Message 301467 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	scoder
Recipients	Dormouse759, ncoghlan, petr.viktorin, scoder, terry.reedy
Date	2017-09-06.12:45:32
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1504701932.75.0.54135392541.issue30403@psf.upfronthosting.co.za>
In-reply-to

Content
Marcel proposed to disallow main-execution if the extension might return anything but a real object (not only if it actually does), but that seems excessive to me. The actual problem is that we consider it unsafe if the module is executed more than once, because it might overwrite module state. But that's entirely up to the extension implementation and independent of what it uses as module type. Given how easy it is so create and/or depend on global state in C, I would assume that extensions have to be explicitly designed in order to be re-executable. Can't we just have another slot that explicitly marks the module as such? What do you think of this protocol: Before running the exec or main-exec function, the runner checks for a slot entry "Py_mod_allow_reexec" (can have value NULL). If not found, it sets the function pointers in the exec and main-exec slots to NULL to prevent any further (or concurrent) re-execution. If the slot function is not NULL on the next execution request, it can be called (again). That effectively prevents any re-execution by default and provides an opt-in way for the module to allow it.

Marcel proposed to disallow main-execution if the extension *might* return anything but a real object (not only if it actually does), but that seems excessive to me. The actual problem is that we consider it unsafe if the module is executed more than once, because it might overwrite module state. But that's entirely up to the extension implementation and independent of what it uses as module type.

Given how easy it is so create and/or depend on global state in C, I would assume that extensions have to be explicitly designed in order to be re-executable. Can't we just have another slot that explicitly marks the module as such?

What do you think of this protocol:

Before running the exec or main-exec function, the runner checks for a slot entry "Py_mod_allow_reexec" (can have value NULL). If not found, it sets the function pointers in the exec *and* main-exec slots to NULL to prevent any further (or concurrent) re-execution. If the slot function is not NULL on the next execution request, it can be called (again).

That effectively prevents any re-execution by default and provides an opt-in way for the module to allow it.

History
Date	User	Action	Args
2017-09-06 12:45:32	scoder	set	recipients: + scoder, terry.reedy, ncoghlan, petr.viktorin, Dormouse759
2017-09-06 12:45:32	scoder	set	messageid: <1504701932.75.0.54135392541.issue30403@psf.upfronthosting.co.za>
2017-09-06 12:45:32	scoder	link	issue30403 messages
2017-09-06 12:45:32	scoder	create