netbsd-bugs: Re: port-xen/29887: sysctl kern.consdev coredumps

Subject: Re: port-xen/29887: sysctl kern.consdev coredumps
To: Martin Husemann <martin@duskware.de>
From: Bill Studenmund <wrstuden@netbsd.org>
List: netbsd-bugs
Date: 06/23/2005 15:48:39

--NKoe5XOeduwbEQHU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Jun 23, 2005 at 09:23:11AM +0200, Martin Husemann wrote:
> On Thu, Jun 23, 2005 at 12:19:47PM +0900, YAMAMOTO Takashi wrote:
> > i meant "because the idea to produce (null) and suppress coredump is
> > fundamentally bad."
>=20
> I agree. We would not start mapping a userspace address at VA 0 again, to=
 stop
> dereferences of NULL pointers to core, right?

Please actually listen to what folks are saying. No one is suggesting a
mapping at VA 0. I agree actually DOING (well, trying to do) something=20
with a NULL pointer should go boom.

> This does not mean that we should remove the "(null)" output from printf,
> and maybe add it to puts as a stopgap fix.
>=20
> But IMHO we should discourage passing NULL pointers as %s to *printf* in =
the
> style doc and fix callers as we discover them.

I agree that if we find code that explicitly passes NULL to printf(), we=20
should change it. Such code is really silly.

But why mention it in the style guide? If our printf() is fine with it,
why change code? If we really are ok with it (as evidenced by the fact we
changed man pages and code), then we shouldn't forbid it in the style
guide. Programs still have to be careful, because if they ever do more
than print such a thing, they get the big "Kaboom."

The reason why I object to such a change is that I've worked with code
that has strong-NULL-protection around printf(). I've written it. I've had
to maintain it. And it was irritating. It's no big deal if there's only
one parameter to the printf(). (val ? val : "") isn't too bad. But if you
have a printf() with multiple parameters, it can get messy. Now say your
multiple parameters aren't "val" but something more like
connection->session->client_name and it gets messier. Now start your
indentation about 40 characters in when you're keeping to 80 characters,
and it is really messy.

Libraries are supposed to make life easier and reuse code. That isn't.

Take care,

Bill

--NKoe5XOeduwbEQHU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFCuzxHWz+3JHUci9cRAiv3AJ9vwBdS1OK5DqE2nOmxHwgCoI4+igCfaxeZ
l9LbW3c8ja/e794UXA2oaAQ=
=smU6
-----END PGP SIGNATURE-----

--NKoe5XOeduwbEQHU--