使用Cython和Nuitka编译Python脚本

发表于 | 分类于 | 1066
字数统计 2.5k | 阅读时长 13

0x00 前言

在Python中,可以使用py2exePyInstaller之类的工具将Python脚本编译成二进制文件,从而提升可移植性,并在一定程度上提升了性能。不过这类工具的实现只是将py文件编译成pyc或pyo,在安全性上还是弱了一些,存在被反编译的风险。

为了测试不同编译方式的性能差异,这里统一使用python2.7中提供的test/pystone.py作为执行脚本。由于这个脚本不支持python3,因此做了下python3的适配。完整的测试代码如下:

  1. #! /usr/bin/env python
  3. """
  4. "PYSTONE" Benchmark Program
  6. Version:        Python/1.1 (corresponds to C/1.1 plus 2 Pystone fixes)
  8. Author:         Reinhold P. Weicker,  CACM Vol 27, No 10, 10/84 pg. 1013.
  10.                 Translated from ADA to C by Rick Richardson.
  11.                 Every method to preserve ADA-likeness has been used,
  12.                 at the expense of C-ness.
  14.                 Translated from C to Python by Guido van Rossum.
  16. Version History:
  18.                 Version 1.1 corrects two bugs in version 1.0:
  20.                 First, it leaked memory: in Proc1(), NextRecord ends
  21.                 up having a pointer to itself.  I have corrected this
  22.                 by zapping NextRecord.PtrComp at the end of Proc1().
  24.                 Second, Proc3() used the operator != to compare a
  25.                 record to None.  This is rather inefficient and not
  26.                 true to the intention of the original benchmark (where
  27.                 a pointer comparison to None is intended; the !=
  28.                 operator attempts to find a method __cmp__ to do value
  29.                 comparison of the record).  Version 1.1 runs 5-10
  30.                 percent faster than version 1.0, so benchmark figures
  31.                 of different versions can't be compared directly.
  33. """
  35. LOOPS = 50000
  37. try:
  38.     from time import perf_counter as clock
  39. except ImportError:
  40.     from time import clock
  42. __version__ = "1.1"
  44. [Ident1, Ident2, Ident3, Ident4, Ident5] = range(1, 6)
  46. class Record:
  48.     def __init__(self, PtrComp = None, Discr = 0, EnumComp = 0,
  49.                        IntComp = 0, StringComp = 0):
  50.         self.PtrComp = PtrComp
  51.         self.Discr = Discr
  52.         self.EnumComp = EnumComp
  53.         self.IntComp = IntComp
  54.         self.StringComp = StringComp
  56.     def copy(self):
  57.         return Record(self.PtrComp, self.Discr, self.EnumComp,
  58.                       self.IntComp, self.StringComp)
  60. TRUE = 1
  61. FALSE = 0
  63. def main(loops=LOOPS):
  64.     benchtime, stones = pystones(loops)
  65.     print("Pystone(%s) time for %d passes = %g" % \
  66.           (__version__, loops, benchtime))
  67.     print("This machine benchmarks at %g pystones/second" % stones)
  70. def pystones(loops=LOOPS):
  71.     return Proc0(loops)
  73. IntGlob = 0
  74. BoolGlob = FALSE
  75. Char1Glob = '\0'
  76. Char2Glob = '\0'
  77. Array1Glob = [0]*51
  78. Array2Glob = list(map(lambda x: x[:], [Array1Glob]*51))
  79. PtrGlb = None
  80. PtrGlbNext = None
  82. def Proc0(loops=LOOPS):
  83.     global IntGlob
  84.     global BoolGlob
