itrsea has quit [Remote host closed the connection]
mrpops2ko has joined #osdev
Matt|home has quit [Quit: Matt|home]
leoh has joined #osdev
leoh has quit [Ping timeout: 276 seconds]
kryptik has quit []
edr has quit [Quit: Leaving]
FreeFull has quit [Ping timeout: 276 seconds]
xtal32k_clk has quit [Quit: WeeChat 4.5.2]
mrpops2ko has quit [Ping timeout: 240 seconds]
c0co has quit [Ping timeout: 276 seconds]
leoh has joined #osdev
<leoh>
what are some good os projects to contribute on? as a relative novice to osdev. I have basic training in OS class and have completed MIT's open course 6.828, where I implemented a exokernel os from scratch (of course, with much help from the course material)
<heat>
for my next trick i'll add both the second layer open and the second layer cloexec
<heat>
for RUNTIME OPTIMISED ONYX
<heat>
I OPTIMIZE FOR EXECVE
<mjg>
i close on open
<mjg>
see teh fucken bloat i linked above
<mjg>
literally for every fucken fd
<heat>
that filecaps stuff could really be a pointer i'd guess
<mjg>
you might also notice a literal hole due to int16_t nioctls and uint22_t fcntls
<mjg>
you are not going to get away without fc_rights being there, that's mandatory
<mjg>
but ioctls (LOL) are rarely present and could be a dedicated fucking struct populated as needed
<heat>
is it though?
<heat>
how often is capsicum used?
<mjg>
few things *set* rights, but everything is looking at them
<heat>
if (!fd->fde_caps) /* assume default */
<sortie>
clofork is cute and all, but you know what's on my mind? What happens if you call setpgid on a zombie process? Perhaps one that is possibly already a process group leader. What happens if you call tcsetpgrp to a zombie process group?
<mjg>
in principle you could indeed have a bit indicating there are any rights
<mjg>
sortie: lol process group stuff is giving me flashbacks
<bslsk05>
elixir.bootlin.com: Making sure you're not a bot!
<mjg>
the lock is held around the actual modification of the bitmap
<mjg>
not the decision to do it
<mjg>
see above for the description of the race
<mjg>
race-free would hold some lock from fd -> file translation all the way to setting/clearing teh bit
<heat>
ah yes
<heat>
it also silently supposes the fd table doesn't shrink
<mjg>
well it is an implicitly provided invariant
<mjg>
i mean i agree the assumption is not stated
<mjg>
but it is already depended on for lockless fd lookup
<mjg>
so
<heat>
not necessarily
<heat>
yeah __fget_files_rcu does not assume that
<mjg>
oh the count is tied to the size
Left_Turn has quit [Remote host closed the connection]
Left_Turn has joined #osdev
Left_Turn has quit [Read error: Connection reset by peer]
Left_Turn has joined #osdev
Left_Turn has quit [Read error: Connection reset by peer]
Left_Turn has joined #osdev
EmanueleDavalli has quit [Quit: Client closed]
Left_Turn has quit [Read error: Connection reset by peer]
Left_Turn has joined #osdev
Left_Turn has quit [Read error: Connection reset by peer]
Left_Turn has joined #osdev
<heat>
sortie: re setpgid on ded processes, i remove the process from the pgid+session when _reaped_
<zid>
why are you aping things twice
<sortie>
heat: That's the Linux behavior too, and I think it's better.
agent314 has quit [Ping timeout: 276 seconds]
<sortie>
There is a shell race condition where it's building a whole pipeline, making one process a process group leader, and then making each other process, and putting them into the process group. BUT the process group leader might, depending on scheduling, exit faster than the rest of the pipeline can be built
<sortie>
To do things properly and race condition free, one traditionally runs setpgid in both the child and the parent shell process, when making the process group leader. That way you know it's definitely in the process group. But that setpgid call in the parent shell might actually be run on a zombie process, since it may have exited, but hasn't been waited for yet
<sortie>
However, many systems, including BSD (will publish data momentarily), may fail to setpgid on a zombie child because it doesn't exist any more
<sortie>
In those cases, setgid may give you ESRCH and you're a bit fucked when constructing the rest of the pipeline
Left_Turn has quit [Read error: Connection reset by peer]
Left_Turn has joined #osdev
<mjg>
is that a *real* problem or a hypothetical
<mjg>
as in, is the race window big enoguh that you can realistically run itno it?
<sortie>
I've definitely had cases like it happen on Sortix
<sortie>
true | less # cheap left hand sides like that, with some worst case scheduling outcomes
<sortie>
It's also complicated by foreground process groups, where you also need to tcsetpgrp to the new foreground process group (and what happens if it's a zombie)
<sortie>
I think we've all learned by now that even extremely unlikely race conditions do occur, right?
