Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 Jan 2013 00:32:44 -0600
From: Rob Landley <rob@...dley.net>
To: musl@...ts.openwall.com
Cc: musl@...ts.openwall.com
Subject: Re: NULL

On 01/09/2013 07:36:43 AM, John Spencer wrote:
>> using NULL in the argument of variadic functions is ub both
>> in c and c++
> 
> many developers don't care about the standard. they take the stance:
> "works for me, if you want it patched then do it yourself and we'll  
> eventually merge"

Why is it UB? The standard says it's a pointer. If you pull %p off in  
printf, feeding NULL in that slot should work fine.

> yes, once you know the details, it's easy to fix.
> but when you don't, you'll have a hard time figuring out where the  
> segfault comes
> from. i agree that this should get more publicity.

"C++ is hard to debug and requires you to know how nested template  
expansion gets implemented down to the bare metal" is not a new problem.

Programming in C++ and hitting seemingly-trivial problems you can't  
debug without reading the compiler's source code is like riding a  
motorcyle and wind up with maimed for life. (There's a reason medical  
personnel call them "donorcycles".)

>> i think this is not needed, you can have a definition
>> in c++ that "happens to work" just like the (void*)0
>> in c:
>> 
>> #define NULL 0L
> 
> yes, that'll work as well.
> 
>> but this is just a workaround, the bugs still need to be fixed

It's not a workaround, it's what C99+LP64 explicitly specifies.

If doing something well-defined in C99 on Linux goes nuts on C++ in  
Windows, how is this our problem?

>> (in c++11 we could use nullptr which has std::nullptr_t type
>> which converts to (void*)0 in vararg context, but c++11 is not
>> widely used yet)

Is there actually a point to the C++1!!1one! standard? The only person  
I've heard actually be happy with it is the author of uClibc++, but he  
liked the previous C++ standards and thinks Corba is a good idea, so...

> well, from what i heard on IRC they started to work  on a musl port 2  
> weeks ago (but
> it got silent since...). since they have likely more packages than  
> sabotage (350)
> this issue could cause them major pain.

I wouldn't be too impressed by this.

There are somewhere between 200 and 900 packages that cross compile  
"easily", for a decreasingly obvious definition of "easily" depending  
on how many rocket engines you want to strap to the turtle. Projects  
like OpenEmbedded and Beyond Linux From Scratch recapitulate phylogeny  
with these packages, and then hit the point where your volunteers' time  
is entirely consumed dealing with package upgrades to hold the existing  
turf against bit-rot. (Personally, I refer to this as "the buildroot  
event horizon".)

Actual distributions eventually separate "the OS" from "the  
repository", where they have a core team who does work on the operating  
system and a separate (much, much larger) set of package maintainers  
who keep their packages of interest working but don't generally work on  
the base OS other than complaining when something breaks.

You only get to the "real distro" stage when the base OS stops being  
interesting. While the base OS remains a moving target, package  
maintainers can't do their jobs without also being OS maintainers,  
which is a much bigger time commitment and has Brooks' Law problems  
with coordination overhead scaling your core team.

There are plenty of existing interesting repositories: Debian, Ubuntu,  
Red Hat, SuSE, Gentoo... How much work do they do maintaining those  
repos? According to
https://admin.fedoraproject.org/pkgdb/stats/?_csrf_token=1048fa94db94990f5c39ed12c7ca4cd8cb840ca7  
Fedora has 150,000 packages (but then they break packages into several  
smaller packages for no apparent reason, and this may treat x86 and  
i686 versions of the same thing as separate packages). A much cleaner  
reading is "wget  
http://packages.debian.org/stable/allpackages?format=txt.gz -O - | zcat  
| wc -l" which gives around 35,000 packages. (You can get larger  
numbers by checking what ubuntu adds, looking at testing instead of  
stable, adding in the external repositories that debian's  
ultraconservative definition of "proprietary" kicks stuff to, and so  
on. But this is a good ballpark.)

A more recent attempt at being a real <strike>boy</strike> distro would  
be Arch Linux, and  
https://www.archlinux.org/packages/?sort=&arch=i686&q=&maintainer=&last_update=&flagged=&limit=50  
finds 4300 packages for the i686 target, and they've been doing this  
since 2002.

Reinventing the wheel because you have a new libc: not very  
interesting. Trying to get a musl version of debian or gentoo that you  
can push "upstream": a lot more interesting.

Rob

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.