  85.     global Char1Glob
  86.     global Char2Glob
  87.     global Array1Glob
  88.     global Array2Glob
  89.     global PtrGlb
  90.     global PtrGlbNext
  92.     starttime = clock()
  93.     for i in range(loops):
  94.         pass
  95.     nulltime = clock() - starttime
  97.     PtrGlbNext = Record()
  98.     PtrGlb = Record()
  99.     PtrGlb.PtrComp = PtrGlbNext
  100.     PtrGlb.Discr = Ident1
  101.     PtrGlb.EnumComp = Ident3
  102.     PtrGlb.IntComp = 40
  103.     PtrGlb.StringComp = "DHRYSTONE PROGRAM, SOME STRING"
  104.     String1Loc = "DHRYSTONE PROGRAM, 1'ST STRING"
  105.     Array2Glob[8][7] = 10
  107.     starttime = clock()
  109.     for i in range(loops):
  110.         Proc5()
  111.         Proc4()
  112.         IntLoc1 = 2
  113.         IntLoc2 = 3
  114.         String2Loc = "DHRYSTONE PROGRAM, 2'ND STRING"
  115.         EnumLoc = Ident2
  116.         BoolGlob = not Func2(String1Loc, String2Loc)
  117.         while IntLoc1 < IntLoc2:
  118.             IntLoc3 = 5 * IntLoc1 - IntLoc2
  119.             IntLoc3 = Proc7(IntLoc1, IntLoc2)
  120.             IntLoc1 = IntLoc1 + 1
  121.         Proc8(Array1Glob, Array2Glob, IntLoc1, IntLoc3)
  122.         PtrGlb = Proc1(PtrGlb)
  123.         CharIndex = 'A'
  124.         while CharIndex <= Char2Glob:
  125.             if EnumLoc == Func1(CharIndex, 'C'):
  126.                 EnumLoc = Proc6(Ident1)
  127.             CharIndex = chr(ord(CharIndex)+1)
  128.         IntLoc3 = IntLoc2 * IntLoc1
  129.         IntLoc2 = IntLoc3 / IntLoc1
  130.         IntLoc2 = 7 * (IntLoc3 - IntLoc2) - IntLoc1
  131.         IntLoc1 = Proc2(IntLoc1)
  133.     benchtime = clock() - starttime - nulltime
  134.     if benchtime == 0.0:
  135.         loopsPerBenchtime = 0.0
  136.     else:
  137.         loopsPerBenchtime = (loops / benchtime)
  138.     return benchtime, loopsPerBenchtime
  140. def Proc1(PtrParIn):
  141.     PtrParIn.PtrComp = NextRecord = PtrGlb.copy()
  142.     PtrParIn.IntComp = 5
  143.     NextRecord.IntComp = PtrParIn.IntComp
  144.     NextRecord.PtrComp = PtrParIn.PtrComp
  145.     NextRecord.PtrComp = Proc3(NextRecord.PtrComp)
  146.     if NextRecord.Discr == Ident1:
  147.         NextRecord.IntComp = 6
  148.         NextRecord.EnumComp = Proc6(PtrParIn.EnumComp)
  149.         NextRecord.PtrComp = PtrGlb.PtrComp
  150.         NextRecord.IntComp = Proc7(NextRecord.IntComp, 10)
  151.     else:
  152.         PtrParIn = NextRecord.copy()
  153.     NextRecord.PtrComp = None
  154.     return PtrParIn
  156. def Proc2(IntParIO):
  157.     IntLoc = IntParIO + 10
  158.     while 1:
  159.         if Char1Glob == 'A':
  160.             IntLoc = IntLoc - 1
  161.             IntParIO = IntLoc - IntGlob
  162.             EnumLoc = Ident1
  163.         if EnumLoc == Ident1:
  164.             break
  165.     return IntParIO
  167. def Proc3(PtrParOut):
  168.     global IntGlob
  170.     if PtrGlb is not None:
  171.         PtrParOut = PtrGlb.PtrComp
  172.     else:
  173.         IntGlob = 100
