Gregory P. Smith added the comment:
Good catch.
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Gregory P. Smith added the comment:
New changeset 1c8b3b5d66a629258f1db16939b996264a8b9c37 by Alexey Izbyshev in
branch 'main':
bpo-47260: Fix os.closerange() potentially being a no-op in a seccomp sandbox
(GH-32418)
https://github.com/python/cpyt
Gregory P. Smith added the comment:
https://discuss.python.org/t/need-reconsideration-of-bpo-34975-add-start-tls-method-to-streams-api/14720
would like to see this reconsidered. reopening.
--
nosy: +gregory.p.smith
resolution: wont fix ->
stage: resolved ->
status: closed -
Gregory P. Smith added the comment:
Thanks! I agree with you that this is probably not an actual problem on Linux.
_I did look at the various glibc architecture vfork.s implementations: Cute
tricks used on some where they need to avoid a stack modifying traditional
return from vfork
Gregory P. Smith added the comment:
Our current assumptions around the use of vfork() are very much glibc specific.
Another useful reference for reasoning, comments, and history is
https://github.com/golang/go/blob/master/src/syscall/exec_linux.go#L146
`forkAndExecInChild1
Change by Gregory P. Smith :
--
keywords: +3.10regression
___
Python tracker
<https://bugs.python.org/issue47245>
___
___
Python-bugs-list mailing list
Unsub
Gregory P. Smith added the comment:
Immediate action item: Add a way for people to disable vfork at runtime by
setting a flag in the subprocess module, just in case.
This can be backported to 3.10 - It'd provide an escape hatch for anyone
without a need to rebuild Python to disable u
Gregory P. Smith added the comment:
Can you provide a reproducable way to demonstrate evidence of a problem in
CPython's use of the Linux libc vfork() implementation? A test case that
causes a CPython parent or child process on Linux when built with HAVE_VFORK
failing to function pro
Gregory P. Smith added the comment:
New changeset 612e422c6ea9df60d3382ed1491d8254c283e93f by Jeremy Kloth in
branch 'main':
bpo-46576: Speed up test_peg_generator by using a static library for shared
sources (GH-32338)
https://github.com/python/cpyt
Change by Gregory P. Smith :
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
versions: -Python 3.8
___
Python tracker
<https://bugs.python.or
Gregory P. Smith added the comment:
New changeset ac1fb07b6ecb6b93446484f52894914e5199de63 by Gregory P. Smith in
branch 'main':
bpo-47235: Note where a typo is intentional in code. (GH-32348)
https://github.com/python/cpython/commit/ac1fb07b6ecb6b93446484f5289491
Change by Gregory P. Smith :
--
keywords: +patch
pull_requests: +30401
stage: needs patch -> patch review
pull_request: https://github.com/python/cpython/pull/32348
___
Python tracker
<https://bugs.python.org/issu
Gregory P. Smith added the comment:
LOL... we didn't anticipate this happening when adding the commonly found typo
detection feature.
--
assignee: docs@python -> gregory.p.smith
nosy: +gregory.p.smith
___
Python tracker
<https://bugs
Change by pmp-p :
--
nosy: +pmpp
___
Python tracker
<https://bugs.python.org/issue47232>
___
___
Python-bugs-list mailing list
Unsubscribe:
https://mail.pyth
Gregory P. Smith added the comment:
this mostly requires plumbing to accept an int as the cwd and plumb that
through to the between fork and exec code to call `fchdir(cwd_fd)` on the `int`
instead of chdir(cwd) on the `char*`.
the Modules/_posixsubprocess.c internals are a bit of a mess
Gregory P. Smith added the comment:
The "trick" wouldn't be too useful though as this API can't block and the
signal flag needs to be processed on the main thread. So I guess documentation
it is.
