Re: [Python-Dev] Non-string keys in type dict

[Ethan Furman]

Nick Coghlan wrote:

On Thu, Mar 8, 2012 at 11:42 AM, Benjamin Peterson benja...@python.org wrote:

2012/3/7 Victor Stinner victor.stin...@gmail.com:

Can't we simply raise an error if the dict contains
non-string keys?

Sounds okay to me.


For 3.3, the most we can do is trigger a deprecation warning, since
removing this feature *will* break currently running code. I don't
have any objection to us starting down that path, though.


I think it would be sad to lose that functionality.

If we are going to, though, we may as well check the string to make sure 
it's a valid identifier:


-- class A:
--   pass
-- setattr(A, '42', 'hrm')
-- A.42
  File stdin, line 1
A.42
   ^
SyntaxError: invalid syntax

Doesn't seem very useful.

~Ethan~
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Lennart Regebro]

On Thu, Mar 8, 2012 at 08:46, Ethan Furman et...@stoneleaf.us wrote:
 I think it would be sad to lose that functionality.

 If we are going to, though, we may as well check the string to make sure
 it's a valid identifier:

That would break even more code. I have encountered many cases of
attributes that aren't valid identifiers, in particular using dots or
dashes. Admittedly this is often in cases where the object has both
attribute access and key access, so you can make foo['bar-frotz']
instead. But when should we then require that it is a valid identifier
and when not?

 -- class A:
 --   pass
 -- setattr(A, '42', 'hrm')
 -- A.42
  File stdin, line 1
    A.42
       ^
 SyntaxError: invalid syntax

 Doesn't seem very useful.

You have to set it with setattr, so you have to get it with getattr. I
don't see the problem.

//Lennart
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Mark Shannon]

Stefan Behnel wrote:

Hi,

I found a problem in the current yield from implementation that I think
is worth discussing:

http://bugs.python.org/issue14220


[snip]

I've been experimenting with the implementation of PEP 380, and I found 
a couple of interesting things.


First of all, the semantics described in the PEP do not match the tests.
If you substitute the supposedly semantically equivalent code
based on normal yields for each yield from in the test code
(Lib/test/test_pep380.py) and run it, then it fails.

My second experiment involved stripping away all the code relating to 
yield from outside of the interpreter and changing the YIELD_FROM
bytecode to repeat itself, by setting the last instruction to the 
instruction immediately before itself.

To do this I added 4 lines of code and removed over 120 lines :)

This fails many of the tests*, but works for the most straightforward
use cases. Many of these failures seem to me to be more 'natural' than 
the current behaviour


It might be possible to fix most, or all?, of the other failures
by compiling yield from into a two opcode sequence:
YIELD_FROM_START and YIELD_FROM_REPEAT.
Both opcodes should be reasonably simple and __next__() and send() would 
not have to worry about the subiterator, although close() and throw()

might (the subiterator would be top-of-stack in the generator's frame)

Overall the semantics of PEP 380 seem far too complex,
trying to do several things at once.
An example:
Plain yield makes no distinction between a receiving a None and any 
other value, so send(None) and __next__() are the same. Yield from
makes this distinction so has to test for None, meaning the semantics of 
send now changes with its argument.


I would recommend changing one of two things in the PEP:
Either, close and throw should not close/throw in subiterators
(this would simplify the semantics and implementation immensely)
Or, only allow subgenerators, not subiterators
(this would fix the next/send problem).

I would also suggest a change in implementation to perform all yields
within the interpreter. A simpler implementation is likely to be a
more reliable one.

Finally, the PEP itself makes no mention of coroutines, stackless or 
greenlet in the alternatives or criticisms section. Perhaps it should.


Cheers,
Mark.

*Tests in PEP 380. It passes all other tests.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Nick Coghlan]

On Thu, Mar 8, 2012 at 9:52 PM, Mark Shannon m...@hotpy.org wrote:
 I would recommend changing one of two things in the PEP:
 Either, close and throw should not close/throw in subiterators
 (this would simplify the semantics and implementation immensely)
 Or, only allow subgenerators, not subiterators
 (this would fix the next/send problem).

Either of those changes would completely defeat the point of the PEP.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Mark Shannon]

Jim J. Jewett wrote:


http://mail.python.org/pipermail/python-dev/2012-March/117395.html
Brett Cannon posted:

[in reply to Mark Shannon's suggestion of adding a builtins parameter
to match locals and globals]


It's a mess right now to try to grab the __import__()
implementation and this would actually help clarify import semantics by
saying that __import__() for any chained imports comes from __import__()s
locals, globals, or builtins arguments (in that order) or from the builtins
module itself (i.e. tstate-builtins).


How does that differ from today?


The idea is that you can change, presumable restrict, the builtins
separately from the globals for an import.



If you're saying that the locals and (module-level) globals aren't
always checked in order, then that is a semantic change.  Probably
a good change, but still a change -- and it can be made indepenently
of Mark's suggestion.

Also note that I would assume this was for sandboxing, 


Actually, I just think it's a cleaner implementation,
but sandboxing is a good excuse :)

 and that

missing names should *not* fall back to the real globals, although
I would understand if bootstrapping required the import statement to
get special treatment.


(Note that I like Mark's proposed change; I just don't see how it
cleans up import.)


I don't think it cleans up import, but I'll defer to Brett on that.
I've included __import__() along with exec and eval as it is a place 
where new namespaces can be introduced into an execution.

There may be others I haven't though of.

Cheers,
Mark.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Nick Coghlan]

On Thu, Mar 8, 2012 at 9:52 PM, Mark Shannon m...@hotpy.org wrote:
 First of all, the semantics described in the PEP do not match the tests.
 If you substitute the supposedly semantically equivalent code
 based on normal yields for each yield from in the test code
 (Lib/test/test_pep380.py) and run it, then it fails.