  174.     PtrGlb.IntComp = Proc7(10, IntGlob)
  175.     return PtrParOut
  177. def Proc4():
  178.     global Char2Glob
  180.     BoolLoc = Char1Glob == 'A'
  181.     BoolLoc = BoolLoc or BoolGlob
  182.     Char2Glob = 'B'
  184. def Proc5():
  185.     global Char1Glob
  186.     global BoolGlob
  188.     Char1Glob = 'A'
  189.     BoolGlob = FALSE
  191. def Proc6(EnumParIn):
  192.     EnumParOut = EnumParIn
  193.     if not Func3(EnumParIn):
  194.         EnumParOut = Ident4
  195.     if EnumParIn == Ident1:
  196.         EnumParOut = Ident1
  197.     elif EnumParIn == Ident2:
  198.         if IntGlob > 100:
  199.             EnumParOut = Ident1
  200.         else:
  201.             EnumParOut = Ident4
  202.     elif EnumParIn == Ident3:
  203.         EnumParOut = Ident2
  204.     elif EnumParIn == Ident4:
  205.         pass
  206.     elif EnumParIn == Ident5:
  207.         EnumParOut = Ident3
  208.     return EnumParOut
  210. def Proc7(IntParI1, IntParI2):
  211.     IntLoc = IntParI1 + 2
  212.     IntParOut = IntParI2 + IntLoc
  213.     return IntParOut
  215. def Proc8(Array1Par, Array2Par, IntParI1, IntParI2):
  216.     global IntGlob
  218.     IntLoc = IntParI1 + 5
  219.     Array1Par[IntLoc] = IntParI2
  220.     Array1Par[IntLoc+1] = Array1Par[IntLoc]
  221.     Array1Par[IntLoc+30] = IntLoc
  222.     for IntIndex in range(IntLoc, IntLoc+2):
  223.         Array2Par[IntLoc][IntIndex] = IntLoc
  224.     Array2Par[IntLoc][IntLoc-1] = Array2Par[IntLoc][IntLoc-1] + 1
  225.     Array2Par[IntLoc+20][IntLoc] = Array1Par[IntLoc]
  226.     IntGlob = 5
  228. def Func1(CharPar1, CharPar2):
  229.     CharLoc1 = CharPar1
  230.     CharLoc2 = CharLoc1
  231.     if CharLoc2 != CharPar2:
  232.         return Ident1
  233.     else:
  234.         return Ident2
  236. def Func2(StrParI1, StrParI2):
  237.     IntLoc = 1
  238.     while IntLoc <= 1:
  239.         if Func1(StrParI1[IntLoc], StrParI2[IntLoc+1]) == Ident1:
  240.             CharLoc = 'A'
  241.             IntLoc = IntLoc + 1
  242.     if CharLoc >= 'W' and CharLoc <= 'Z':
  243.         IntLoc = 7
  244.     if CharLoc == 'X':
  245.         return TRUE
  246.     else:
  247.         if StrParI1 > StrParI2:
  248.             IntLoc = IntLoc + 7
  249.             return TRUE
  250.         else:
  251.             return FALSE
  253. def Func3(EnumParIn):
  254.     EnumLoc = EnumParIn
  255.     if EnumLoc == Ident3: return TRUE
  256.     return FALSE
  258. if __name__ == '__main__':
  259.     import sys
  260.     def error(msg):
  261.         print >>sys.stderr, msg,
  262.         print >>sys.stderr, "usage: %s [number_of_loops]" % sys.argv[0]
  263.         sys.exit(100)
  264.     nargs = len(sys.argv) - 1
  265.     if nargs > 1:
  266.         error("%d arguments are too many;" % nargs)
  267.     elif nargs == 1:
  268.         try: loops = int(sys.argv[1])
  269.         except ValueError:
  270.             error("Invalid argument %r;" % sys.argv[1])
  271.     else:
  272.         loops = LOOPS
  273.     main(loops)
  COPY

