Date: Sun, 7 Jul 2013 19:12:03 +0200 From: Szabolcs Nagy <nsz@...t70.net> To: musl@...ts.openwall.com Subject: Re: New articles on ewontfix * Rich Felker <dalias@...ifal.cx> [2013-07-07 11:27:40 -0400]: > On Sun, Jul 07, 2013 at 02:20:15PM +0200, Szabolcs Nagy wrote: > > * Rich Felker <dalias@...ifal.cx> [2013-07-05 11:54:11 -0400]: > > > My thought is that it would be based on the property of > > > being able to combine two programs with well-defined behavior, both > > > using the library code, into a single program where each original > > > program runs starting with its own initial thread, such that the > > > combined program does not invoke UB and the two sub-programs match > > > their behavior before being combined. > > > > i think library safety should also cover single thread issues > > It attempts to. Having the "test" be with threads automatically covers > all cases of using the library separately from multiple modules. > ah ok but then "program with well-defined behavior" is hard to specify (i thought you assume working programs and only require that their combination does not break) if well-defined can be any program that the language and the library documentation allows in a single-threaded execution then the program itself may invoke ub in multi-threaded case and a library interface can require a callback that does impossible things so no program is well-defined > > unbounded resource usage, > > I don't see how this can be quantified correctly, but in some sense, > it is by the proposed definition. If part A consumes so many resources > that part B can't run, that would be a failure of the test. However > I'm reluctant to call that a failure since it could make any library > fail. This is why the definition is difficult to get right. if the library documents its resource usage then it can pass the strong test (and there are per-thread resources: stack) we also want that low resources or runtime failures are handled and don't cause ub: so the runtime environment should be part of the definition in some way by unbounded resources i originally meant resource leaks, but "resource safety" seems to be hard to specify in general > > strong assumtions about the environment..) > > Could you elaborate? by environment i meant the system surrounding the program and strong assumption is anything that is not guaranteed eg if a library tries to connect to some webserver to get some information that is present locally as well, then it assumes internet connection unjustifiably
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.