How much is set in stone?

Tim Peters tim.one at home.com
Sun Nov 11 08:13:24 CET 2001


[Paul Rubin]
> It's not intended as FUD.  Other people did report similar crashes.

For vague enough values of "similar", which amounts to "something crashed, I
have no idea why, and can't correlate to anything I was doing except running
Python at the time".  Perhaps I'm too used to that from rebooting Windows
ten times a day, though <0.7 wink>.

> It's conceivable that my crashes weren't caused by Python bugs, but
> signs don't point that way.

To my eye they didn't point at Python either.  But when a Perl program
crashes, neither do I assume it's Perl's fault, etc.

> Comparing Python with Perl, generally I find Python better designed
> but its implementation more likely to take short cuts.

Heh -- I take it you haven't looked much at either implementation.

> The security issue with pickle.loads that we spent a long time
> discussing is something I think the perl developers would not have
> tolerated.

Can't guess, but would be very surprised if it didn't vary by developer.
Some developers think "potential exploits" are occasion for worldwide alarm,
others yawn, and most of us are somewhere in between.  Overall, you appear
to be to the left of the PythonLabs mean on that scale, but we're not glued
to right-hand wall either.  Barry Warsaw is inclined to try to make some
time for that one for 2.2b1 -- which was predictable, since he's the only
one of us who disables JavaScript in his browser <0.9 wink>.

> There's all kinds of other missing functionality in the runtime system
> as well, that doesn't result directly in unrobust programs, but does
> make it more difficult to write robustly.

This seems a stretch.

>  A lot of this ng is about the resulting issues.
>
> I think Python is promising and exciting and I like programming in it.
> It's just inaccurate to say it's as far along in development as some
> other languages.

I didn't say it was, and I agree it isn't:  in person-years devoted to its
development so far, Python is near the bottom of the pack.  But the issue
was stability, and the first pre-alpha 0.9.0 Python I got from Guido was
already orders of magnitude more reliable than the production Perl 4 I was
using at the time.

My last employer used gcc and Perl and Python too:  no bug reports were
filed against Python as a result of that; several bad codegen reports were
filed against gcc (not counting many filed against a new-platform gcc port);
several more against Intel's compiler; a few against MSVC; and we saved a
collection of Perl binaries and hardcoded paths to them in each script,
because we were wasting too much time "pinning the blame" on the Perl du
jour for crashes before that.

It's impossible to say whether that's "typical", but it was my experience,
and after countless hours staring at the implementations, it's consistent
with what I'd expect.





More information about the Python-list mailing list