What's more important is whether or not it matches the semantics of
inlining the subgenerator bodies. The expansion in the PEP was an
attempt to define a way to achieve that in current Python without
interpreter support.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Nick Coghlan]

On Thu, Mar 8, 2012 at 10:06 PM, Mark Shannon m...@hotpy.org wrote:
 I don't think it cleans up import, but I'll defer to Brett on that.
 I've included __import__() along with exec and eval as it is a place where
 new namespaces can be introduced into an execution.
 There may be others I haven't though of.

runpy is another one.

However, the problem I see with builtins as a separate argument is
that it would be a lie.

The element that's most interesting about locals vs globals vs
builtins is the scope of visibility of their contents.

When I call out to another function in the same module, locals are not
shared, but globals and builtins are.

When I call out to code in a *different* module, neither locals nor
globals are shared, but builtins are still common.

So there are two ways this purported extra builtins parameter could work:

1. Sandboxing - you try to genuinely give the execution context a
different set of builtins that's shared by all code executed, even
imports from other modules.  However, I assume this isn't what you
meant, since it is the domain of sandboxing utilities like Victor's
pysandbox and is known to be incredibly difficult to get right (hence
the demise of both rexec and Bastion and recent comments about known
segfault vulnerabilities that are tolerable in the normal case of
merely processing untrusted data with trusted code but anathema to a
robust CPython native sandboxing scheme that can still cope even when
the code itself is untrusted).

2. chained globals - just an extra namespace that's chained behind the
globals dictionary for name lookup, not actually shared with code
invoked from other modules.

The second approach is potentially useful, but:

1. builtins is *not* the right name for it (because any other code
invoked will still be using the original builtins)
2. it's already trivial to achieve such chained lookups in 3.3 by
passing a collections.ChainMap instance as the globals parameter:
http://docs.python.org/dev/library/collections#collections.ChainMap

collections.ChainMap also has the virtue of working with any current
API that accepts a globals argument and can be extended to an
arbitrary level of chaining, whereas this suggestion requires that all
such APIs be expanded to accept a third parameter, and could still
only chain lookups one additional step in doing so.

So a big -1 from me.

Cheers,
Nick.

P.S. I've referenced this talk before, but Tim Dawborn's effort from
PyCon AU last year about the sandboxing setup for
http://www.ncss.edu.au/ should be required viewing for anyone wanting
to understand the kind of effort it takes to fairly comprehensively
protect host servers from attacks when executing arbitrary untrusted
Python code on CPython. Implementing such protection is certainly
*possible* (since Tim's talk is all about one way to do it), but it's
not easy, and Tim's approach uses Linux OS level sandboxing rather
than rather than relying on a Python language level sandbox. This was
largely due to a university requirement that the sandbox solution be
language agnostic, but it also serves to protect the sandbox from the
documented attacks against the CPython interpreter. Tim reviews a few
interesting attempts to break the sandbox around the 5 minute mark in
https://www.youtube.com/watch?v=y-WPPdhTKBU. (I did suggest he grab
our test_crashers directory to see what happened when they were run in
the sandbox, but I doubt it would be much more interesting than merely
calling sys.exit())

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] steps to solve bugs

[Ejaj Hassan]

Hi,
   I am a novice python programmer and am learning to be able to solve
some issues. Well following the steps given in the PSF website, I have
* installed vc++ 2008 and even finished till building the cpython
code and I have got the console for python 3.0x
Having done this, I am not able to quite follow the further steps to solve the 
bugs .
Currently I am wondering in the issues tracker though not still working on it.
  So I request you my kind folks to kindly make me understand the
further things I must have to take up to get it done.
Thanks
Regards,
Ejaj
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] steps to solve bugs

[Nick Coghlan]

On Thu, Mar 8, 2012 at 11:09 PM, Ejaj Hassan ejjy...@gmail.com wrote:
 Hi,
   I am a novice python programmer and am learning to be able to solve
 some issues. Well following the steps given in the PSF website, I have
 * installed vc++ 2008 and even finished till building the cpython
 code and I have got the console for python 3.0x
Having done this, I am not able to quite follow the further steps to solve 
the bugs .
Currently I am wondering in the issues tracker though not still working on it.
  So I request you my kind folks to kindly make me understand the
 further things I must have to take up to get it done.

Hi Ejaj,

If you're interested in getting started working on items on the issue
tracker, I suggest signing up for the core-mentorship list
(core-mentors...@python.org) and reposting your question there. It's
specifically for this kind of question, whereas python-dev is intended
for design and development discussions.

Regards,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] steps to solve bugs

[Oleg Broytman]

On Thu, Mar 08, 2012 at 06:39:42PM +0530, Ejaj Hassan wrote:
I am a novice python programmer and am learning to be able to solve
 some issues. Well following the steps given in the PSF website, I have
 installed vc++ 2008 and even finished till building the cpython
 code and I have got the console for python 3.0x
 Having done this, I am not able to quite follow the further steps to solve 
 the bugs .
 Currently I am wondering in the issues tracker though not still working on it.

   Are you debugging the Python core, the standard Python library or
your own code written in Python? Except for the core you don't need to
recompile the Python interpreter - just download ready one.

   If you are debugging your own code - this mailing list is a wrong
place to look for help. This mailing list is to work on developing
Python (adding new features to Python itself and fixing bugs); if you're
having problems learning, understanding or using Python, please find
another forum. Probably python-list/comp.lang.python mailing list/news
group is the best place; there are Python developers who participate in
it; you may get a faster, and probably more complete, answer there. See
http://www.python.org/community/ for other lists/news groups/fora.

Oleg.
-- 
 Oleg Broytmanhttp://phdru.name/p...@phdru.name
   Programmers don't die, they just GOSUB without RETURN.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Mark Shannon]

Nick Coghlan wrote:

On Thu, Mar 8, 2012 at 10:06 PM, Mark Shannon m...@hotpy.org wrote:

I don't think it cleans up import, but I'll defer to Brett on that.
I've included __import__() along with exec and eval as it is a place where
new namespaces can be introduced into an execution.
There may be others I haven't though of.


runpy is another one.


Add that to the list.


However, the problem I see with builtins as a separate argument is
that it would be a lie.

The element that's most interesting about locals vs globals vs
builtins is the scope of visibility of their contents.

