Author scoder
Recipients Dormouse759, ncoghlan, petr.viktorin, scoder, terry.reedy
Date 2017-09-06.12:45:32
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1504701932.75.0.54135392541.issue30403@psf.upfronthosting.co.za>
In-reply-to
Content
Marcel proposed to disallow main-execution if the extension *might* return anything but a real object (not only if it actually does), but that seems excessive to me. The actual problem is that we consider it unsafe if the module is executed more than once, because it might overwrite module state. But that's entirely up to the extension implementation and independent of what it uses as module type.

Given how easy it is so create and/or depend on global state in C, I would assume that extensions have to be explicitly designed in order to be re-executable. Can't we just have another slot that explicitly marks the module as such?

What do you think of this protocol:

Before running the exec or main-exec function, the runner checks for a slot entry "Py_mod_allow_reexec" (can have value NULL). If not found, it sets the function pointers in the exec *and* main-exec slots to NULL to prevent any further (or concurrent) re-execution. If the slot function is not NULL on the next execution request, it can be called (again).

That effectively prevents any re-execution by default and provides an opt-in way for the module to allow it.
History
Date User Action Args
2017-09-06 12:45:32scodersetrecipients: + scoder, terry.reedy, ncoghlan, petr.viktorin, Dormouse759
2017-09-06 12:45:32scodersetmessageid: <1504701932.75.0.54135392541.issue30403@psf.upfronthosting.co.za>
2017-09-06 12:45:32scoderlinkissue30403 messages
2017-09-06 12:45:32scodercreate