Feedback about an experiment to embed Python interpreter with FFI API
Rado Smogura
mail at smogura.eu
Wed Dec 29 17:00:57 UTC 2021
Hi,
+1
It can be hard to use it in serverless / functions environments (at some
point of time... as now most stuck with JDK 11 anyway).
BR,
Rado
On 29.12.2021 17:27, Florian Weimer wrote:
> * Maxim Karpov:
>
>> The topic I want to talk about is a small flag `--enable-native-access=X`
>> that looks harmless and useful at first glance. tl,dr: it is neither
>> harmless nor useful. The reasoning that "user must opt-in to use unsafe
>> APIs" implies that: (1) unsafe APIs are something illegal and should be
>> avoided; (2) user has competencies to make such decisions; (3) user has
>> other choice than use unsafe APIs. From my point of view, all three
>> assumptions are false.
> I wanted to bring this up as well. I get the desire not to look at
> the bogus VM crash reports caused by incorrect code. Maybe some
> tainting framework could be used instead. Modules which have used FFI
> would show up in the crash reports, and if they indicate that they do
> not export a safe interfaces, other modules importing their interfaces
> would be listed, too.
More information about the panama-dev
mailing list