[HN Gopher] Perfecting GLFW for Zig, and finding lurking undefin...
___________________________________________________________________
Perfecting GLFW for Zig, and finding lurking undefined behavior
that went unnot
Author : todsacerdoti
Score : 36 points
Date : 2021-10-31 20:39 UTC (2 hours ago)
(HTM) web link (devlog.hexops.com)
(TXT) w3m dump (devlog.hexops.com)
| abainbridge wrote:
| The article discusses some undefined behaviour resulting from
| shifting an unsigned char left by 24 places. Any idea why the
| compiler wasn't warning about that? It seems like it would be
| easy to implement that warning in the compiler. I feel that I'm
| missing something.
| quag wrote:
| That's the point made at the end of the article. The compiler
| check does exist, but because it isn't defaulted to on, no body
| in 6 years use it. Zig has the checks on by default, so the
| first time someone used it, they found and fixed it for
| everyone.
|
| > Anybody using GLFW could have enabled UBSan in their C
| compiler. Anybody could have run into this same crash and
| debugged it in the last 6 years. But they didn't. Only because
| Zig has good defaults, because it places so much emphasis on
| things being right out of the box, and because there is such an
| emphasis on having safety checks for undefined behavior - were
| we able to catch this undefined behavior that went unnoticed in
| GLFW for the last 6 years.
| abainbridge wrote:
| I was expecting a compile time warning and thought ubsan
| shouldn't be necessary. But CUViper explains why the UB can
| only be caught at runtime.
| seba_dos1 wrote:
| I have fixed similar issues in Allegro and SDL (which are
| libraries that cover a superset of GLFW's scope) because I do
| use UBSan in my projects. Unfortunately, I haven't used GLFW
| in any project yet, so I couldn't fix this one :)
|
| (the point on good defaults stays valid though)
| 10000truths wrote:
| gcc and clang _should_ warn about this:
| #include <stdint.h> void foo() {
| uint32_t foo = 1; foo <<= 32; }
|
| According to godbolt, the following warning is emitted for gcc:
| warning: left shift count >= width of type [-Wshift-count-
| overflow]
|
| And for clang: warning: shift count >= width
| of type [-Wshift-count-overflow]
|
| https://godbolt.org/z/ffccWexMP
| CUViper wrote:
| It's not actually shifting a char, because integer promotion
| happens first.
|
| https://github.com/glfw/glfw/pull/1986#issuecomment-95578417...
| fyrn- wrote:
| I've actually found this bug before, but since I've been stuck on
| a six years out of date version of GLFW, I assumed it had been
| fixed and just wrote a ticket to update GLFW. It was wild to see
| this in my feed today!
| losvedir wrote:
| Can anyone provide some context? I don't know what GLFW is, and
| the blog post doesn't really explain. From Googling, I see what
| it is now, but I don't really have a sense of how important GLFW
| bindings are. Is this very niche? Or, like is this a major
| contribution to game development? For that matter, is this mainly
| going to help Zig game developers, or is this a bit of tooling
| for everyone, kind of like zig cc?
| slimsag wrote:
| Author here, sorry for the missing context. GLFW is very
| popular among game developers for opening graphics windows in a
| cross-platform way.
|
| This helps just Zig game developers for now, it's not a major
| contribution to game development (though I hope other things I
| do with Mach engine in the future will be.)
|
| I do think with some minor tweaks this could be used to make
| bindings for GLFW in other languages easier to install, e.g. by
| just requiring `zig`, but I haven't done that here.
| losvedir wrote:
| Thanks! No need to apologize, I'm not in your target
| audience, and that's fine. Was just curious, is all.
| hsn915 wrote:
| glfw is very widely known because it's usually one of the
| recommended libraries to use when starting out graphics
| programming. It basically a cross platform library to create a
| window and initialize an opengl context .. or something like
| that. (It's been _many_ years since I last used it).
| iamcreasy wrote:
| Is it safe to say that SDL is a strict superset of GLFW?
| slimsag wrote:
| I think that is a reasonable statement. SDL includes other
| functionality like image loading, audio, etc. whereas GLFW
| is primarily focused just with getting a window with a
| graphics context for OpenGL/Vulkan/etc set up.
___________________________________________________________________
(page generated 2021-10-31 23:00 UTC)