: Use gcc -fprofile-update=atomic for PGO builds (GH-145802)
When Python build is optimized with GCC using PGO, use
-fprofile-update=atomic option to use atomic operations when updating
profile information. This option reduces the risk of gcov Data Files
(.gcda) corruption which can cause random GCC crashes.
(cherry picked from commit 08a018ebe0)
Co-authored-by: Victor Stinner <vstinner@python.org>
Avoid locking in the PyType_Lookup cache-miss path if the type's
tp_version_tag is already valid.
(cherry picked from commit cd52172831)
Co-authored-by: Sam Gross <colesbury@gmail.com>
gh-140594: Fix an out of bounds read when feeding NUL byte to PyOS_StdioReadline() (GH-140910)
(cherry picked from commit 86a0756234)
Co-authored-by: Shamil <ashm.tech@proton.me>
Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Victor Stinner <vstinner@python.org>
(cherry picked from commit 2d35f9bc1c)
Includes test fix-up from GH-145788
(cherry picked from commit aa4240ebea)
Co-authored-by: Thomas Kowalski <thom.kowa@gmail.com>
Co-authored-by: Matt Van Horn <mvanhorn@users.noreply.github.com>
The cache may be cleared between the evaluation of the if statement and the
call to popitem.
(cherry picked from commit 665c1db94f)
Co-authored-by: Sam Gross <colesbury@gmail.com>
(cherry picked from commit 63eaaf9599)
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
* Add `:oss-fuzz:` supports
Backports part of 255e79fa95.
Co-authored-by: Stan Ulbrych <89152624+StanFromIreland@users.noreply.github.com>