以下测试数据均为连续执行3次,取最大值。

0x01 不同Python版本的测试数据

  • Python 2.7

    1. Pystone(1.1) time for 50000 passes = 0.178948
    2. This machine benchmarks at 279411 pystones/second
      COPY

  • Python 3.7

    1. Pystone(1.1) time for 50000 passes = 0.201795
    2. This machine benchmarks at 247777 pystones/second
      COPY

  • Python 3.8

    1. Pystone(1.1) time for 50000 passes = 0.222014
    2. This machine benchmarks at 225211 pystones/second
      COPY

  • Python 3.9

    1. Pystone(1.1) time for 50000 passes = 0.223407
    2. This machine benchmarks at 223807 pystones/second
      COPY

  • Python 3.10

    1. Pystone(1.1) time for 50000 passes = 0.265725
    2. This machine benchmarks at 188164 pystones/second
      COPY

  • Python 3.11

    1. Pystone(1.1) time for 50000 passes = 0.104691
    2. This machine benchmarks at 477596 pystones/second
      COPY

可以看到,Python 3.11版本有了明显的性能提升,这个与官方的宣传也是一致的。

0x02 使用Cython编译python脚本

  1. $ pip install cython
  2. $ cython -3 --embed pystone.py
  3. $ gcc -pthread -fPIC -fwrapv -O2 -Wall -fno-strict-aliasing -I/usr/include/python3.7 -l:libpython3.7m.so -o pystone pystone.c
  4. $ ls -l pystone
  5. -rwxrwxrwx 1 drunkdream drunkdream 178928 Sep  6 15:42 pystone
  6. $ readelf -d pystone
  7. Dynamic section at offset 0x1fd08 contains 26 entries:
  8.   Tag        Type                         Name/Value
  9.  0x0000000000000001 (NEEDED)             Shared library: [libpython3.7m.so.1.0]
  10.  0x0000000000000001 (NEEDED)             Shared library: [libpthread.so.0]
  11.  0x0000000000000001 (NEEDED)             Shared library: [libc.so.6]
  12.  0x000000000000000c (INIT)               0x403000
  13.  0x000000000000000d (FINI)               0x41b514
  14.  0x0000000000000019 (INIT_ARRAY)         0x420cf8
  15.  0x000000000000001b (INIT_ARRAYSZ)       8 (bytes)
  16.  0x000000000000001a (FINI_ARRAY)         0x420d00
  17.  0x000000000000001c (FINI_ARRAYSZ)       8 (bytes)
  18.  0x000000006ffffef5 (GNU_HASH)           0x400308
  19.  0x0000000000000005 (STRTAB)             0x401078
  20.  0x0000000000000006 (SYMTAB)             0x400328
  21.  0x000000000000000a (STRSZ)              2404 (bytes)
  22.  0x000000000000000b (SYMENT)             24 (bytes)
  23.  0x0000000000000015 (DEBUG)              0x0
  24.  0x0000000000000003 (PLTGOT)             0x421000
  25.  0x0000000000000002 (PLTRELSZ)           2592 (bytes)
  26.  0x0000000000000014 (PLTREL)             RELA
  27.  0x0000000000000017 (JMPREL)             0x401e30
  28.  0x0000000000000007 (RELA)               0x401b18
  29.  0x0000000000000008 (RELASZ)             792 (bytes)
  30.  0x0000000000000009 (RELAENT)            24 (bytes)
  31.  0x000000006ffffffe (VERNEED)            0x401af8
  32.  0x000000006fffffff (VERNEEDNUM)         1
  33.  0x000000006ffffff0 (VERSYM)             0x4019dc
  34.  0x0000000000000000 (NULL)               0x0
  35. $ ./pystone
  36. Pystone(1.1) time for 50000 passes = 0.171947
  37. This machine benchmarks at 290787 pystones/second
  COPY

可以看出,编译成二进制文件后,性能上略有提升,并且需要依赖libpython3.7m.so才能运行。下面是pystone.c文件的部分代码:

