gh-150505: fix data race in Unpickler_set_memo under free-threading

[AhmedMagdy9876]

Problem

Unpickler_set_memo modified self->memo and self->memo_size without any critical section. Under free-threading (--disable-gil), two threads assigning to .memo on the same Unpickler instance concurrently could race: one thread could set self->memo = NULL while another was still indexing into it via _Unpickler_MemoPut, causing a NULL-pointer dereference and segfault.

TSAN confirmed the race:

WARNING: ThreadSanitizer: data race
  Read of size 8 by thread T2:
    #0 _Unpickler_MemoPut Modules/_pickle.c:1631
  Previous write of size 8 by thread T1:
    #0 Unpickler_set_memo Modules/_pickle.c:7816

Fix

• Wrap the memo population loop (all _Unpickler_MemoPut calls) in a single Py_BEGIN_CRITICAL_SECTION / Py_END_CRITICAL_SECTION on self, so the entire assignment is atomic with respect to other threads
• Swap self->memo and self->memo_size under the same critical section
• Free the old memo array and decref its contents outside the lock, since Py_XDECREF can trigger arbitrary Python code and should not be called while holding the lock

Testing

Verified with a TSAN build (--disable-gil + -fsanitize=thread) using the reproducer from the issue. TSAN no longer reports a data race after this fix. Added a multithreaded test to Lib/test/test_pickle.py to catch regressions.

Fixes #150505

• Issue: Segfault in _Unpickler_MemoPut (_pickle.c) from Unpickler.memo assignment with free-threading #150505

[picnixz]

1. Don't force push. You should have read https://devguide.python.org/getting-started/pull-request-lifecycle/.
2. Don't update the branch as well unless CI is failing.
3. How much of an AI was used?

[picnixz]

I really feel getting ignored. Please read the contributions guidelines of our project first.

[read-the-docs-community]

Documentation build overview

📚 cpython-previews | 🛠️ Build #32894593 | 📁 Comparing a540d41 against main (baf11a4)

  🔍 Preview build  

1 file changed

± library/pickle.html

[bedevere-app]

Most changes to Python require a NEWS entry. Add one using the blurb_it web app or the blurb command-line tool.

If this change has little impact on Python users, wait for a maintainer to apply the skip news label instead.

[AhmedMagdy9876]

@picnixz apologies, never meant to ignore you, genuinely missed your comments and saw them later:

• repeated force pushes is on me, should have read the contribution guidelines more carefully. the force-pushed changes were just me chasing CI check pass
• AI used as a learning tool, review code changes, refine docs wording, and generate a scaffold for PR description/commit messages (strictly reviewed by me). Decisions and code changes are mine.
• As per discussion in the related issue, I reverted the old approach and resorted to only doc note
• NEWS entry apparently not needed for this one now. Should be labeled with "skip news"