| |||||||||||||
Glibc change exposing bugsGlibc change exposing bugsPosted Nov 10, 2010 20:36 UTC (Wed) by JoeBuck (subscriber, #2330)In reply to: Glibc change exposing bugs by dlang Parent article: Glibc change exposing bugs The existing memcpy implementation did copying in a forward direction, so it would give a wrong result for memcpy(buf, buf + 4, 8) but the expected result for memcpy(buf, buf - 4, 8). The change (in at least some circumstances) does the reverse, and both ways satisfy the spec, which says that src and dst must not overlap, and if they might, memmove should be used. Linus is apparently calling for the original implementation decision (forward, not backward) to be set in stone, even if a backward-copy might be faster on a particular processor. This doesn't seem right to me. However, it seems reasonable to provide a cleaner workaround until old code can be fixed (it might just be a cleaned-up version of his proposed LD_PRELOAD trick). An alternative LD_PRELOAD, pointing to a memcpy that crashes for overlapping arguments, could be used to expose accidental misuse of the API.
(Log in to post comments)
Glibc change exposing bugs Posted Nov 10, 2010 20:51 UTC (Wed) by clugstj (subscriber, #4020) [Link]
I think that history has shown that old code won't get fixed until it actually manifests itself as broken - at least in the commercial world.
Please don't attack strawmen. Thnx. Posted Nov 10, 2010 22:47 UTC (Wed) by khim (subscriber, #9252) [Link] The actual cite: So in the kernel we have a pretty strict "no regressions" rule, and that if people depend on interfaces we exported having side effects that weren't intentional, we try to fix things so that they still work unless there is a major reason not to. Linus is Ok with changes that break buggy programs (it happened before, it'll happen again) bit only if there are "major reason". What's the justification for this particular case?
Please don't attack strawmen. Thnx. Posted Nov 10, 2010 23:17 UTC (Wed) by bojan (subscriber, #14302) [Link]
> What's the justification for this particular case?
Linus couldn't play his favourite YouTube videos ;-)
Please don't attack strawmen. Thnx. Posted Nov 11, 2010 1:31 UTC (Thu) by jonabbey (subscriber, #2736) [Link]
Ah! Andreas was trying to get Linus to quit wasting time on YouTube and get back to kernel development.
It's not, in fact, a bug. It's a feature.
Glibc change exposing bugs Posted Nov 10, 2010 23:15 UTC (Wed) by charlieb (subscriber, #23340) [Link]
> ... and both ways satisfy the spec, which says that src and dst must
> not overlap, ...
Does it? The man page says:
The memory areas should not overlap.
It does not say:
The memory areas must not overlap.
It also says:
The memcpy() function copies n bytes from memory area src to
It doesn't say:
The memcpy() function copies n bytes from memory area src to
"should" provisions are not mandatory. Unless you decide to redefine the terminology.
Glibc change exposing bugs Posted Nov 10, 2010 23:23 UTC (Wed) by bojan (subscriber, #14302) [Link]
Nice exercise in verbal gymnastics. However, you forgot:
> Use memmove(3) if the memory areas do overlap.
Glibc change exposing bugs Posted Nov 10, 2010 23:24 UTC (Wed) by donwaugaman (subscriber, #4214) [Link]
Hmm... the man page on my desktop computer (RHEL4) says:
If copying takes place between objects that overlap, the behavior is undefined.
In the context of standardese, that specifies that exactly anything can happen in the event of overlapping memory areas, with no 'should' or 'must' about it. The standard doesn't set down any rules that a developer must follow, only what will happen under certain conditions (in this case, the result is 'anything').
'must' and 'should' are more in the vein of RFCs.
Glibc change exposing bugs Posted Nov 11, 2010 0:25 UTC (Thu) by nicooo (guest, #69134) [Link]
On my system there are two man pages, one from POSIX and one from the linux man-pages project.
Glibc's info page says it's undefined. It's the official documentation but nobody uses info.
Glibc change exposing bugs Posted Nov 11, 2010 0:28 UTC (Thu) by bojan (subscriber, #14302) [Link]
And both clearly state that if regions overlap, one should use memmove().
Glibc change exposing bugs Posted Nov 11, 2010 0:33 UTC (Thu) by charlieb (subscriber, #23340) [Link]
> On my system there are two man pages, one from POSIX and one from
> the linux man-pages project.
Ideally the linux man-page will be clarified. "should" there seems just a recommendation. Not "your software will eat babies unless you do this".
Glibc change exposing bugs Posted Nov 11, 2010 2:42 UTC (Thu) by butlerm (subscriber, #13312) [Link] It's the official documentation but nobody uses info.That is because 'info' is user hostile and dangerously close to useless. A web search is a dozen times faster than navigating an info document.
