-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support free-threaded Python 3.13 #925
base: main
Are you sure you want to change the base?
Conversation
dcb6071
to
1d8f655
Compare
It looks like the lack of Python3.7 support in pytest-run-parallel is a little annoying to deal with in tox (or at least I don't see how to deal with it straightforwardly given that we need to make a code modification to the tests). Let me see how hard it is to support Python 3.7 in pytest-run-parallel. |
We also may be able to drop 3.7. we'd need to start by looking at the usage
data
…On Mon, Nov 25, 2024, 3:02 PM Nathan Goldbaum ***@***.***> wrote:
It looks like the lack of Python3.7 support in pytest-run-parallel is a
little annoying to deal with in tox (or at least I don't see how to deal
with it straightforwardly given that we need to make a code modification).
Let me see how hard it is to support Python 3.7 in pytest-run-parallel.
—
Reply to this email directly, view it on GitHub
<#925 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAAGBGQGDZM5ZSHZF6OTHD2CN65BAVCNFSM6AAAAABSOYEP32VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDIOJYHEZDCNBVGU>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
I think we probably do want some explicit threading testing separate from the use of threading in the test harness itself. A quick lazy glance at the stats suggests we're ~5-7% Python 3.7 downloads per day. On pyca/cryptography that'd be too high, but this project sees less change so I think I'd be okay with dropping it. |
Can you share a little more what you had in mind here? Maybe several threads hashing and checking passwords based on shared bytes or hashes? Is there any state stored anywhere? It looks like everything is a pure function. |
Great, I'll look at dropping Python 3.7 in a separate PR. |
Yeah there's no state, but your proposed idea is what I'd do. Just mimicking what a multi-threaded workload would look like with hash gen, verification, and kdf operations. |
fed9d38
to
ba2bcd4
Compare
@@ -219,7 +224,7 @@ def test_gensalt_bad_prefix(): | |||
bcrypt.gensalt(prefix=b"bad") | |||
|
|||
|
|||
def test_gensalt_2a_prefix(monkeypatch): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
unrelated to this PR, but I noticed these fixtures weren't being used anymore
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great
I added a test that uses threading, let me know if you have any suggestions. It also looks like PyO3 0.23.2 might have broken setuptools-rust on Windows? |
I think PyO3/pyo3#4733 might fix it, want to try setting that git branch here and see if resolves? |
994a54e
to
9187561
Compare
@reaperhulk it looks like all the upstream issues have been sorted out and this is ready now. |
self.id_ = id_ | ||
self.salt = bcrypt.gensalt(4) | ||
self.hash_ = bcrypt.hashpw(pw, self.salt) | ||
self.key = bcrypt.kdf(pw, self.salt, 32, 50) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I chose these parameters to make this run in a reasonable time. Still, it's a very slow test compared with the rest of the test suite.
ping @reaperhulk - any chance you can look at this PR again? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Last thing to consider is when we want to add this to the wheel builder?
@@ -494,3 +498,41 @@ def test_2a_wraparound_bug(): | |||
) | |||
== b"$2a$04$R1lJ2gkNaoPGdafE.H.16.1MKHPvmKwryeulRe225LKProWYwt9Oi" | |||
) | |||
|
|||
|
|||
@pytest.mark.thread_unsafe() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this thread unsafe?
@@ -464,6 +467,7 @@ def test_kdf_no_warn_rounds(): | |||
bcrypt.kdf(b"password", b"salt", 10, 10, True) | |||
|
|||
|
|||
@pytest.mark.thread_unsafe() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why is this thread unsafe?
@@ -219,7 +224,7 @@ def test_gensalt_bad_prefix(): | |||
bcrypt.gensalt(prefix=b"bad") | |||
|
|||
|
|||
def test_gensalt_2a_prefix(monkeypatch): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Great
# use UUIDs as both ID and passwords | ||
num_users = 50 | ||
ids = [get_id() for _ in range(num_users)] | ||
pws = {id_: get_id() for id_, _ in zip(ids, range(num_users))} | ||
|
||
user_creator = ThreadPoolExecutor(max_workers=4) | ||
|
||
def create_user(id_, pw): | ||
return id_, User(id_, pw) | ||
|
||
creator_futures = [ | ||
user_creator.submit(create_user, id_, pw) for id_, pw in pws.items() | ||
] | ||
|
||
users = [future.result() for future in creator_futures] | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel like there's way too much going on relative to what we're actually trying to test. At base we're trying to to run all the bcrypt functions concurrently.
So I think this can simplify to:
futures = [user_creator.submit(create_user, uuid.uuid4()) for _ in range(num_users)]
remoe the unused id field from User, and then just use the attributes, rather than the pws dict?
Towards fixing #913.
Adds pytest-run-parallel as a test dependency. This does a good job of detecting thread-unsafe use of global state but doesn't catch thread safety issues due to sharing mutable state stored in objects. I marked one test as thread-unsafe because it uses the
warnings
module, which isn't thread-safe.Declares that the rust PyO3 module exprted in
_bcrypt
doesn't use the GIL. It looks like the rust code exports python functions and doesn't define any objects with state. Am I missing something?Sets up free-threaded CI using quansight-labs/setup-python.
It looks like the existing tests don't use
threading
at all. Should I add some multithreaded tests? Or ispytest-run-parallel
executing the existing tests in parallel sufficient?After this I'll look at updating the wheel-building and uploading 313t wheels.