From: fjh@munta.cs.mu.OZ.AU (Fergus James HENDERSON) Subject: Re: IMPORTANT [BUG in 0.99] Re: [ANNOUNCE]: linux version 0.99 Date: 29 Dec 1992 20:21:30 GMT
sdw@meaddata.com (Stephen Williams) writes:
>Lars Wirzenius (wirzeniu@klaava.Helsinki.FI) wrote:
>: >Just curious - I haven't got the .99 sources yet, but why is an explicit
>: >initialiser needed here. A static pointer ought to be initialised to
>: >NULL in the executable already?
>NOT!
You are incorrect here. Ansi C guarantees that static variables are
initialized.
>:
>: In normal C programs, yes, but the kernel is a bit special. Like, for
>NOT!
You are incorrect here also.
>: instance, who is going to do the initialization? Normally it is the
>: kernel (which zeroes out all memory before it is given to a user
>: process), the linker (which loads the pre-initialized variables from a
>: file, i.e. those variables which are given an explicit initializer),
>: and possbily the C startup code. Trouble is, none of these are active
>: when the kernel is booting...
>
>Statics are either explicitly initialized or they are not.
>If they are not, their contents are UNDEFINED until set.
>This is per ANSI C.
Wrong.
>There is NO requirement of the compiler or system to zero
>un-initialized statics (or auto's).
Wrong.
>The fact that some systems waste time doing so is no reason rely on it
>as a feature. This was already debated and tossed out as something to
>rely on.
For all multi-user operating systems (like Linux ;-), the operating
system must in general initialize the memory for security reasons.
Thus it is not time wasted.
(Otherwise you could go snooping about in the unitialized memory, looking
for confidential data stored there by the previous inhabitant. See
the recent article in comp.risks about the Risk of leaving confidential
data in memory on DOS machines.)
[lots of extremely non-portable suggestions deleted]
>
>And, yes, it would be nice if the nulling were garunteed. The problem
>I think is the overhead incurred for a program that has a huge bss and
>doesn't need it initialized. A better solution would be (if it
>weren't for the headache..) to have bss and bsz segments.
As noted above, the initialization *is* guaranteed, and it is *not*
unnecessary overhead.
-- Fergus Henderson fjh@munta.cs.mu.OZ.AU This .signature virus is a self-referential statement that is true - but you will only be able to consistently believe it if you copy it to your own .signature file!