When I call out to another function in the same module, locals are not
shared, but globals and builtins are.

When I call out to code in a *different* module, neither locals nor
globals are shared, but builtins are still common.


Not necessarily. All functions in a module will inherit their globals 
*and* builtins from the module, which gets them from __import__().




So there are two ways this purported extra builtins parameter could work:

1. Sandboxing - you try to genuinely give the execution context a
different set of builtins that's shared by all code executed, even
imports from other modules.  


Victor's pysandbox seems pretty good to me, I had a go at breaking it
and failed, but it is too restrictive.

Rather than make pysandbox more secure, I think my proposal could make
it more usable, as clearer guarantees about access and visibility can be
provided to the sandbox developer.
You shouldn't need to cripple introspection in order to limit access to 
the builtins.



However, I assume this isn't what you
meant, since it is the domain of sandboxing utilities like Victor's
pysandbox and is known to be incredibly difficult to get right (hence
the demise of both rexec and Bastion and recent comments about known
segfault vulnerabilities that are tolerable in the normal case of
merely processing untrusted data with trusted code but anathema to a
robust CPython native sandboxing scheme that can still cope even when
the code itself is untrusted).


By changing the implementation to be based around immutable execution 
contexts means that the compiler will enforce things for us.

Static typing has its advantages, occasionally :)

As I stated elsewhere, the crashers can be fixed. I think Victor has 
already fixed a couple.




2. chained globals - just an extra namespace that's chained behind the
globals dictionary for name lookup, not actually shared with code
invoked from other modules.


That's exactly what builtins already are. They are a fall back for 
LOAD_GLOBAL and similar when something isn't found in the globals.




The second approach is potentially useful, but:

1. builtins is *not* the right name for it (because any other code
invoked will still be using the original builtins)


Other code will use whatever builtins they were given at __import__.

The key point is that every piece of code already inherits locals, 
globals and builtins from somewhere else.

We can already control locals (by which parameters are passed in) and
globals via exec, eval, __import__, and runpy (any others?)
but we can't control builtins.


One last point is that this is a low-impact change. All code using eval, 
etc. will continue to work as before.

It also may speed things up a little.

Cheers,
Mark.

___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Mark Shannon]

Nick Coghlan wrote:

On Thu, Mar 8, 2012 at 9:52 PM, Mark Shannon m...@hotpy.org wrote:

First of all, the semantics described in the PEP do not match the tests.
If you substitute the supposedly semantically equivalent code
based on normal yields for each yield from in the test code
(Lib/test/test_pep380.py) and run it, then it fails.


What's more important is whether or not it matches the semantics of
inlining the subgenerator bodies. The expansion in the PEP was an
attempt to define a way to achieve that in current Python without
interpreter support.


So yield from X means inline X here, if X is a generator.
That is much, much easier to understand than the big block of
code in the PEP.
It really ought say that yield from is equivalent to inlining
in the PEP.

Cheers,
Mark

___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 412 has been accepted

[Antoine Pitrou]

On Wed, 7 Mar 2012 18:52:43 -0500
Brett Cannon br...@yvrsfo.ca wrote:
 Since PEP 412 has code that doesn't break tests anymore (thanks to hash
 randomization), it was just accepted. Mark, can you make sure there is an
 up-to-date patch in the tracker so people can potentially look at the code
 at the sprints here at PyCon? And also please apply for core dev privileges
 (http://docs.python.org/devguide/coredev.html) so that we can make you fix
 bugs. =)

For the record (I had to look it up), PEP 412 is Mark Shannon's
Key-Sharing Dictionary, an optimization that decreases memory
consumption of instances.
http://www.python.org/dev/peps/pep-0412/

Regards

Antoine.


___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Nick Coghlan]

On Thu, Mar 8, 2012 at 11:40 PM, Mark Shannon m...@hotpy.org wrote:
 Other code will use whatever builtins they were given at __import__.

Then they're not builtins - they're module-specific chained globals.
The thing that makes the builtins special is *who else* can see them
(i.e. all the other code in the process). If you replace
builtins.open, you replace if for everyone (that hasn't either
shadowed it or cached a reference to the original).

 The key point is that every piece of code already inherits locals, globals
 and builtins from somewhere else.
 We can already control locals (by which parameters are passed in) and
 globals via exec, eval, __import__, and runpy (any others?)
 but we can't control builtins.

Correct - because controlling builtins is the domain of sandboxes.

 One last point is that this is a low-impact change. All code using eval,
 etc. will continue to work as before.
 It also may speed things up a little.

Passing in a ChainMap instance as the globals when you want to include
an additional namespace in the lookup chain is even lower impact.

A reference implementation and concrete use cases might change my
mind, but for now, I'm just seeing a horrendously complicated approach
with huge implications for the runtime data model semantics for
something that 3.3 already supports in a much simpler fashion.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] Request for clarification of PEP 380

[Mark Shannon]

Hi,

The scenario is this:
A generator, G, has a non-generator sub-iterator, S,
(ie G includes a yield from S experssion and S is not a generator)
and either G.close() or G.throw(GeneratorExit) is called.

In the current implementation, S.close() is called and,
if that call raises an exception, then that exception is suppressed.

Should close() be called at all? I know that it helps non-generators
to support the protocol, but there is the problem of iterables that 
happen to have a close method. This may cause unwanted side effects.


Why is the exception suppressed?

The text of the PEP seems to implicitly assume that all sub-iterators
will be generators, so it is not clear on the above points.

Cheers,
Mark.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Nick Coghlan]

On Thu, Mar 8, 2012 at 11:45 PM, Mark Shannon m...@hotpy.org wrote:
 It really ought say that yield from is equivalent to inlining
 in the PEP.

That's what the motivation section is about. There's also an entire
subsection called The Refactoring Principle that describes this
intent. However, we needed something more concrete to flesh out the
original implementation details, which is what the code equivalent was
designed to provide (it was also designed to point out that the days
of you can just use a simple for loop actually went away when PEP
342 was implemented).