<sortie>
https://sortix.org/os-test/#pty ← Data for tcsetpgrp on zombie process groups. Curiously, everyone allows tcsetpgrp to a zombie process group, even when they don't allow setpgid on it
<bslsk05>
sortix.org: os-test
<sortie>
heat: EINVAL is minix being minix (broken and abandoned), EPERM is Sortix being stricter than it has to be (which is what caused me my bugs, and why I investigated everyone's behavior, since POSIX doesn't mention this case directly)
<mjg>
:O
<mjg>
where did you get aix3
<sortie>
mjg, I've been known to locate systems, from time to time
<sortie>
mjg, hehehe I've been granted access to cfarm, the gcc compile farm
<heat>
these days it's harder to avoid aix than to get it
<heat>
it's everywhere!
<sortie>
something something boys brings aix to the yard
<sortie>
It is seriously useful, though, to ponder how different systems implement weird edge cases, and then write a couple quick tests, and get data from *everywhere*. Don't forget y'all can just send an easy os-test MR if you got anything you wanna test like that and I'll happily get you the data
<mjg>
fucking corner cases
<mjg>
bane of existence
<sortie>
They're fun :D
<heat>
why would you do that with corner cases? that's kind of weird
<sortie>
Legit I can pick any system call, send absurd inputs to it, and I will highly likely find a bug in *some* Unix
<mjg>
well
<mjg>
we are maybe 1 decade off of literally CRASHING systems by trivially fuzzing system calls
<heat>
trinity bro!
<mjg>
and by trivially fuzzing i mean picking args at random
<heat>
syzkaller probably also has decently wide support for whatever systems you're testing
<mjg>
and yes, that includes the bsds and SOLARIS
<sortie>
I am actually surprised I haven't crashed any kernels yet
<sortie>
I guess my inputs aren't that cursed
<mjg>
are the kernels running with debug?
<mjg>
if not, i think yo uare just 1 decade too late
<sortie>
My inputs are usually implementation defined, if not standardized
<mjg>
i refer you to my previous remarks about not-freed objs
<mjg>
around process group management in the bsds
<sortie>
Yeah that bug was embarrassing
<mjg>
here is a funny story
<sortie>
I did spent a lot of work in early Sortix development making sure processes did not leak
<mjg>
netbsd added a bunch of asserts in the area
<mjg>
i figured that sounds good, i added them in freebsd and smoke tested the system
<mjg>
all good
<mjg>
... except it started crashing after i committed
<mjg>
ended up reverting :D
<mjg>
they did eventually get
<sortie>
My biggest defense against memory leaks in Sortix is the overnight 12-hour 3 million process system self-build. If anything starts leaking, it's probably going to explode with an OOM
<heat>
spotify asks me to reload the web page every 2-3 days
<heat>
for a "better experience"
<heat>
i assume this is a memleak
<sortie>
but whose
<mjg>
would be funny if they only recommended the reload on your browser, would not it
<mjg>
being literally the only os which operates differently
<sortie>
mjg: It's legit a mild security issue in everyone else
<sortie>
mjg: There's a race condition where between socket() and connect(), an UDP socket can receive a datagram from a wrong other remote address, and it gets delivered even though connect() on UDP will only receive datagrams from the specified address
<sortie>
It's one of those race conditions that are so short, and requires the attacker to somehow know the correct port and exact timing, and involve a program that somehow connects UDP socket, and where a bad datagram can have a bad impact (and isn't properly checked), so... nobody else considered it a security issue
<nikolar>
sortie: what do you do with cfarm
<mjg>
sortie: huh
<sortie>
nikolar: I run https://sortix.org/os-test/ on their proprietary unixes (the machines I can't get virtual machines of)
<bslsk05>
sortix.org: os-test
<nikolar>
cute
<sortie>
It's really one of my strongest tools to make Sortix interoperable in depth and to find bugs in all unix systems :)
<heat>
sortie: i think i saw a CVE in linux semi-recently where the problem was that they were *not* delivered
<heat>
:)
goliath has quit [Quit: SIGSEGV]
<mjg>
yo heat
<heat>
sup
<mjg>
what's the aftermath of that musl vs string ops fiasco
<mjg>
did anything change
<heat>
of course
<heat>
not
<mjg>
D
EmanueleDavalli has joined #osdev
<heat>
ping me again in 2045 once compilers figure out OPTIMAL vectorization
<mjg>
> musl's memcpy implementation is generally considered fast, especially for its design goals of being lightweight, simple, and standards-compliant, but it might not always be the absolute fastest compared to highly specialized glibc implementations on certain high-end server CPUs.
