Related to unspecified vs undefined. I recall some C code was trying to be tricky and read from just allocated memory. Something like:
int* ptr = malloc(size);
if(ptr[offset] == 0)
{
}
The code was assuming that the value in an allocated buffer did not change.
However, it was pointed out in review that it could change with these steps:
1) The malloc allocates from a new memory page. This page is often not mapped to a physical page until written to.
2) The reads just return the default (often 0 value) as the page is not mapped.
3) Another allocation is made that is written to the same page. This maps the page to physical memory which then changes the value of the original allocation.
A read from an unmapped page producing a different value than reading from that same page after it's mapped is an OS bug (*). If this was an already allocated page that had something written to it, reading from it would page it back in and then produce the actual content. If this was a new page and the OS contract was to provide zeroed pages, both the read before it was mapped and the read after it was mapped would produce zero.
What could happen is that the UB in that code could result in it being compiled in a way that makes the comparison non-deterministic.
(*): ... or alternatively, we're not talking about regular userspace program but a higher privilege layer that is doing direct unpaged access, but I assume that's not the case since you're talking about malloc.
The closest thing to "conditionally returned to the kernel" is if the page had been given to madvise(MADV_FREE), but that would still not have the behavior they're talking about. Reading and writing would still produce the same content, either the original page content because the kernel hasn't released the page yet, or zero because the kernel has already released the page. Even if the order of operations is read -> kernel frees -> write, then that still doesn't match their story, because the read will produce the original page content, not zero.
That said, the code they're talking about is different from yours in that their code is specifically doing an out-of-bounds read. (They said "If you happen to allocate a string that's 128 bytes, and malloc happens to return an address to you that's 128 bytes away from the end of the page, you'll write the 128 bytes and the null terminator will be the first byte on the next page. So they're very clearly talking about the \0 being outside the allocation.)
So it is absolutely possible to have this setup: the string's allocation happens to be followed by a different allocation that is currently 0 -> the `data[size()] != '\0'` check is performed and succeeds -> `data` is returned to the caller -> whoever owns that following allocation writes a non-zero value to the first byte -> whoever called `c_str()` will now run off the end of the 128B string. This doesn't have anything to do with pages; it can happen within the bounds of a single page. It is also such an obvious out-of-bounds bug that it boggles my mind that it passed any sort of code review and required some sort of graybeard to point out.
Unfortunately this hypothesis is also wrong. MAP_UNINITIALIZED can only be enabled in the kernel when there is no MMU, and in that case the page will already be in physical memory, so the very first pointer dereference will read the correct byte, not a fake zero because it's "uninitialized".
These days I would prefer it say that the documentation for communication protocols and for any computer control interface or network functionality must supplied and destination any addresses configurable by the user.
Higher levels of bisphenol A (BPA), a plastic commonly used in food packaging, were detected in urine samples taken from women pregnant with boys later found to have autism.
Florey researchers identified the biological molecular mechanism underlying this association.
If you are thinking about the C runtime on Windows, you can statically link those dlls into your program via compile time options.
There are valid reasons for dlls however. The main one being symbol name collision.
For example, you can use a dll that links to version 1 of a library, while using version 2 of the library yourself without having any name collisions.
Many years ago when I did Linux development this was a main gripe of using .so files - imported names could clash with the same global names in your program and you get random runtime behaviour.
And the other reason for dlls for common system libraries, security. If a security bug is found in a dll that is shared amongst a lot of programs, that can be updated without having to recompile all the programs.
I don't think a town in Tennessee recently outlawed homosexuality in public,
They just added:
"No person shall knowingly while in a public space engage in indecent behavior, display, distribute, or broadcast indecent material, conduct indecent events, or facilitate any of the foregoing prohibited acts."
Problem was that the referenced indecent statue definition included homosexuality, which was then removed from the definition even before it blew up on social media
What do you think the intent of the ordinance is? My aunt recently moved to Tennessee and as a trans woman, I am terrified of stepping foot in that state. It is clear we are not welcome there.
It was removed in response to a lawsuit. Strictly speaking, yes they did recently outlaw being gay, but it was (allegedly) due to forgetting to change a statute definition rather than expanding it.
I guess they get kudos for removing “homosexuality” from the definition of “indecent acts” in 2023!
In any case, the question is whether there’s reason to believe this will be a slippery slope. There’s obviously a pattern of increasing moral regulation throughout the country including book bans. That this particular instance of moral regulation was a bit complicated in its implementation and (allegedly) accidentally overzealous in its scope doesn’t negate the trend.
FYI there is a at least one science journal that only publishes reproduced research:
Organic Syntheses
"A unique feature of the review process is that all of the data and experiments reported in an article must be successfully repeated in the laboratory of a member of the editorial board as a check for reproducibility prior to publication"
Approx one light-day out. The nearest star is 4.2 light-years out.
Doesn't even matter if voyager is heading towards it or not, it's still crazy far away. Voyager is still on our doorstep as far as interstellar distances go.
Light falls off in brightness to the distance squared. So the sun will be 160.7^2 = 25824.5 times fainter for Voyager 2 than it is from Earth. (Since Earth is at 1AU)
The apparent magnitude of the sun from Earth is -26.72. Each step in magnitude is multiplying by 2.512. (2.512^5 = 100, so 5 steps of magnitude is a factor of 100).
log2.512(25824.5) = 11.0295.
11.0295 + -26.72 = -15.6905.
The apparent magnitude of the full moon is only −12.74 (lower is brighter). So for Voyager 2 the sun is still several times brighter than we see the moon. The sun is still many many times brighter than the next brightest star in the sky, Sirius, which has an apparent magnitude of −1.46.
int* ptr = malloc(size); if(ptr[offset] == 0) { }
The code was assuming that the value in an allocated buffer did not change.
However, it was pointed out in review that it could change with these steps:
1) The malloc allocates from a new memory page. This page is often not mapped to a physical page until written to.
2) The reads just return the default (often 0 value) as the page is not mapped.
3) Another allocation is made that is written to the same page. This maps the page to physical memory which then changes the value of the original allocation.
reply