Now, it may be that we fixed things during implementation that should
be reflected back into the formal semantic spec in the PEP - so if you
can point out specific cases where what we implemented doesn't match
the nominal behaviour, I'm open to updating the PEP accordingly. (Of
course, if there are any tests that fail solely due to the two known
differences in semantics that are already noted in the PEP, they don't
count).

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Request for clarification of PEP 380

[Nick Coghlan]

On Fri, Mar 9, 2012 at 12:06 AM, Mark Shannon m...@hotpy.org wrote:

 The text of the PEP seems to implicitly assume that all sub-iterators
 will be generators, so it is not clear on the above points.

On the contrary, this question is explicitly addressed in the PEP:
http://www.python.org/dev/peps/pep-0380/#finalization

If you want to block an inadvertent close() call, you need to either
wrap the object so it doesn't implement unwanted parts of the
generator API (which is the iterator protocol plus send(), throw() and
close()), or else you should continue to use simple iteration rather
than delegation.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Why does Mac OS X python share site-packages with apple python?

[Barry Scott]

Just to follow up. With Robin's help over in wxPython land I have
given Robin a patch to wxPython to fix the site-packages issue.

Barry

___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Request for clarification of PEP 380

[Mark Shannon]

Nick Coghlan wrote:

On Fri, Mar 9, 2012 at 12:06 AM, Mark Shannon m...@hotpy.org wrote:

The text of the PEP seems to implicitly assume that all sub-iterators
will be generators, so it is not clear on the above points.


On the contrary, this question is explicitly addressed in the PEP:
http://www.python.org/dev/peps/pep-0380/#finalization


I should have read it more carefully.



If you want to block an inadvertent close() call, you need to either
wrap the object so it doesn't implement unwanted parts of the
generator API (which is the iterator protocol plus send(), throw() and
close()), or else you should continue to use simple iteration rather
than delegation.



What about the exception being suppressed?
That doesn't seem to be mentioned.

Cheers,
Mark.

___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Guido van Rossum]

On Thu, Mar 8, 2012 at 1:10 AM, Lennart Regebro rege...@gmail.com wrote:
 On Thu, Mar 8, 2012 at 08:46, Ethan Furman et...@stoneleaf.us wrote:
 I think it would be sad to lose that functionality.

 If we are going to, though, we may as well check the string to make sure
 it's a valid identifier:

 That would break even more code. I have encountered many cases of
 attributes that aren't valid identifiers, in particular using dots or
 dashes. Admittedly this is often in cases where the object has both
 attribute access and key access, so you can make foo['bar-frotz']
 instead. But when should we then require that it is a valid identifier
 and when not?

 -- class A:
 --   pass
 -- setattr(A, '42', 'hrm')
 -- A.42
  File stdin, line 1
    A.42
       ^
 SyntaxError: invalid syntax

 Doesn't seem very useful.

 You have to set it with setattr, so you have to get it with getattr. I
 don't see the problem.

I'm with Lennart. I've spoken out on this particular question several
times before; it is a *feature* that you can use any arbitrary string
with getattr() and setattr(). However these functions should (and do!)
reject non-strings.

I'm lukewarm on forbidding non-strings in namespace dicts if you can
get them in there by other means. I presume that some people might use
this to hide state they don't want accessible using regular attribute
notation (x.foo) and maybe somebody is even using some namespace's
keys as a dict to store many things with non-string keys, but that
feels like abuse of the namespace to me, and there are plenty of other
ways to manage such state, so if it gives a significant speed-up to
use string-only dicts, so be it. (Although Python's dicts already have
some string-only optimizations -- they just dynamically adapt to a
more generic and slightly slower approach once the first non-key
string shows up.)

As Nick says we should introduce a deprecation period if we do this.

On Wed, Mar 7, 2012 at 11:43 PM, Ethan Furman et...@stoneleaf.us wrote:
 Are you able to modify classes after class creation in Python 3? Without
 using a metaclass?

Yes, by assignment to attributes. The __dict__ is a read-only proxy,
but attribute assignment is allowed. (This is because the new type
system introduced in Python 2.2 needs to *track* changes to the dict;
it does this by tracking setattr/delattr calls, because dict doesn't
have a way to trigger a hook on changes.)

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Ethan Furman]

Guido van Rossum wrote:

On Wed, Mar 7, 2012 at 11:43 PM, Ethan Furman wrote:

Are you able to modify classes after class creation in Python 3? Without
using a metaclass?


Yes, by assignment to attributes. The __dict__ is a read-only proxy,
but attribute assignment is allowed. (This is because the new type
system introduced in Python 2.2 needs to *track* changes to the dict;
it does this by tracking setattr/delattr calls, because dict doesn't
have a way to trigger a hook on changes.)


Poorly phrased question -- I meant is it possible to add non-string-name 
attributes to classes after class creation.  During class creation we 
can do this:


-- class Test:
...   ns = vars()
...   ns[42] = 'green eggs'
...   del ns
...
-- Test
class '__main__.Test'
-- Test.__dict__
dict_proxy({
'__module__': '__main__',
42: 'green eggs',
'__doc__': None,
'__dict__': attribute '__dict__' of 'Test' objects,
'__weakref__': attribute '__weakref__' of 'Test' objects,
'__locals__': {
42: 'green eggs',
   '__module__': '__main__',
   '__locals__': {...}}
})
-- Test.__dict__[42]
'green eggs'

A little more experimentation shows that not all is well, however:

-- dir(Test)
Traceback (most recent call last):
  File stdin, line 1, in module
TypeError: unorderable types: int()  str()

~Ethan~
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Guido van Rossum]

On Thu, Mar 8, 2012 at 8:22 AM, Ethan Furman et...@stoneleaf.us wrote:
 Guido van Rossum wrote:

 On Wed, Mar 7, 2012 at 11:43 PM, Ethan Furman wrote:

 Are you able to modify classes after class creation in Python 3? Without
 using a metaclass?


 Yes, by assignment to attributes. The __dict__ is a read-only proxy,
 but attribute assignment is allowed. (This is because the new type
 system introduced in Python 2.2 needs to *track* changes to the dict;
 it does this by tracking setattr/delattr calls, because dict doesn't
 have a way to trigger a hook on changes.)