<heat>
i suppose dalias hasn't examined this way of doing string ops
<heat>
overlapping doesn't mean what it thinks it means, but we're approaching perfection
<heat>
at this point just deploy it to prod and we'll iron out the kinks
<mjg>
this is all stale tho
<mjg>
i do zerocopy memcpy
<mjg>
but i'm not gonna share how
<heat>
kernel-assisted memcpy with page remapping tricks
<heat>
the gang uses vmsplice
<mjg>
bro
<mjg>
check out a pipe hack in freebsd
<mjg>
it probably made sense back when it was implemented
<mjg>
i verified that now it mostly wastes time
<mjg>
after the SMPification and related overhead
<mjg>
write can literally block the caller and wire the pages to avoid doing a copy
<mjg>
into the kernel
<mjg>
the problem is that now this comes with a shitload of atomics to stabilize the state (and then undo it)
<heat>
uvm also does that
<mjg>
even with this issue aside, it is unclear if mandatory blocking here is any good
<mjg>
in principle the caller could be spending that time getting ready to produce more data
<heat>
block the caller how?
<heat>
that seems weird honestly
<mjg>
it literally stops executing
<heat>
in any case in THE LINUX KERNEL you can explicitly opt into doing that sort of stuff with vmsplice, splice and tee
<heat>
and sendpages
<mjg>
fwiw the freebsd pipes are pretty chopped
<heat>
and THE GNU OPERATING SYSTEM is optimized towards that
<mjg>
but i'm not going to go into details
<heat>
pipes in general aren't the greatest thing in the world to implement
<heat>
but you know that
<mjg>
are you baiting me to point out the real shit which does not have to be there or what
<heat>
no
<mjg>
i'm gonna share some shit anyway since you insist
<mjg>
so there is a part of KVA carved out for pipe buffers
<heat>
i literally said no
<heat>
:(
<mjg>
and pipes are allowed to go both ways. to that end you get 2 separate allocations
<mjg>
and ofc freeing that trigger a TLB flush
<mjg>
meaning pipe-heavy shit results in an idiotic IPI traffic
tjf has quit [Ping timeout: 252 seconds]
randm has quit [Ping timeout: 252 seconds]
randm has joined #osdev
* Ermine
writes pessimal stuff at $dayjob
Gooberpatrol66 has joined #osdev
<Ermine>
copying stuff to userspace and back to a device
<Ermine>
utter crapper
<Ermine>
unsolvable without a kernel though
<Ermine>
kernel driver*
kata has quit [Read error: Connection reset by peer]
kata has joined #osdev
leoh has joined #osdev
mahk has joined #osdev
EmanueleDavalli has quit [Quit: Client closed]
EmanueleDavalli has joined #osdev
EmanueleDavalli has quit [Quit: Client closed]
vdamewood has quit [Quit: Life beckons]
<geist>
PESSIMAL
<heat>
do you use gemini to write fuchsia code?
wgrant has quit [Ping timeout: 252 seconds]
wgrant has joined #osdev
pabs3 has quit [Ping timeout: 245 seconds]
* klys
bid on the decmate ii
pabs3 has joined #osdev
leoh has quit [Ping timeout: 240 seconds]
<klys>
and won
<nortti>
nice. what'cha gonna do with it?
leoh has joined #osdev
<klys>
try and hook it up to a breadboard or see if it boots through the serial port, also first dump the chargen rom for mame, and then more of that. I don't have the rx01/rx02 board for it, so I may need to get that somehow in the future.
<klys>
I do however have two rx02 drives here
<klys>
am meaning to reproduce drawings for said drives
<klys>
presently wondering about the drive motor, as it has five wires, may have to determine the pinout by hooking it up or something
netbsduser has joined #osdev
jcea has joined #osdev
Matt|home has joined #osdev
teejay has quit [Ping timeout: 260 seconds]
karenw has joined #osdev
Left_Turn has quit [Remote host closed the connection]
wgrant has quit [Ping timeout: 248 seconds]
Left_Turn has joined #osdev
wgrant has joined #osdev
<ZetItUp>
i tried to use chatgpt to help with programming, it gets so bad after a while and starts going in circles :/
leoh has quit [Ping timeout: 244 seconds]
<ZetItUp>
working on a little bootloader and it crashed everytime just before going into protected mode, and chat gpt kept going on and on about IDT table was not set, cause i pasted a QEMU register log to it, so it got super stuck on that every problem was IDT related after that
<zid>
kek
<heat>
i don't know man i got gemini to give me a pretty good optimized memcpy
<zid>
anything stealable it can do fine
<heat>
it might work it might not, i don't know, i don't care, lets test it in prod
<zid>
because it stole it already
<zid>
it's basically the xkcd for coding by just gluing stackoverflow results together
<ZetItUp>
yeah i noticed that aswell, alot of code it gave was some variant of one type of code
<zid>
well, it's an LLM
<zid>
that's literally how they work and what they're for
<zid>
you pirate 40 novels on dragons into it and it can sort of make a random mashup of shit novels about dragons
<ZetItUp>
also i gave it my full boot.asm file, it seems to forget after a while because, all of a sudden when i asked for stuff, it gave me weird code, so i asked where it found it, and it said "You have it in your code right here" and gave me a code snippet, nothing in that code was any of my code :D