The way I think of this is that the signal.pthread_sigmask API is pretty lo
Gregory P. Smith added the comment:
New changeset 75280944e5ca957eec7f814b9d0608fc84fc5811 by Hugo van Kemenade in
branch 'main':
bpo-46607: Add DeprecationWarning for LegacyInterpolation, deprecated in docs
since 3.2 (GH-30927)
https://github.com/python/cpyt
Change by Gregory P. Smith :
--
nosy: +gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue47153>
___
___
Python-bugs-list mailing list
Unsubscribe:
Gregory P. Smith added the comment:
The irony... Documenting the caveat at least seems useful. Your workaround
sounds reasonable.
I don't love the idea of implementing our own mask blocked/unblocked state
check, though it probably wouldn't be very complicated. Might be interesting
Change by Gregory P. Smith :
--
nosy: +gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue47164>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Gregory P. Smith :
--
nosy: +gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue47185>
___
___
Python-bugs-list mailing list
Unsubscribe:
Gregory P. Smith added the comment:
If we can conditionally test new things based on C++XX version, accumulating
modern issue regression tests seems useful. Otherwise 11 at minimum.
As for why some things trigger this and others don't, my wild _guess_ would be
whether the statements a
Gregory P. Smith added the comment:
per
https://mail.python.org/archives/list/python-...@python.org/message/GFOMU7LP63JUVFMWNJNZJLUMZDRPTUYJ/
lets roll some of those PRs back and reshape where we move these APIs as
despite the PEP they were not as private as other privates.
(deferred
Gregory P. Smith added the comment:
A more fundamental issue behind this: unittest's plain text verbose output is
not intended to be parsable and consumable by machines. It is 22 years old and
was intended for use in 80 column wide terminals as a progress report while
watching it r
New submission from Gregory P. Smith :
zlib v1.2.11 as used in Windows binary releases contains a security issue that,
while fixed in its git repo years ago, never wound up in a release or a CVE
until just now.
Folllow the https://www.openwall.com/lists/oss-security/2022/03/24/1 thread and
New submission from Gregory P. Smith :
zlib-ng is an optimized zlib library with better performance on most
architectures (with contributions from the likes of Google, Cloudflare, and
Intel). It is API compatible with zlib. https://github.com/zlib-ng/zlib-ng
I believe the only platform we
Change by Gregory P. Smith :
--
assignee: -> gregory.p.smith
resolution: -> fixed
stage: patch review -> commit review
status: open -> closed
___
Python tracker
<https://bugs.python
Gregory P. Smith added the comment:
New changeset 4a08c4c469d36f99d3a5e0f17ad82ab35dcf2835 by Gregory P. Smith in
branch 'main':
bpo-47151: Fallback to fork when vfork fails in subprocess. (GH-32186)
https://github.com/python/cpython/commit/4a08c4c469d36f99d3a5e0f17ad82a
Gregory P. Smith added the comment:
Thanks. I had wondered if this was really a pid=1 restriction or not, but I
could definitely imagine kernel scenarios where vfork is simply forbidden
regardless. There are a variety of policy mechanisms in kernels, mainline Linux
or not, that _could_ do
New submission from Gregory P. Smith :
## Background
All `hashlib` computations and `binascii.crc32` and `zlib.crc32` release the
GIL around their computational core. But they use a hard coded length check to
determine when to do so, or always do it.
That already accomplishes the larger
Gregory P. Smith added the comment:
Any possibility that you can test the attached PR as pid 1?
--
___
Python tracker
<https://bugs.python.org/issue47
Change by Gregory P. Smith :
--
keywords: +patch
pull_requests: +30263
stage: needs patch -> patch review
pull_request: https://github.com/python/cpython/pull/32186
___
Python tracker
<https://bugs.python.org/issu
Gregory P. Smith added the comment:
yep, branch off of a recent main.
--
___
Python tracker
<https://bugs.python.org/issue44733>
___
___
Python-bugs-list mailin
Gregory P. Smith added the comment:
Thanks for the contribution!