  1.   /* "pystone.py":73
  2.  *     return Proc0(loops)
  3.  * 
  4.  * IntGlob = 0             # <<<<<<<<<<<<<<
  5.  * BoolGlob = FALSE
  6.  * Char1Glob = '\0'
  7.  */
  8.   if (PyDict_SetItem(__pyx_d, __pyx_n_s_IntGlob, __pyx_int_0) < 0) __PYX_ERR(0, 73, __pyx_L1_error)
  10.   /* "pystone.py":74
  11.  * 
  12.  * IntGlob = 0
  13.  * BoolGlob = FALSE             # <<<<<<<<<<<<<<
  14.  * Char1Glob = '\0'
  15.  * Char2Glob = '\0'
  16.  */
  17.   __Pyx_GetModuleGlobalName(__pyx_t_7, __pyx_n_s_FALSE); if (unlikely(!__pyx_t_7)) __PYX_ERR(0, 74, __pyx_L1_error)
  18.   __Pyx_GOTREF(__pyx_t_7);
  19.   if (PyDict_SetItem(__pyx_d, __pyx_n_s_BoolGlob, __pyx_t_7) < 0) __PYX_ERR(0, 74, __pyx_L1_error)
  20.   __Pyx_DECREF(__pyx_t_7); __pyx_t_7 = 0;
  22.   /* "pystone.py":75
  23.  * IntGlob = 0
  24.  * BoolGlob = FALSE
  25.  * Char1Glob = '\0'             # <<<<<<<<<<<<<<
  26.  * Char2Glob = '\0'
  27.  * Array1Glob = [0]*51
  28.  */
  29.   if (PyDict_SetItem(__pyx_d, __pyx_n_s_Char1Glob, __pyx_kp_u__12) < 0) __PYX_ERR(0, 75, __pyx_L1_error)
  31.   /* "pystone.py":76
  32.  * BoolGlob = FALSE
  33.  * Char1Glob = '\0'
  34.  * Char2Glob = '\0'             # <<<<<<<<<<<<<<
  35.  * Array1Glob = [0]*51
  36.  * Array2Glob = list(map(lambda x: x[:], [Array1Glob]*51))
  37.  */
  38.   if (PyDict_SetItem(__pyx_d, __pyx_n_s_Char2Glob, __pyx_kp_u__12) < 0) __PYX_ERR(0, 76, __pyx_L1_error)
  40.   /* "pystone.py":77
  41.  * Char1Glob = '\0'
  42.  * Char2Glob = '\0'
  43.  * Array1Glob = [0]*51             # <<<<<<<<<<<<<<
  44.  * Array2Glob = list(map(lambda x: x[:], [Array1Glob]*51))
  45.  * PtrGlb = None
  46.  */
  47.   __pyx_t_7 = PyList_New(1 * 51); if (unlikely(!__pyx_t_7)) __PYX_ERR(0, 77, __pyx_L1_error)
  48.   __Pyx_GOTREF(__pyx_t_7);
  49.   { Py_ssize_t __pyx_temp;
  50.     for (__pyx_temp=0; __pyx_temp < 51; __pyx_temp++) {
  51.       __Pyx_INCREF(__pyx_int_0);
  52.       __Pyx_GIVEREF(__pyx_int_0);
  53.       PyList_SET_ITEM(__pyx_t_7, __pyx_temp, __pyx_int_0);
  54.     }
  55.   }
  56.   if (PyDict_SetItem(__pyx_d, __pyx_n_s_Array1Glob, __pyx_t_7) < 0) __PYX_ERR(0, 77, __pyx_L1_error)
  57.   __Pyx_DECREF(__pyx_t_7); __pyx_t_7 = 0;
  COPY

