Doesn't take in account case, when PySet_New(NULL) returns NULL.
We are checking that PySet_Add doesn't return a non-zero(-1) value.
But, PySet_Add has a check, that first argument is a subclass of set. Which fails, if we will pass (PyObject *) NULL as first argument. Why?

#define PySet_Check(ob) \ (Py_IS_TYPE((ob), &PySet_Type) || \ PyType_IsSubtype(Py_TYPE(ob), &PySet_Type))

PySet_Add uses this macross. But, Py_TYPE will be failed with segfault when try to access ob_type of (PyObject *) NULL.

Implementation of Py_TYPE:

static inline PyTypeObject* Py_TYPE(PyObject *ob) { return ob->ob_type; }

(gdb) call (PyObject *) NULL $1 = (PyObject *) 0x0 (gdb) call $1->ob_type Cannot access memory at address 0x8

So, we should add check, that value of PySet_New is not-null.

Linked PRs

• gh-101952: Fix possible segfault in BUILD_SET opcode #101958