(our attention spans can be scattered and random, apologies for the delay)
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
___
Python tracke
Gregory P. Smith added the comment:
New changeset dc2d8404a3ab6288ce112c71da8c65c34cd3087e by Dave Goncalves in
branch 'main':
bpo-33178: Add BigEndianUnion, LittleEndianUnion classes to ctypes (GH-25480)
https://github.com/python/cpython/commit/dc2d8404a3ab6288ce112c71da8c65
Change by Gregory P. Smith :
--
components: +Extension Modules -Library (Lib)
stage: -> needs patch
title: vfork() returns EINVAL if PID=1 -> subprocess fails when used as init,
vfork() returns EINVAL if PID=1
type: -> behavior
___
Pytho
Change by Gregory P. Smith :
--
resolution: -> fixed
___
Python tracker
<https://bugs.python.org/issue44493>
___
___
Python-bugs-list mailing list
Unsubscrib
Gregory P. Smith added the comment:
New changeset dae09c2b819c2683ad870733451c050b59c3eb93 by Miss Islington (bot)
in branch '3.9':
[3.9] bpo-44493: Add missing terminated NUL in sockaddr_un's length (GH-26866)
(GH-32140) (GH-32156)
https://github.com/python
Gregory P. Smith added the comment:
New changeset f6b3a07b7df60dc04d0260169ffef6e9796a2124 by ty in branch 'main':
bpo-44493: Add missing terminated NUL in sockaddr_un's length (GH-26866)
https://github.com/python/cpython/commit/f6b3a07b7df60dc04d0260169
Gregory P. Smith added the comment:
I only pointed to that API after a brief search without looking at details
(Swift? oops!). If there is one available from C that'd also make sense to
consider.
The only things I expect, relevant to hashlib, that would be accelerated by OS
native
New submission from Gregory P. Smith :
https://docs.microsoft.com/en-us/windows/win32/seccng/creating-a-hash-with-cng
See if these are worthwhile vs using OpenSSL for the hashlib algorithms it
supports. OS APIs can in theory take better advantage of HW acceleration for
performance. Verify
New submission from Gregory P. Smith :
https://developer.apple.com/documentation/cryptokit/ in macOS 10.15+
This is a common place for platform specific hardware acceleration to be
exposed to the user (especially on SoCs which often have non-standard hardware
- Like Apples... which is
Change by Gregory P. Smith :
--
assignee: -> gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue44493>
___
___
Python-bugs-list mailing list
Un
Gregory P. Smith added the comment:
It looks like the length would be short by one in Python before this change,
meaning binding or connecting to a non-anonymous named AF_UNIX socket
potentially loses the last character of the path name intended to be bound?
Depending on if the OS uses the
Gregory P. Smith added the comment:
Bug filing tip for ty/zonyitoo: Describe the problem in the text when filing
the bug. Include its consequences and how it is observed in practice.
A bug filed just saying "look at this code, this is wrong" does not communicate
a need for anyon
Gregory P. Smith added the comment:
You missed the key "And certainly more efficient in terms of watt-secs/byte"
part.
--
___
Python tracker
<https://bugs.python.o
Gregory P. Smith added the comment:
Thanks Serhiy!
--
resolution: -> fixed
stage: patch review -> commit review
status: open -> closed
___
Python tracker
<https://bugs.python.or
Gregory P. Smith added the comment:
Rust based anything comes with a baseline level of Rust code overhead.
https://stackoverflow.com/questions/29008127/why-are-rust-executables-so-huge
That seems expected.