Glibc change exposing bugs Posted Nov 11, 2010 6:41 UTC (Thu) by HelloWorld (guest, #56129) [Link]
What's useless isn't info, but man, at least for documentation spanning more than a couple of pages (like for gcc or mplayer).
Glibc change exposing bugs Posted Nov 11, 2010 9:46 UTC (Thu) by mpr22 (subscriber, #60784) [Link] For large manuals, my experience is thatinfo merely sucks less than a man page; the user interface of both /usr/bin/info and /usr/bin/emacs -f info is horrible. For simple things, man wins by a country mile, because it doesn't slice-and-dice a simple program's documentation into 742 one-paragraph pages.
info considered harmful?
info considered harmful? Posted Nov 12, 2010 14:08 UTC (Fri) by jzbiciak (✭ supporter ✭, #5246) [Link]
Another vote for pinfo. It doesn't hate me for wanting to know something like "info" does.
Glibc change exposing bugs Posted Nov 11, 2010 22:56 UTC (Thu) by HelloWorld (guest, #56129) [Link]
Dividing manuals into chunks of a sensible size is a feature, not a bug. And if you don't like GNU info or emacs, just use something else. You can view info manuals with konqueror by typing info:<program name> into the address bar, and yelp is also capable of displaying info documents.
Glibc change exposing bugs Posted Nov 12, 2010 18:19 UTC (Fri) by sorpigal (subscriber, #36106) [Link]
I don't know about you but for anything less than ten pages I find man much easier than info for one very simple reason: It's easy to scroll through a stream of text. It's also easier to hit / and search the whole document, it's easy to not get lost, etc.. Info's problem is that info readers don't default to a man-like one-big-document, which is well known, well accepted and suitable to a terminal (which is, I imagine, where most man and info pages are consumed).
I've used pinfo and it helps some in the UI department, but I'd still use man over pinfo for almost every trivial lookup. If your goal is to completely replace man then your system needs to be a drop-in replacement from a user interaction point of view, with the advantages discoverable by users who are interested in learning them.
Glibc change exposing bugs Posted Nov 12, 2010 18:45 UTC (Fri) by foom (subscriber, #14868) [Link]
> easier to hit / and search the whole document
Not really: "info" also searches the whole document if you hit /. (although I share the general dislike for the info browser).
Glibc change exposing bugs Posted Nov 25, 2010 15:22 UTC (Thu) by Spudd86 (guest, #51683) [Link]
info's major problem is that it's interface SUCKS, there's no real 'back' command, the keybindings are just plain weird (unless you're an EMACS user...).
It'd be nice to have an info viewer that converts to HTML on the fly and uses webkit to render it.
Glibc change exposing bugs Posted Nov 25, 2010 22:13 UTC (Thu) by paulj (subscriber, #341) [Link]
Have you tried going to System -> Help? GNOME's "Yelp" supports browsing info docs - providing a web browser style GUI...
Glibc change exposing bugs Posted Nov 26, 2010 0:31 UTC (Fri) by Spudd86 (guest, #51683) [Link]
Don't use GNOME, I wonder how much of GNOME Yelp pulls in
Glibc change exposing bugs Posted Nov 26, 2010 0:40 UTC (Fri) by sfeam (subscriber, #2841) [Link]
You could use konqueror instead
konqueror info:tar
Glibc change exposing bugs Posted Nov 26, 2010 1:33 UTC (Fri) by Spudd86 (guest, #51683) [Link]
Don't use KDE either... I use XFCE and try to keep most of the GNOME stuff not installed.
Glibc change exposing bugs Posted Nov 27, 2010 13:26 UTC (Sat) by paulj (subscriber, #341) [Link]
Well, if you want a web interface style GUI for info, but don't want to install either of the main two GUI environments, then... ;) Pinfo possibly is closest to what you want. A lynx/elinks style browser interface, for the terminal.
Glibc change exposing bugs Posted Nov 12, 2010 10:36 UTC (Fri) by marcH (subscriber, #57642) [Link]
You are mixing in the same very short post three entirely unrelated things:
- the info format - the info reader - how fine the writer sliced the document Very confusing.
Glibc change exposing bugs Posted Nov 12, 2010 5:01 UTC (Fri) by nicooo (guest, #69134) [Link]
The rest of the world uses HTML and PDF for that kind of documentation.
Glibc change exposing bugs Posted Nov 12, 2010 7:33 UTC (Fri) by paulj (subscriber, #341) [Link]
Funnily enough, a lot of PDFs are written in some other language and generated through TeX (that I read anyway), with PDF being just one possible output format. Which is just how GNU _Tex_info works too..
Glibc change exposing bugs Posted Nov 12, 2010 10:42 UTC (Fri) by marcH (subscriber, #57642) [Link]
HTML does not support indexes, a very useful feature of the info document format. I find most PDF viewers cumbersome for screen browsing; not every surprising since it is a *printer* format at the core.