 Poorly phrased question -- I meant is it possible to add non-string-name
 attributes to classes after class creation.  During class creation we can do
 this:

 -- class Test:
 ...   ns = vars()
 ...   ns[42] = 'green eggs'
 ...   del ns
 ...
 -- Test
 class '__main__.Test'
 -- Test.__dict__
 dict_proxy({
    '__module__': '__main__',
    42: 'green eggs',
    '__doc__': None,
    '__dict__': attribute '__dict__' of 'Test' objects,
    '__weakref__': attribute '__weakref__' of 'Test' objects,
    '__locals__': {
        42: 'green eggs',
       '__module__': '__main__',
       '__locals__': {...}}
    })
 -- Test.__dict__[42]
 'green eggs'

 A little more experimentation shows that not all is well, however:

 -- dir(Test)
 Traceback (most recent call last):
  File stdin, line 1, in module
 TypeError: unorderable types: int()  str()

So what conclusion do you draw?

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[PJ Eby]

On Thu, Mar 8, 2012 at 2:43 AM, Ethan Furman et...@stoneleaf.us wrote:

 PJ Eby wrote:

 Short version: AddOns are things you can use to dynamically extend
instances -- a bit like the decorator in decorator pattern (not to be
confused with Python decorators).  Rather than synthesize a unique string
as a dictionary key, I just used the AddOn classes themselves as keys.
 This works fine for object instances, but gets hairy once classes come
into play.


 Are you able to modify classes after class creation in Python 3? Without
using a metaclass?

For ClassAddOns, it really doesn't matter; you can't remove them from the
class they attach to.  Addons created after the class is finalized use a
weakref dictionary to attach to their classes.

Now that I've gone back and looked at the code, the only reason that
ClassAddOns even use the class __dict__ in the first place is because it's
a convenient place to put them while the class is being built.  With only
slightly hairier code, I could use an __addons__ dict in the class
namespace while it's being built, but there'll then be a performance hit at
look up time to do cls.__dict__['__addons__'][key] instead of
cls.__dict__[key].

Actually, now that I'm thinking about it, the non-modifiability of class
dictionaries is actually a feature for this use case: if I make an
__addons__ dict, that dict is mutable.  That means I'll have to move to
string keys or have some sort of immutable dict type available...  ;-)
 (Either that, or do some other, more complex refactoring.)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[fwierzbi...@gmail.com]

On Wed, Mar 7, 2012 at 5:39 PM, Victor Stinner victor.stin...@gmail.com wrote:
 Hi,

 During the Language Summit 2011 (*), it was discussed that PyPy and
 Jython don't support non-string key in type dict. An issue was open to
 emit a warning on such dict, but the patch has not been commited yet.
It should be noted that Jython started supporting non-string dict keys
in version 2.5. IIRC this was done to get Django running, but in
general we decided to go with compatibility.

-Frank
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Guido van Rossum]

On Thu, Mar 8, 2012 at 5:57 AM, Nick Coghlan ncogh...@gmail.com wrote:
 On Thu, Mar 8, 2012 at 11:40 PM, Mark Shannon m...@hotpy.org wrote:
 Other code will use whatever builtins they were given at __import__.

 Then they're not builtins - they're module-specific chained globals.
 The thing that makes the builtins special is *who else* can see them
 (i.e. all the other code in the process). If you replace
 builtins.open, you replace if for everyone (that hasn't either
 shadowed it or cached a reference to the original).

Looks like you two are talking about different things. There is only
one 'builtins' *module*.

But the __builtins__ that are actually used by any particular piece of
code is *not* taken by importing builtins. It is taken from what the
globals store under the key __builtins__.

This is a feature that was added specifically for sandboxing purposes,
but I believe it has found other uses too.

 The key point is that every piece of code already inherits locals, globals
 and builtins from somewhere else.
 We can already control locals (by which parameters are passed in) and
 globals via exec, eval, __import__, and runpy (any others?)
 but we can't control builtins.

 Correct - because controlling builtins is the domain of sandboxes.

Incorrect (unless I misunderstand the context) -- when you control the
globals you control the __builtins__ set there.

 One last point is that this is a low-impact change. All code using eval,
 etc. will continue to work as before.
 It also may speed things up a little.

 Passing in a ChainMap instance as the globals when you want to include
 an additional namespace in the lookup chain is even lower impact.

 A reference implementation and concrete use cases might change my
 mind, but for now, I'm just seeing a horrendously complicated approach
 with huge implications for the runtime data model semantics for
 something that 3.3 already supports in a much simpler fashion.

I can't say I'm completely following the discussion. It's not clear
whether what I just explained was already implicit in the coversation
or is new information.

In any case, the locals / globals / builtins chain is a
simplification; there are also any number of intermediate scopes
(between locals and globals) from which nonlocal variables may be
used. Like optimized function globals, these don't use a dict lookup
at all, they are determined by compile-time analysis.

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 412 has been accepted

[Guido van Rossum]

On Thu, Mar 8, 2012 at 5:41 AM, Antoine Pitrou solip...@pitrou.net wrote:
 For the record (I had to look it up), PEP 412 is Mark Shannon's
 Key-Sharing Dictionary, an optimization that decreases memory
 consumption of instances.
 http://www.python.org/dev/peps/pep-0412/

Thanks for reminding us. I've gotten into the habit of listing the PEP
number *and* title whenever first referencing a given PEP in a
discussion -- if the PEP is mentioned in the message subject, its
title should be too.

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Ethan Furman]

Guido van Rossum wrote:

On Thu, Mar 8, 2012 at 8:22 AM, Ethan Furman et...@stoneleaf.us wrote:

Guido van Rossum wrote:


On Wed, Mar 7, 2012 at 11:43 PM, Ethan Furman wrote:

Are you able to modify classes after class creation in Python 3? Without
using a metaclass?