可以看出,C代码本身就已经很难读懂了,编译后的二进制文件基本是不可能还原出原始的python代码的。

不过,目前这种方式有个问题,就是只能编译单个文件。但很多时候,我们是想将多个包编译成一个独立的可执行文件。

0x03 使用Nuitka编译Python脚本

  1. $ pip install nuitka
  2. $ nuitka pystone.py
  3. Nuitka-Options:INFO: Used command line options: pystone.py
  4. Nuitka-Options:WARNING: You did not specify to follow or include anything but main program. Check options
  5. Nuitka-Options:WARNING: and make sure that is intended.                                                     
  6. Nuitka:WARNING: Using very slow fallback for ordered sets, please install 'orderedset' PyPI package for best
  7. Nuitka:WARNING: Python compile time performance.                                                            
  8. Nuitka:INFO: Starting Python compilation with Nuitka '1.1.8' on Python '3.7' commercial grade 'not installed'.
  9. Nuitka:INFO: Completed Python level compilation and optimization.
  10. Nuitka:INFO: Generating source code for C backend compiler.
  11. Nuitka:INFO: Running data composer tool for optimal constant value handling.
  12. Nuitka:INFO: Running C compilation via Scons.
  13. Nuitka-Scons:INFO: Backend C compiler: gcc (gcc).
  14. Nuitka-Scons:INFO: Backend linking program with 9 files (no progress information available).
  15. Nuitka-Scons:WARNING: You are not using ccache.
  16. Nuitka:INFO: Keeping build directory 'pystone.build'.                                                       
  17. Nuitka:INFO: Successfully created 'pystone.bin'.
  18. $ ls -l pystone.bin
  19. -rwxrwxrwx 1 drunkdream drunkdream 268440 Sep  6 20:57 pystone.bin
  20. $ ./pystone.bin
  21. Pystone(1.1) time for 50000 passes = 0.12965
  22. This machine benchmarks at 385654 pystones/second
  COPY

可以看到使用nuitka性能上明显比原生的Python要高出许多。

本来想在Python 3.11下测试下性能,不过发现目前最新版本的nuitka还没适配Python 3.11,编译会有报错。

nuitka还有些可选参数,比较重要的有:

  • -o FILENAME: 指定要生成的文件名
  • --standalone: 将依赖库都编译到一个文件中,不过对于依赖的动态链接库,还是会以多个文件的形式存在
  • --onefile: 这个参数可以解决--standalone参数会有多个文件的问题,保证最终生成的是一个可执行文件
  • --nofollow-imports: 不编译import进来的第三方库
  • --clang: 强制使用clang作为编译后端
  • --static-libpython=yes: 静态链接libpython
  • --show-scons: 显示编译C代码过程中的详细日志

通过观察可以发现,nuitka也是通过将python代码转换成C代码,然后编译成最终的可执行文件。使用--static-libpython=yes参数可以静态链接libpython库,使用的命令行如下:

  1. $ gcc -o pystone.bin -fuse-linker-plugin -flto=8 -fpartial-inlining -freorder-functions -O2 -s -z noexecstack -Wl,-R,'/usr/lib' -Wl,--disable-new-dtags -Wl,-b -Wl,binary -Wl,./__constants.bin -Wl,-b -Wl,elf64-x86-64 -Wl,-defsym -Wl,constant_bin_data=_binary_____constants_bin_start @"./@link_input.txt" -L/usr/lib -ldl -lm /usr/lib/libpython3.7m.a
  COPY

不过在实际执行时会有报错,原因是命令行中没有包含-lz -lpthread -lexpat -lutil等参数,针对这个问题有一个专门的issue

0x04 结论

相比于py2exepyinstaller等方案,Cython和Nuitka采用了先生成C代码,再进行编译的方案,相对来说安全性和性能上都优于前两种方案。

而Nuitka相比Cython,可以同时编译多个Python脚本,功能上更加强大一些,性能也提升了不少。不过Nuitka使用--onefile参数生成的可执行文件大小会远大于pyinstaller生成的文件大小。

分享
0 comments
Anonymous
Markdown is supported

Be the first guy leaving a comment!