--
___
Python tracker
<ht
Gregory P. Smith added the comment:
Neat. I've never used the API, just filing a breadcrumb suggesting we see if it
makes sense. Being I/O based, that even takes care of GIL releasing from
Python. :)
--
___
Python tracker
&
Gregory P. Smith added the comment:
Performance wise... The SHA series have hardware acceleration on modern CPUs
and SoCs. External libraries such as OpenSSL are in a position to provide
implementations that make use of that. Same with the Linux Kernel CryptoAPI
(https://bugs.python.org
Gregory P. Smith added the comment:
To anyone else who comes along with motivation:
I'm fine with blake3 being in hashlib, but I don't want us to guarantee it by
carrying the implementation of the algorithm in the CPython codebase itself
unless it gains wide industry standard-lik
New submission from Gregory P. Smith :
Linux kernels provide a CryptoAPI. This is a common place for platform specific
hardware accelerated hash algorithms to be exposed to the user (especially on
SoCs which often have non-standard hardware).
https://www.kernel.org/doc/html/v4.10/crypto
Gregory P. Smith added the comment:
Because I don't think blake3 or blake2 _(though we've shipped it already so
there's a challenge in making changes https://bugs.python.org/issue47095)_ are
important enough to be _guaranteed_ present in all builds (our release binaries
wou
Gregory P. Smith added the comment:
Here's how I created an IPv6-only host:
https://gist.github.com/gpshead/f4f394593674e5f7a58e9424b4dba989
--
___
Python tracker
<https://bugs.python.org/is
Gregory P. Smith added the comment:
In the short term we should prefer libb2 linkage when available.
As for deprecation, it'd be useful to research how often the options going away
are used in code in PyPI packages and in Github repos to understand the
deprecation impact.
The
Gregory P. Smith added the comment:
correction: our md5/sha1/sha2/sha3 code is not gone yet, but they are simple C
implementations used as a fallback when the provider of optimal versions are
unavailable (openssl for those). That keeps the copies of code in our tree
simple and most people
Gregory P. Smith added the comment:
Bringing this up on discord, others point out that the windows build requires
zlib for convenience when we transitioned from having a vendored copy in our
repo and that smaller "embedded" use cases may not like this if they don't
already ne
Gregory P. Smith added the comment:
hashlib creator and other maintainer here: I do not think it was a good idea
for us to add blake2 to hashlib the way we did. So blake3 should not be
presumed as a given, at least not done in the same manner.
Background:
While OpenSSL gained _some_ blake2
Change by Gregory P. Smith :
--
keywords: +patch
pull_requests: +30133
pull_request: https://github.com/python/cpython/pull/32043
___
Python tracker
<https://bugs.python.org/issue47
New submission from Gregory P. Smith :
We have a pile of conditionals and extra code in CPython to deal with building
on systems that do not have zlib. The zlib C library has been around forever
at this point and should be present on every system in the world.
zlib is already required on
Gregory P. Smith added the comment:
Your PR looks good to me.
I agree with not making it easy to _write_ zipfiles with non-standard encoding
used for names.
There is a possibility that someone wants that ability when writing zip files
(not yet clear) in https://bugs.python.org/issue40172
Gregory P. Smith added the comment:
Examining Lib/zipfile.py code, the existing code makes sense. Python's zipfile
module produces modern zipfiles when writing by setting the utf-8 flag and
storing the filename as utf-8 when it is not ASCII. This is desirable for use
with all norma
Gregory P. Smith added the comment:
Basically you want it to call fchdir() instead of chdir() when passed a fd
(integer) instead of a string/Path-like. That makes sense and should be a
reasonably straight forward set of changes to _posixsubprocess.c.
(A way to convert a fd into a Path-like
Gregory P. Smith added the comment:
3.8 and older are in security fix only mode. 3.9+ have been fixed.
realistically this was a rare issue with multiple workarounds.
The 3.9 and 3.10 fixes were strictly bugfix only. The 3.11 fix included some
performance improvements
Gregory P. Smith added the comment:
New changeset 58a7e130375776b192a99b013bc563205a639edc by Gregory P. Smith in
branch '3.9':
bpo-38256: Fix binascii.crc32 large input. (GH-32000) (GH-32013) (GH-32015)
https://github.com/python/cpython/commit/58a7e130375776b192a99b013bc563
Change by Gregory P. Smith :
--
pull_requests: +30103
pull_request: https://github.com/python/cpython/pull/32015
___
Python tracker
<https://bugs.python.org/issue38
Gregory P. Smith added the comment:
New changeset 4c989e19c84ec224655bbbde9422e16d4a838a80 by Gregory P. Smith in
branch '3.10':
[3.10] bpo-38256: Fix binascii.crc32 large input. (GH-32000) (GH-32013)
https://github.com/python/cpython/commit/4c989e19c84ec224655bbbde9422e1
Gregory P. Smith added the comment:
Definitely not an OS specific concept. Big.little configs are all over the
place on all OSes and architectures these days. With a variety of ways OSes
are experimenting with scheduling for them (nevermind that Android and iOS have
been doing this for a
Gregory P. Smith added the comment:
can we reliably query for what the default is and add that to the expectations?