I find it too bad that a not-so-good default user interface is rebuffing users before then even start to see the nice features of the format. The fix is to promote alternatives user interfaces, something I keep doing constantly (and which has already been done here).
Glibc change exposing bugs Posted Nov 12, 2010 13:59 UTC (Fri) by HelloWorld (guest, #56129) [Link]
What's your point? You can generate both PDF and HTML from info.
Glibc change exposing bugs Posted Nov 12, 2010 20:10 UTC (Fri) by nicooo (guest, #69134) [Link]
That's texinfo. Using info for online documentation is what everyone hates.
Glibc change exposing bugs Posted Nov 12, 2010 23:32 UTC (Fri) by Wol (guest, #4433) [Link]
And pdf is (done properly) one big page, just like man :-)
Which is why I like man, and like pdf, and just curse profusely every time I'm exhorted to use info!
Cheers,
Glibc change exposing bugs Posted Nov 12, 2010 13:52 UTC (Fri) by Wol (guest, #4433) [Link]
I'd actually say the complete opposite! Even for a complex chunk of documentation, I'd rather have man than info.
At least with man, I can scroll down (or search) until I find what I'm looking for.
info, on the other hand, "you are in maze of twisty little passages all alike". When presented with the instruction to "use info", I give up and use the web. When presented with a 1000-line man page, no problem ... :-)
Cheers,
Glibc change exposing bugs Posted Nov 12, 2010 14:06 UTC (Fri) by HelloWorld (guest, #56129) [Link]
> I'd actually say the complete opposite! Even for a complex chunk of documentation, I'd rather have man than info.
> At least with man, I can scroll down (or search) until I find what I'm looking for.
Glibc change exposing bugs Posted Nov 12, 2010 19:11 UTC (Fri) by bronson (subscriber, #4806) [Link]
Wonder if self-important replies like this have contributed to info's utter obscurity...?
Take a deep breath dude. Different people like different things.
Glibc change exposing bugs Posted Nov 12, 2010 23:39 UTC (Fri) by Wol (guest, #4433) [Link]
Ah. "s" for "search".
The problem with that is if I can't articulate what I'm searching for. The number of times I've searched on what I think is the obvious search key, wasted half-an-hour or so doing it, then done a manual scroll through whatever I can find.
I then find what I'm looking for, and discover that it's called something (to me) extremely obscure, and doesn't mention my search term at all, etc etc.
Plus the fact that I'm one of those strange people who actually DOES tend to read documentation, from cover to cover, and likes to have a straight line path through it, not with redirects and jumps and god knows what all over the place. About the only place I can find information on info is in info - and if I find info repellent, how on earth am I going to find out how to use it if I have to use it to find out?
THERE is your problem with info - if you hate it because you can't find out how to use it, it's catch 22. You need to know how to use it to find out how to use it :-)
Cheers,
Glibc change exposing bugs Posted Nov 13, 2010 0:42 UTC (Sat) by foom (subscriber, #14868) [Link]
Oh come on, if you can't stand to use "info info" long enough to figure out that you can use "space" and "backspace" to scroll forward and backward through the document (including going to the next page automatically upon reaching the end of the current one), then I dunno what to say.
Glibc change exposing bugs Posted Nov 14, 2010 22:32 UTC (Sun) by nix (subscriber, #2304) [Link]
Well, info's handling of backspace in particular has long been buggy: it has a habit of going up to the top of the current page only, and then halting. Space has always worked, though.
Glibc change exposing bugs Posted Nov 11, 2010 7:31 UTC (Thu) by nix (subscriber, #2304) [Link]
And POSIX is on the web and in the 3p manpages, so developers *still* have no excuse. (They should be developing to the POSIX manpages anyway, not the Linux ones.)
Glibc change exposing bugs Posted Nov 12, 2010 7:30 UTC (Fri) by hozelda (guest, #19341) [Link]
I think the man pages that say "should" may want to clarify that issue a little better; however, it does appear to have the correct information.
If you use Linux, the Linux documentation should be authoritative. Hopefully, it will agree with POSIX and C99 (or whatever is the latest memcpy standard) as much as possible. If there is a reason for a change (or to document a Linux bug) and you use Linux, I would pay attention to the Linux documentation and treat everything else as advisory. If you use Red Hat or whatever other distro, I would look treat those docs as authoritative and not whatever other standard you think should apply.
A different matter is arguing about keeping Linux in sync with POSIX, etc, but if you want to build software that will work, short of maintaining your personal set of patches not accepted by upstream, you would probably want to code to "Linux" (at least for the Linux port).
