From: Alexander Cherepanov <ch3root@openwall.com>
To: musl@lists.openwall.com
Subject: Re: Possible infinite loop in qsort()
Date: Tue, 12 Jan 2016 17:31:31 +0300 [thread overview]
Message-ID: <56950E43.60508@openwall.com> (raw)
In-Reply-To: <20160112124855.GB13558@port70.net>
On 2016-01-12 15:48, Szabolcs Nagy wrote:
> * Alexander Cherepanov <ch3root@openwall.com> [2016-01-12 15:25:57 +0300]:
>
>> On 2016-01-10 14:38, Markus Wichmann wrote:
>>> On Sat, Jan 09, 2016 at 11:05:16PM -0500, Rich Felker wrote:
>>>> On Sat, Jan 09, 2016 at 10:07:19AM +0100, Felix Janda wrote:
>>>>> musl enforces that object sizes should not be greater than PTRDIFF_MAX.
>>>>> See for example the discussion at
>>>>>
>>>>> http://www.openwall.com/lists/musl/2013/06/27/7
>>>>>
>>>>> So there will not be objects of size 3GB with musl on x32. Since the
>>>>> Leonardo numbers grow slower than 2^n in general no overflow should
>>>>> happen if "size" is valid. Otherwise, UB was invoked.
>>>>
>>>
>>> OK. Might want to make that assumption a bit more prominent, because
>>> this is the first time I've ever heard about it, but OK, no objects >2GB
>>> on 32-bit archs.
>>
>> Yeah, I don't see it in the doc. Did I miss it?
>>
>> If it neither works nor documented as a limit I'd call it a bug.
>
> in musl things are documented in the git log for now, e.g.:
> http://git.musl-libc.org/cgit/musl/commit/?id=3cd6f5229f079f892411e82fce3fe15c78eef4d8
IMHO such things should be documented in user-facing documentation, not
in source code comments, git log or email posts.
> i think if an implementation does not give this guarantee
> that should be considered a bug.
Some consider it a bug, others -- a feature.
But if you want to provide this guarantee it's not that easy. Compilers
are not under your control. Even with gcc (which tries to provide this
guarantee) you can create VLA 2.5GB in size and run it with `ulimit -s
unlimited` (at least as a 32-bit binary on a 64-bit host).
Then, a user can create an object of any size via mmap with MAP_FIXED
flag, right?
> (glibc does not guarantee this and indeed it is full of invalid
> pointer arithmetics,
Care to provide examples?
> but more importantly a huge number of
> existing libraries depend on this)
>
>> BTW the support in compilers for working with objects larger than half the
>> address space is buggy -- see
>> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67999 . The same situation --
>> it neither works nor documented. Somewhat puzzling...
>
> yes, but it's not possible to support reasonably
Why is that?
--
Alexander Cherepanov
next prev parent reply other threads:[~2016-01-12 14:31 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-09 8:21 Markus Wichmann
2016-01-09 9:07 ` Felix Janda
2016-01-10 4:05 ` Rich Felker
2016-01-10 10:33 ` Szabolcs Nagy
2016-01-10 11:38 ` Alexander Monakov
2016-01-10 11:38 ` Markus Wichmann
2016-01-10 12:15 ` Szabolcs Nagy
2016-01-12 12:25 ` Alexander Cherepanov
2016-01-12 12:48 ` Szabolcs Nagy
2016-01-12 14:31 ` Alexander Cherepanov [this message]
2016-01-12 16:22 ` Szabolcs Nagy
2016-01-14 22:21 ` Rich Felker
2016-01-14 22:17 ` Rich Felker
2016-01-10 16:35 ` Morten Welinder
2016-01-10 16:45 ` Jens Gustedt
2016-01-12 10:30 ` Alexander Cherepanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56950E43.60508@openwall.com \
--to=ch3root@openwall.com \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).