Yes, by assignment to attributes. The __dict__ is a read-only proxy,
but attribute assignment is allowed. (This is because the new type
system introduced in Python 2.2 needs to *track* changes to the dict;
it does this by tracking setattr/delattr calls, because dict doesn't
have a way to trigger a hook on changes.)


Poorly phrased question -- I meant is it possible to add non-string-name
attributes to classes after class creation.  During class creation we can do
this:

-- class Test:
...   ns = vars()
...   ns[42] = 'green eggs'
...   del ns
...
-- Test
class '__main__.Test'
-- Test.__dict__
dict_proxy({
   '__module__': '__main__',
   42: 'green eggs',
   '__doc__': None,
   '__dict__': attribute '__dict__' of 'Test' objects,
   '__weakref__': attribute '__weakref__' of 'Test' objects,
   '__locals__': {
   42: 'green eggs',
  '__module__': '__main__',
  '__locals__': {...}}
   })
-- Test.__dict__[42]
'green eggs'

A little more experimentation shows that not all is well, however:

-- dir(Test)
Traceback (most recent call last):
 File stdin, line 1, in module
TypeError: unorderable types: int()  str()


So what conclusion do you draw?


That other changes (that have definitely been for the better) are making 
the 'feature' of non-string keys in namespace dicts less and less 
friendly.  Rather than letting it slowly fall into complete shambles we 
should go ahead and deprecate, then remove, that functionality.


Because namespace dicts already have tacit approval to not support 
non-string keys, it doesn't make much sense to spend developer resources 
on fixing dir and whatever other functions exist that deal with 
namespace dicts and assume string-only keys.


~Ethan~
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Non-string keys in type dict

[Amaury Forgeot d'Arc]

Hi,

2012/3/8 Ethan Furman et...@stoneleaf.us:
 A little more experimentation shows that not all is well, however:

 -- dir(Test)
 Traceback (most recent call last):
  File stdin, line 1, in module
 TypeError: unorderable types: int()  str()


 So what conclusion do you draw?


 That other changes (that have definitely been for the better) are making the
 'feature' of non-string keys in namespace dicts less and less friendly.
  Rather than letting it slowly fall into complete shambles we should go
 ahead and deprecate, then remove, that functionality.

Not that I disagree with the conclusion, but the obvious thing to do here
is to fix dir() and return only string attributes, i.e. those you can
access with getattr.

Cheers,

-- 
Amaury Forgeot d'Arc
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Sandboxing Python

[Armin Rigo]

Hi Stefan,

On Wed, Mar 7, 2012 at 23:16, Stefan Behnel stefan...@behnel.de wrote:
 Well, there's a bug tracker that lists some of them, which is not *that*
 hard to find. Does your claim about a significantly harder endeavour
 refer to finding a crash or to finding a fix for it?

Are you talking about the various crashes about the JIT?  That's one
of the reasons why the sandboxed PyPy does not include the JIT.


A bientôt,

Armin.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Stefan Behnel]

Stefan Behnel, 07.03.2012 21:40:
 I found a problem in the current yield from implementation

... and here's another one, also in genobject.c:


int
PyGen_FetchStopIterationValue(PyObject **pvalue) {
PyObject *et, *ev, *tb;
PyObject *value = NULL;

if (PyErr_ExceptionMatches(PyExc_StopIteration)) {
PyErr_Fetch(et, ev, tb);
Py_XDECREF(et);
Py_XDECREF(tb);
if (ev) {
value = ((PyStopIterationObject *)ev)-value;
Py_INCREF(value);
Py_DECREF(ev);
}
} else if (PyErr_Occurred()) {
return -1;
}
if (value == NULL) {
value = Py_None;
Py_INCREF(value);
}
*pvalue = value;
return 0;
}


When the StopIteration was set using PyErr_SetObject(), ev points to the
value, not the exception instance, so this code lacks exception
normalisation. I use slightly different code in Cython (which needs to be
compatible with Py2.x), but CPython 3.3 could do something along these lines:


if (ev) {
if (PyObject_IsInstance(ev, PyExc_StopIteration)) {
value = ((PyStopIterationObject *)ev)-value;
Py_INCREF(value); // or maybe XINCREF()?
Py_DECREF(ev);
} else {
/* PyErr_SetObject() puts the value directly into ev */
value = ev;
}
} else ...


Would that be acceptable for CPython as well or would you prefer full
fledged normalisation?

Stefan

___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Paul Moore]

On 8 March 2012 12:52, Nick Coghlan ncogh...@gmail.com wrote:
 2. it's already trivial to achieve such chained lookups in 3.3 by
 passing a collections.ChainMap instance as the globals parameter:
 http://docs.python.org/dev/library/collections#collections.ChainMap

Somewhat OT, but collections.ChainMap is really cool. I hadn't noticed
it get added into 3.3, and as far as I can see, it's not in the
What's New in 3.3 document. But it's little things like this that
*really* make the difference for me in new versions.

So thanks to whoever added it, and could we have a whatsnew entry, please?

Paul.
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Benjamin Peterson]

2012/3/8 Stefan Behnel stefan...@behnel.de:
 Would that be acceptable for CPython as well or would you prefer full
 fledged normalisation?

I think we have to normalize for correctness. Consider that it may be
some StopIteration subclass which set value on construction.


-- 
Regards,
Benjamin
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Antoine Pitrou]

On Thu, 8 Mar 2012 14:36:06 -0600
Benjamin Peterson benja...@python.org wrote:
 2012/3/8 Stefan Behnel stefan...@behnel.de:
  Would that be acceptable for CPython as well or would you prefer full
  fledged normalisation?
 
 I think we have to normalize for correctness. Consider that it may be
 some StopIteration subclass which set value on construction.

Perhaps it would be time to drop the whole delayed normalization thing,
provided the benchmarks don't exhibit a slowdown? It complicates a lot
of code paths.

cheers

Antoine.


___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] problem with recursive yield from delegation

[Benjamin Peterson]

2012/3/8 Antoine Pitrou solip...@pitrou.net:
 On Thu, 8 Mar 2012 14:36:06 -0600
 Benjamin Peterson benja...@python.org wrote:
 2012/3/8 Stefan Behnel stefan...@behnel.de:
  Would that be acceptable for CPython as well or would you prefer full
  fledged normalisation?

