From: Rich Felker <dalias@libc.org>
To: musl@lists.openwall.com
Subject: Re: [PATCH] slim down and avoid undefined behavior in unsetenv
Date: Sat, 5 Mar 2016 11:30:34 -0500 [thread overview]
Message-ID: <20160305163034.GI9349@brightrain.aerifal.cx> (raw)
In-Reply-To: <alpine.LNX.2.20.1602211222470.21162@monopod.intra.ispras.ru>
On Sun, Feb 21, 2016 at 12:51:30PM +0300, Alexander Monakov wrote:
> > errno = EINVAL;
> > return -1;
> > }
>
> Some places in musl tail-call to __syscall_ret(-Exxx) to set errno. I wonder
> if it's accidental or there's a guideline for using one style or the other?
A large portion of the source files in musl are written purely with
public APIs. This is especially desirable for legacy functions, where
there's no reason to optimize them and where being maintenance-free is
the most valuable property, but it's also nice for other files from
the standpoints of maintenance, ease of reading, and ease of reuse in
other software (as drop-ins for systems lacking working versions of
these functions) or libcs.
With this in mind, __syscall_ret is mainly used in places where the
surrounding code already deals directly with making syscalls or does
other things that necessitate use of libc-internal APIs. This might
not be followed everywhere as a strict rule, but it's the intent.
> The only place I imagine the tailcall style might be undesired is sem_trywait,
> where returning failure is not expected to be rare.
>
> What do you think about a change that introduces __set_errno that accepts
> positive errno and returns -1L? With that change __syscall_ret can become
>
> return r < -4095UL ? r : __set_errno(-r);
I don't see much value to it; return __set_errno(e) is functionally
equivalent to return __syscall_ret(-e) and just saves one "neg"
instruction before the tailcall. It might be a nicer abstraction in
places where we don't use syscalls directly, but for the most part
musl avoids internal APIs in those situations anyway, as explained
above.
> > -again:
> [snip]
> > + for (char **e = __environ; *e; )
> > + if (!memcmp(name, *e, l) && l[*e] == '=') {
>
> Here the usage of memcmp requires that it scans buffers left-to-right and
> stops on first mismatch. As I understand the standards do not guarantee that,
> but musl's current implementation does, and is not interposable. Still, a
> gotcha.
I think you're right. Would it be better to switch such usage to
strncmp then?
Rich
next prev parent reply other threads:[~2016-03-05 16:30 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-20 18:09 Alexander Monakov
2016-02-20 18:18 ` Alexander Monakov
2016-02-21 9:51 ` Alexander Monakov
2016-03-05 16:30 ` Rich Felker [this message]
2016-03-05 17:24 ` Alexander Monakov
2016-03-05 5:18 ` Rich Felker
2016-03-05 6:01 ` Alexander Monakov
2016-03-05 6:14 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160305163034.GI9349@brightrain.aerifal.cx \
--to=dalias@libc.org \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).