Glibc change exposing bugs Posted Nov 12, 2010 7:37 UTC (Fri) by hozelda (guest, #19341) [Link]
Before you say that a man page is not authoritative, I don't know the answer to that but it depends on your Linux vendor. In practice you will want to follow the major standards and consider otherwise to probably be an error in the man page; however, if you vendor says that X and Y are the documents, then that is what you go by (perhaps bringing up doubtful points to your vendor's attention). In particular, if you don't like a vendor that hacks Linux to bypass certain standards, then change vendors or ask for help in identifying these hacks.
Glibc change exposing bugs Posted Nov 14, 2010 21:19 UTC (Sun) by nix (subscriber, #2304) [Link]
No, you normally want to code to POSIX. Carefully-written software does not *require* much if any porting to work on Linux rather than Solaris or IRIX or even sometimes AIX. If it's POSIX, it should work.
(You might need to adjust for bits of older systems that are non-POSIX, but that is really quite rare these days unless you're aiming for some strange emulation layer like Cygwin. Also you might need to do byteorder detection and so forth, but, again, that's stuff which is left unspecified by POSIX. You should not generally have to use Linux-specific stuff unless you really want to, and you normally shouldn't want to.)
Glibc change exposing bugs Posted Nov 14, 2010 22:03 UTC (Sun) by promotion-account (guest, #70778) [Link] You should not generally have to use Linux-specific stuff unless you really want to, and you normally shouldn't want to. I'm sure you know this, but for some applications, POSIX is not really enough. Thus, for example, the need for some portable abstraction libraries like libevent.
Glibc change exposing bugs Posted Nov 14, 2010 23:08 UTC (Sun) by nix (subscriber, #2304) [Link]
Yes, exactly. But at worst you should stuff the nonportability into a library with an API which can be replicated on other platforms (or make that library as portable as possible, and keep it a separate library to keep the ugly away from everyone else.)
(btw, your account name is... *interesting*.)
Glibc change exposing bugs Posted Nov 15, 2010 1:37 UTC (Mon) by promotion-account (guest, #70778) [Link] (btw, your account name is... *interesting*.) That's descriptive anonymity :) Readers usually give higher weight to subscribers opinions here, so this handle honestly states that I'm a promoted guest.
Glibc change exposing bugs Posted Nov 15, 2010 10:39 UTC (Mon) by nix (subscriber, #2304) [Link]
Ah. I interpreted it as 'account bought to promote something else', and got confused because most advertisers would try to lie about it and *not* mention their affiliations :)
'Promotion' is a word with many meanings...
Glibc change exposing bugs Posted Nov 15, 2010 8:13 UTC (Mon) by dlang (✭ supporter ✭, #313) [Link]
you are assuming that the program authors care about Irix, AIX, Solaris, or anything else.
most programs do not start off being written portably, usually portability is something that shows up after the program starts being used when people ask about using it on other platforms (and it's not uncommon for it to wait until those people asking submit patches)
not saying that this is right, just saying that it's the way things are. When Solaris dominated the same thing happened favoring it.
Glibc change exposing bugs Posted Nov 11, 2010 0:30 UTC (Thu) by charlieb (subscriber, #23340) [Link]
> Hmm... the man page on my desktop computer (RHEL4) says:
What manpage is that? The memcpy(3) manpage on my CentOS4 box does not say "the behavior is undefined". Ah, I see that the memcpy(3p) one does.
> 'must' and 'should' are more in the vein of RFCs.
OK. But at least those are clear. "should" in the context of an API man page is not.
Glibc change exposing bugs Posted Nov 11, 2010 12:23 UTC (Thu) by gidoca (subscriber, #62438) [Link]
> OK. But at least those are clear. "should" in the context of an API man page is not.
If "should" is interpreted the way you do, then they might as well have omitted the sentence.
Glibc change exposing bugs Posted Nov 11, 2010 18:03 UTC (Thu) by donwaugaman (subscriber, #4214) [Link]
memcpy(3) on the same RHEL4 box says:
"The memory areas may not overlap."
... which sounds a little stronger than "should" to me.
Not sure why CentOS4 differs...
At any rate, arguing over the man pages is irrelevant to the standard - if the man pages don't match the standard, the man pages need to be fixed rather than the standard.
That being said, it would sure be nice to have some kind of formal deprecation of the previous behavior. One of the nice things about the free software world is that it should be more possible to make these kinds of changes because it's easier to change the programs whose assumptions worked OK with the previous behavior but are violated by the new behavior. Of course, with closed-source Flash players, that goes out the window, and it becomes a question of whether it is more important to pacify Adobe users or to give Adobe an incentive to clean up its software.
Glibc change exposing bugs Posted Nov 11, 2010 0:04 UTC (Thu) by nix (subscriber, #2304) [Link]
POSIX states:
> If copying takes place between objects that overlap, the behavior is undefined.
The behaviour of Linux (and Unix) systems in this area are governed by POSIX, not a random manpage. (And in this case POSIX is aligned with ISO C, and even uses the same phrasing.)
|
|||||||||||||