 I think we have to normalize for correctness. Consider that it may be
 some StopIteration subclass which set value on construction.

 Perhaps it would be time to drop the whole delayed normalization thing,
 provided the benchmarks don't exhibit a slowdown? It complicates a lot
 of code paths.

+1 Also, it delays errors from exception initialization to arbitrary points.

-- 
Regards,
Benjamin
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

[Python-Dev] PEP

[Mark Janssen]

On Thu, Feb 9, 2012 at 5:18 PM, Guido van Rossum gu...@python.org wrote:

  A dictionary would (then) be a SET of these. (Voila! things have already
 gotten simplified.)


 Really? So {a:1, a:2} would be a dict of length 2?


  Eventually, I also think this will seque and integrate nicely into Mark
 Shannon's shared-key dict proposal (PEP 412).


I just noticed something in Guido's example.  Something gives me a strange
feeling that using a variable as a key doesn't smell right.  Presumably
Python just hashes the variable's id, or uses the id itself as the key, but
I wonder if anyone's noticed any problems with this, and whether the hash
collision problems could be solved by removing this??   Does anyone even
use this functionality -- of a *variable* (not a string) as a dict key?

mark
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] [Python-ideas] PEP

[Masklinn]

On 2012-03-08, at 22:08 , Mark Janssen wrote:
 I just noticed something in Guido's example.  Something gives me a strange
 feeling that using a variable as a key doesn't smell right.  Presumably
 Python just hashes the variable's id, or uses the id itself as the key

Python calls ``hash`` on the object and uses the result.

 , but
 I wonder if anyone's noticed any problems with this, and whether the hash
 collision problems could be solved by removing this??

No. Not that it makes sense, people could ask for object hashes on
their own and end up with the same result.

   Does anyone even
 use this functionality -- of a *variable* (not a string) as a dict key?

What you're asking does not make sense, the dict key is not the name
but whatever object is bound to the name.

And yes I've used non-string objects as names before: tuples, frozensets,
integers, my own objects, …
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Victor Stinner]

On 07/03/2012 16:33, Mark Shannon wrote:

It should also help with sandboxing, as it would make it easier to
analyse and thus control access to builtins, since the execution context
of all code would be easier to determine.


pysandbox patchs __builtins__ in:

 - the caller frame
 - the interpreter state
 - all modules

It uses a read-only dict with only a subset of __builtins__. It is 
important for:


 - deny replacing a builtin function
 - deny adding a new superglobal variable
 - deny accessing a blocked function

If a module or something else leaks the real builtins dict, it would be 
a vulnerability.


pysandbox is able to replace temporary __builtins__ everywhere and then 
restore the previous state.


Can you please explain why/how pysandbox is too restrictive and how your 
proposition would make it more usable?



Currently, it is impossible to allow one function access to sensitive
functions like open(), while denying it to others, as any code can then
get the builtins of another function via f.__globals__['builtins__'].
Separating builtins from globals could solve this.


For a sandbox, it's a feature, or maybe a requirement :-)

It is a problem if a function accessing to the trusted builtins dict is 
also accessible in the sandbox. I don't remember why it is a problem: 
pysandbox blocks access to the __globals__ attribute of functions.


Victor
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] PEP 414 - some numbers from the Django port

[Maciej Fijalkowski]

On Wed, Mar 7, 2012 at 2:36 PM, Vinay Sajip vinay_sa...@yahoo.co.uk wrote:
 Armin Ronacher armin.ronacher at active-4.com writes:

 What are you trying to argue?  That the overall Django testsuite does
 not do a lot of string processing, less processing with native strings?

 I'm surprised you see a difference at all over the whole Django
 testsuite and I wonder why you get a slowdown at all for the ported
 Django on 2.7.

 The point of the figures is to show there is *no* difference (statistically
 speaking) between the three sets of samples. Of course, any individual run or
 set of runs could be higher or lower due to other things happening on the
 machine (not that I was running any background tasks), so the idea of the 
 simple
 statistical analysis is to determine whether these samples could all have come
 from the same populations. According to ministat, they could have (with a 95%
 confidence level).

But the stuff you run is not really benchmarking anything. As far as I
know django benchmarks benchmark something like mostly DB creation and
deletion, although that might differ between CPython and PyPy. How
about running *actual* django benchmarks, instead of the test suite?

Not that proving anything is necessary, but if you try to prove
something, make it right.

Cheers,
fijal
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Sandboxing Python

[Victor Stinner]

On 05/03/2012 23:11, Victor Stinner wrote:

3 tests are crashing pysandbox:

  - modify a dict during a dict lookup: I proposed two different fixes
in issue #14205
  - type MRO changed during a type lookup (modify __bases__ during the
lookup): I proposed a fix in issue #14199 (keep a reference to the MRO
during the lookup)
  - stack overflow because of a compiler recursion: we should limit the
depth in the compiler (i didn't write a patch yet)

pysandbox should probably hide __bases__ special attribute, or at
least make it read-only.


I opened the following issues to fix these crashers:

#14205: Raise an error if a dict is modified during a lookup. Fixed in 
Python 3.3.


#14199: Keep a refence to mro in _PyType_Lookup() and super_getattro(). 
Fixed in Python 3.3.


#14211: Don't rely on borrowed _PyType_Lookup() reference in 
PyObject_GenericSetAttr(). Fixed in Python 3.3.


#14231: Fix or drop Lib/test/crashers/borrowed_ref_1.py, it looks like 
it was already fixed 3 years ago.


The compiler recursion is not fixed yet.

Fixes may be backported to Python 2.7 and 3.2.

Victor
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Nick Coghlan]

On Fri, Mar 9, 2012 at 3:31 AM, Guido van Rossum gu...@python.org wrote:
 But the __builtins__ that are actually used by any particular piece of
 code is *not* taken by importing builtins. It is taken from what the
 globals store under the key __builtins__.

