Michel Lind 
One year to the day after my first #glibc commit is written, I am back at Arjun’s glibc clinic for round two! @devconf_cz
datenwolfAll I want is just a collection of #binutils, #GCC, #llvm+#clang, #glibc and #musl that are "free standing" / relocatable, which I can pack into a #squashfs image to carry around to my various development machines.
You'd think that for something as fundamental as compiler infrastructure with over 60 years of knowledge, the whole bootstrapping and bringup process would have been super streamlined, or at least mostly pain free by now.
Yeah, about that. IYKYK
IBBoardReading through the code, and I'm not even sure that some of the PHP functions make sense!
PHP has a `crypt` function that takes a string and a salt. But the Wordpress code _and_ the in-page function are using the hashed password as the salt. Which makes no sense. How can you salt a password with the hashed password and get something that you can compare against?
Wait. There _is_ something in the PHP docs. Not well signposted. But apparently "salt" _is_ extracted from hashed values. Which is SO obvious from the parameter naming 🙄
Should say up-front "$salt is not actually the salt - it's a string containing the salt and other characters that's processed according to the chosen crypt algorithm"
*digs further*
Oh. It looks like that magic behaviour is ACTUALLY the fault of glibc2 😑 https://linux.die.net/man/3/crypt
(Not clear yet how it handles `$P$` not being one of its known prefixes 😐)
Felix Palmen 
Solved! 🥳
This was a pretty "interesting" bug. Remember when I invented a way to implement #async / #await in #C, for jobs running on a threadpool. Back then I said it only works when completion of the task resumes execution on the *same* pool thread.
Trying to improve overall performance, I found the complex logic to identify the thread job to put on a pool thread a real deal-breaker. Just having one single MPMC queue with a single semaphore for all pool threads to wait on is a lot more efficient. But then, a job continued after an awaited task will resume on a "random" thread.
It theoretically works by making sure to restore the CORRECT context (the original one of the pool thread) every time after executing a job, whether partially (up to the next await) or completely.
Only it didn't, at least here on #FreeBSD, and I finally understood the reason for this was that I was using #TLS (thread-local storage) to find the context to restore.
Well, most architectures store a pointer to the current thread metadata in a register. #POSIX user #context #switching saves and restores registers. I found a source claiming that the #Linux (#glibc) implementation explicitly does NOT include the register holding a thread pointer. Obviously, #FreeBSD's implementation DOES include it. POSIX doesn't have to say anything about that.
In short, avoiding TLS accesses when running with a custom context solved the crash. 🤯
Vitexapt-listchanges: News
---------------------
#glibc (2.41-7) unstable; urgency=medium
Starting with glibc 2.41, shared libraries requiring an executable stack
cannot be dynamically loaded through the dlopen mechanism from a binary that
does not require an executable stack. This change aims to improve #security,
as the previous behavior was used as a vector for RCE (#CVE-2023-38408).
Attempting to do so will result in the following error:
cannot enable executable stack as shared object requires: Invalid argument
While most libraries generated in the past 20 years do not require an
executable stack, some third-party software still need this capability. Many
vendors have already updated their binaries to address this.
If you need to run a program that requires an executable stack through
dynamic loaded shared libraries, you can use the glibc.rtld.execstack
tunable:
GLIBC_TUNABLES=glibc.rtld.execstack=2 ./program
-- Aurelien Jarno <aurel32@debian.org> Sun, 13 Apr 2025 14:41:11 +0200
Aho@MichaelRoss something I have been trying to look for is a #Linux #ls that isn't depending on #glibc or another #libc implementation, the reason is there was some malware that attached itself to glibc and prevented you to see the directories and files it used and also the process directory in /proc
Had you a ls that wasn't built with glibc, then all the files and directories would be listed.
Had you a ls that wasn't built with glibc, then all the files and directories would be listed.
Freexian Debian LTS contributors released 46 Debian LTS Advisories about security updates for various packages in April 2025.
These include critical security bug fixes for jetty9, zabbix and glibc and more. Also several LTS contributors prepared packages for the recent point release of current stable Debian 12, with many prepared in conjunction with related LTS updates of the same packages.
Read more about this in our monthly report for April here: https://www.freexian.com/blog/debian-lts-report-2025-04/
This work is funded by Freexian's Debian LTS offering.
Your organization too can sponsor the Debian LTS (https://www.freexian.com/lts/debian/) and join the esteemed list of sponsors in the monthly report.
Monthly report about Debian Long Term Support, April 2025
Like each month, have a look at the work funded by Freexian’s Debian LTS offering. Debian LTS contributors In April, 22 contributors have been paid to work on Debian LTS, their reports are available: Adrian Bunk did 56.25h (out of 56.25h assigned). Andreas Henriksson did 15.0h (out of 20.0h assigned), thus carrying over 5.0h to the next month. Andrej Shadura did 10.0h (out of 6.0h assigned and 4.0h from previous period).
graywolfThe getopt_long manual page contains this:
> Long option names may be abbreviated if the abbreviation is unique or is an
> exact match for some defined option.
But the uniqueness does not seem to be enforced. For
static struct option long_options[] = {
{"foo", no_argument, 0, 0 },
{"far", no_argument, 0, 0 },
{0, 0, 0, 0 }
};
and -f as an argument to my program, I get back that "foo" was matched. How can
I detect the collision?
jbz⚠️ Steam Will Stop Working on Outdated Linux Systems This August | Linuxiac
「 According to a recent announcement, the Steam client will no longer run on any distribution with a GNU C Library (glibc) version older than 2.31 starting August 15, 2025.
Users who stay on an outdated toolchain will find not only Steam but also any purchased games unable to launch until the underlying operating system is upgraded 」
https://linuxiac.com/steam-will-stop-working-on-outdated-linux-systems-this-august/
Tuckers Nuts Resist! 🇺🇦 @cleverboi
Boi, I'm not knowledgeable about glibc, but I do use and like Pop!_Os, so I'm boosting your twt in an effort to secure you an answer.
I don't know your use case, so I have no clue why you'd be having this software issue with Pop!_Os!
Hope someone else can be of actual assistance.
#Linux #GLIBC #Pop!_Os #PopOs
Boi, I'm not knowledgeable about glibc, but I do use and like Pop!_Os, so I'm boosting your twt in an effort to secure you an answer.
I don't know your use case, so I have no clue why you'd be having this software issue with Pop!_Os!
Hope someone else can be of actual assistance.
#Linux #GLIBC #Pop!_Os #PopOs