or just skip the test if the defaults don't match our expectations (less
ideal)?
if those are a challenge to do reliably - adding 15, 0 to the expected set may
be the
Change by Gregory P. Smith :
--
assignee: -> gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue47054>
___
___
Python-bugs-list mailing list
Un
Change by Gregory P. Smith :
--
keywords: +patch
nosy: +gregory.p.smith
nosy_count: 4.0 -> 5.0
pull_requests: +30102
stage: needs patch -> patch review
pull_request: https://github.com/python/cpython/pull/32014
___
Python tracker
Change by Gregory P. Smith :
--
title: sys.exit() caught in exception handler -> sys.exit() caught in async
event loop exception handler
___
Python tracker
<https://bugs.python.org/issu
Change by Gregory P. Smith :
--
pull_requests: +30101
pull_request: https://github.com/python/cpython/pull/32013
___
Python tracker
<https://bugs.python.org/issue38
Gregory P. Smith added the comment:
New changeset 9d1c4d69dbc800ac344565119337fcf490cdc800 by Gregory P. Smith in
branch 'main':
bpo-38256: Fix binascii.crc32() when inputs are 4+GiB (GH-32000)
https://github.com/python/cpython/commit/9d1c4d69dbc800ac344565119337fc
Gregory P. Smith added the comment:
New changeset 6d290d5862375799e997f1192ef56abca4e9182e by Ma Lin in branch
'3.10':
[3.10] bpo-47040: improve document of checksum functions (GH-31955) (GH-32002)
https://github.com/python/cpython/commit/6d290d5862375799e997f1192ef56a
Gregory P. Smith added the comment:
The os module provides a pretty low level simple shim over platform APIs. It is
better for logic like this to live in a higher level application library rather
than make big assumptions on the part of the user.
```
try:
os.fdatasync(fd)
except
Gregory P. Smith added the comment:
I agree with the decision, assertAlmostEqual is where the feature belongs.
>From a practical point of view I suspect a lot of people who want this in the
>wider world today use just `assert math.isclose(...)` despite the less useful
>erro
Change by Gregory P. Smith :
--
assignee: -> gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue38256>
___
___
Python-bugs-list mailing list
Un
Gregory P. Smith added the comment:
If you want to backport the documentation updates, feel free to make PRs for
that.
--
assignee: docs@python -> gregory.p.smith
resolution: -> fixed
stage: patch review -> resolved
status: open
Gregory P. Smith added the comment:
FYI - https://bugs.python.org/issue38256 covers the 32-bit bug.
--
___
Python tracker
<https://bugs.python.org/issue47
Change by Gregory P. Smith :
--
keywords: +patch
pull_requests: +30089
stage: needs patch -> patch review
pull_request: https://github.com/python/cpython/pull/32000
___
Python tracker
<https://bugs.python.org/issu
Gregory P. Smith added the comment:
it depends on the build. USE_ZLIB_CRC32 causes it due to zlib's 32-bitness as
noted my marko.