 This is a feature that was added specifically for sandboxing purposes,
 but I believe it has found other uses too.

Agreed, but swapping out builtins for a different namespace is still
the exception rather than the rule. My Impression of Mark's proposal
was that this approach would become the *preferred* way of doing
things, and that's the part I don't like at a conceptual level.

 The key point is that every piece of code already inherits locals, globals
 and builtins from somewhere else.
 We can already control locals (by which parameters are passed in) and
 globals via exec, eval, __import__, and runpy (any others?)
 but we can't control builtins.

 Correct - because controlling builtins is the domain of sandboxes.

 Incorrect (unless I misunderstand the context) -- when you control the
 globals you control the __builtins__ set there.

And this is where I don't like the idea at a practical level. We
already have a way to swap in a different set of builtins for a
certain execution context (i.e. set __builtins__ in the global
namespace) for a small chunk of code, as well as allowing
collections.ChainMap to insert additional namespaces into the name
lookup path.

This proposal suggests adding an additional mapping argument to every
API that currently accepts a locals and/or globals mapping, thus
achieving... well, nothing substantial, as far as I can tell (aside
from a lot of pointless churn in a bunch of APIs, not all of which are
under our direct control).

 In any case, the locals / globals / builtins chain is a
 simplification; there are also any number of intermediate scopes
 (between locals and globals) from which nonlocal variables may be
 used. Like optimized function globals, these don't use a dict lookup
 at all, they are determined by compile-time analysis.

Acknowledged, but code executed via the exec API with both locals and
globals passed in is actually one of the few places where that lookup
chain survives in its original form (module level class definitions
being the other).

Now, rereading Mark's original message, a simpler proposal of having
*function objects* do an early lookup of
self.__globals__['__builtins__'] at creation time and caching that
somewhere such that the frame objects can get hold of it (rather than
having to do the lookup every time the function gets called or a
builtin gets referenced) might be a nice micro-optimisation. It's the
gratuitous API changes that I'm objecting to, not the underlying idea
of binding the reference to the builtins namespace earlier in the
function definition process. I'd even be OK with leaving the default
builtins reference *out* of the globals namespace in favour of storing
a hidden reference on the frame objects.

Cheers,
Nick.

-- 
Nick Coghlan   |   ncogh...@gmail.com   |   Brisbane, Australia
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Adding a builtins parameter to eval(), exec() and __import__().

[Guido van Rossum]

On Thu, Mar 8, 2012 at 4:33 PM, Nick Coghlan ncogh...@gmail.com wrote:
 On Fri, Mar 9, 2012 at 3:31 AM, Guido van Rossum gu...@python.org wrote:
 But the __builtins__ that are actually used by any particular piece of
 code is *not* taken by importing builtins. It is taken from what the
 globals store under the key __builtins__.

 This is a feature that was added specifically for sandboxing purposes,
 but I believe it has found other uses too.

 Agreed, but swapping out builtins for a different namespace is still
 the exception rather than the rule. My Impression of Mark's proposal
 was that this approach would become the *preferred* way of doing
 things, and that's the part I don't like at a conceptual level.

 The key point is that every piece of code already inherits locals, globals
 and builtins from somewhere else.
 We can already control locals (by which parameters are passed in) and
 globals via exec, eval, __import__, and runpy (any others?)
 but we can't control builtins.

 Correct - because controlling builtins is the domain of sandboxes.

 Incorrect (unless I misunderstand the context) -- when you control the
 globals you control the __builtins__ set there.

 And this is where I don't like the idea at a practical level. We
 already have a way to swap in a different set of builtins for a
 certain execution context (i.e. set __builtins__ in the global
 namespace) for a small chunk of code, as well as allowing
 collections.ChainMap to insert additional namespaces into the name
 lookup path.

 This proposal suggests adding an additional mapping argument to every
 API that currently accepts a locals and/or globals mapping, thus
 achieving... well, nothing substantial, as far as I can tell (aside
 from a lot of pointless churn in a bunch of APIs, not all of which are
 under our direct control).

 In any case, the locals / globals / builtins chain is a
 simplification; there are also any number of intermediate scopes
 (between locals and globals) from which nonlocal variables may be
 used. Like optimized function globals, these don't use a dict lookup
 at all, they are determined by compile-time analysis.

 Acknowledged, but code executed via the exec API with both locals and
 globals passed in is actually one of the few places where that lookup
 chain survives in its original form (module level class definitions
 being the other).

 Now, rereading Mark's original message, a simpler proposal of having
 *function objects* do an early lookup of
 self.__globals__['__builtins__'] at creation time and caching that
 somewhere such that the frame objects can get hold of it (rather than
 having to do the lookup every time the function gets called or a
 builtin gets referenced) might be a nice micro-optimisation. It's the
 gratuitous API changes that I'm objecting to, not the underlying idea
 of binding the reference to the builtins namespace earlier in the
 function definition process. I'd even be OK with leaving the default
 builtins reference *out* of the globals namespace in favour of storing
 a hidden reference on the frame objects.

Agreed on the gratuitous API changes. I'd like to hear Mark's response.

-- 
--Guido van Rossum (python.org/~guido)
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Sandboxing Python

[Victor Stinner]

On 01/03/2012 22:59, Victor Stinner wrote:

I challenge anymore to break pysandbox! I would be happy if anyone
breaks it because it would make it more stronger.


Results, one week later. Nobody found a vulnerability giving access to 
the filesystem or to the sandbox.


Armin Rigo complained that CPython has known crasher bugs. Except of 
the compiler recursion, I fixed those bugs in CPython 3.3.


Serhiy Storchaka found a bug in the pysandbox timeout: long operations 
implemented in C hangs the sandbox, the timeout contrain is not applied. 
Guido proposed to abort the process (use the default SIGALRM action). I 
proposed to add an option to use a subprocess. Both solutions are not 
exclusive.


Armin Rigo also noticed that PyPy sandbox design is more robust than 
pysandbox design, I agree with him even if I think a CPython sandbox is 
useful and users ask for such protection.


I have no idea how many developers tried to break the pysandbox security.

Victor
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com