$ ./python
Python 3.11.0a6+ (heads/main-dirty:b3f2d4c8ba, Mar 19 2022, 15:32:04) [GCC
9.4.0] on linux
Type "help", "copyright", "
Gregory P. Smith added the comment:
```
$ python3.8
Python 3.8.10 (default, Nov 26 2021, 20:14:08)
[GCC 9.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import binascii, zlib
>>> b
Change by Gregory P. Smith :
--
title: Remove invalid versionchanged in doc -> Fix confusing versionchanged
note in crc32 and adler32
___
Python tracker
<https://bugs.python.org/issu
Gregory P. Smith added the comment:
New changeset b3f2d4c8bab52573605c96c809a1e2162eee9d7e by Ma Lin in branch
'main':
bpo-47040: improve document of checksum functions (gh-31955)
https://github.com/python/cpython/commit/b3f2d4c8bab52573605c96c809a1e2
Change by Gregory P. Smith :
--
resolution: -> not a bug
stage: -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Gregory P. Smith added the comment:
Is there anything on our end we can do to prevent this kind of issue in the
future?
Am I wrong to see this as just fixing our package to avoid a design flaw in
Windows OS level package management?
Certainly other packages in the world must run into
Gregory P. Smith added the comment:
New changeset 46a116c1c9f6b60a3d35ab9a419f8eee5de2542e by Géry Ogam in branch
'main':
bpo-38738: Fix formatting of True and False in the threading documentation
(GH-31678)
https://github.com/python/cpython/commit/46a116c1c9f6b60a3d35ab9a419f8e
Change by pmp-p :
--
nosy: +pmpp
___
Python tracker
<https://bugs.python.org/issue31370>
___
___
Python-bugs-list mailing list
Unsubscribe:
https://mail.pyth
Gregory P. Smith added the comment:
Per interpreter seems best.
If someone using this feature writes a buggy implementation of a callback that
doesn't chain reliably, that is a bug in their code and all of the fallout from
that is "just" a bug to be fixed in said code.
Think
Change by Gregory P. Smith :
--
nosy: +Mark.Shannon
___
Python tracker
<https://bugs.python.org/issue46896>
___
___
Python-bugs-list mailing list
Unsubscribe:
Gregory P. Smith added the comment:
At first quick glance, this makes sense and the API looks reasonable.
Question: what happens on interpreter shutdown?
Shutdown obviously finalized and clears out most all dicts. I guess the C
callback simply gets called for each of these? That makes
Gregory P. Smith added the comment:
FWIW I agree that we should try adding LTO to --enable-optimizations now.
--
nosy: +gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue45
Gregory P. Smith added the comment:
err "release managers" same thing right? ;)
--
___
Python tracker
<https://bugs.python.org/issue46784>
___
___
Gregory P. Smith added the comment:
PRs for 3.7 and 3.8 remain up to release blockers.
--
components: +Build
resolution: -> fixed
stage: patch review -> commit review
status: open -> closed
___
Python tracker
<https://bugs.python.or
Gregory P. Smith added the comment:
New changeset e05e3d20d309603010f2c1194e612f894ad8a985 by Gregory P. Smith in
branch '3.10':
[3.10] bpo-46784: Add newly exported expat symbols to the namespace. (GH-31397)
(GH-31420)
https://github.com/python/cpyt
Gregory P. Smith added the comment:
A new system of logging APIs has been on several of our (core dev and
otherwise) minds ever since f-strings were introduced. For this specific
issue, agreed that documentation is key.
The old logging APIs cannot change. And practically preventing
Change by Gregory P. Smith :
--
pull_requests: +29557
pull_request: https://github.com/python/cpython/pull/31420
___
Python tracker
<https://bugs.python.org/issue46
New submission from Gregory P. Smith :
Quoting from
https://github.com/python/cpython/pull/31397#issuecomment-1044796561
"""
XML_SetBillionLaughsAttackProtectionActivationThreshold
XML_SetBillionLaughsAttackProtectionMaximumAmplification
I still hope that someone can
Change by Gregory P. Smith :
--
nosy: +gregory.p.smith
___
Python tracker
<https://bugs.python.org/issue46784>
___
___
Python-bugs-list mailing list
Unsubscribe:
1 - 100 of 1001 matches
Mail list logo
