Linux-Advocacy Digest #266, Volume #30 Thu, 16 Nov 00 09:13:03 EST
Contents:
Re: OT: Could someone explain C++ phobia in Linux? (mlw)
Re: OT: Could someone explain C++ phobia in Linux? (Donovan Rebbechi)
Re: The Sixth Sense ("Ayende Rahien")
Re: RedHat BugList Summary ("Chad Myers")
Re: RedHat BugList Summary ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum ("Chad Myers")
Re: A Microsoft exodus! ("Sam Morris")
Re: A Microsoft exodus! ("Sam Morris")
Re: The Sixth Sense ("Chad Myers")
----------------------------------------------------------------------------
From: mlw <[EMAIL PROTECTED]>
Subject: Re: OT: Could someone explain C++ phobia in Linux?
Date: Thu, 16 Nov 2000 08:41:30 -0500
Russ Lyttle wrote:
>
> mlw wrote:
> >
> > Russ Lyttle wrote:
> > >
> > > mlw wrote:
[snip]
> > > Easy. It isn't an emotional dislike. C++ just isn't suitable for the
> > > job. C++ is slower than C by an order of magnitude (almost as slow as
> > > Java).
> >
> > This is completely false, and its inaccuracy can be proven by comparing
> > the assembly language generated by both C and C++, you will see when
> > similar constructs are used, similar assembly is emitted.
> >
> Absolutely correct. As long as similar constructs are used, C++ is
> almost as fast as C. Just don't use any C++ specific constructs, such as
> Classes.
Again, how are classes slower than equivilent sorts of things in "C."
Take for instance:
typedef struct _class_a
{
void (*test)(struct _class_a *);
}ClassA;
void testA(ClassA *this)
{
// foo
}
void testB(ClassA *this)
{
//bar
}
functX()
{
ClassA a;
ClassA b;
a.test(&a);
b.test(&b);
}
This is in C, and it compiles to:
>>>>>>>>>>>>>>>
.file "test.c"
.version "01.01"
gcc2_compiled.:
.text
.align 4
.globl testA
.type testA,@function
testA:
pushl %ebp
movl %esp, %ebp
popl %ebp
ret
.Lfe1:
.size testA,.Lfe1-testA
.align 4
.globl testB
.type testB,@function
testB:
pushl %ebp
movl %esp, %ebp
popl %ebp
ret
.Lfe2:
.size testB,.Lfe2-testB
.align 4
.globl functX
.type functX,@function
functX:
pushl %ebp
movl %esp, %ebp
subl $20, %esp
leal -4(%ebp), %eax
pushl %eax
movl -4(%ebp), %eax
call *%eax
leal -8(%ebp), %eax
movl %eax, (%esp)
movl -8(%ebp), %eax
call *%eax
addl $16, %esp
leave
ret
.Lfe3:
.size functX,.Lfe3-functX
.ident "GCC: (GNU) 2.96 20000731 (Red Hat Linux 7.0)"
<<<<<<<<<<<<<<<<<<<<<
Now take, IMHO, an easier to maintain/read/understand version
implemented in C++
class A
{
public:
virtual void test(void);
};
class B : public A
{
public:
virtual void test(void);
};
void funcT(void)
{
A a;
B b;
b.test();
a.test();
}
Thsi compiles to:
>>>>>>>>>>>>>>>>>>>>
.file "test.cpp"
.version "01.01"
gcc2_compiled.:
.text
.align 4
.globl funcT__Fv
.type funcT__Fv,@function
funcT__Fv:
.LFB1:
pushl %ebp
.LCFI0:
movl %esp, %ebp
.LCFI1:
pushl %ebx
.LCFI2:
subl $48, %esp
.LCFI3:
leal -40(%ebp), %eax
pushl %eax
leal -24(%ebp), %ebx
movl $__vt_1A, -24(%ebp)
movl $__vt_1B, -40(%ebp)
.LCFI4:
call test__1B
movl %ebx, (%esp)
call test__1A
addl $16, %esp
movl -4(%ebp), %ebx
leave
ret
.LFE1:
.Lfe1:
.size funcT__Fv,.Lfe1-funcT__Fv
.section .eh_frame,"aw",@progbits
__FRAME_BEGIN__:
.4byte .LLCIE1
.LSCIE1:
.4byte 0x0
.byte 0x1
.byte 0x0
.byte 0x1
.byte 0x7c
.byte 0x8
.byte 0xc
.byte 0x4
.byte 0x4
.byte 0x88
.byte 0x1
.align 4
.LECIE1:
.set .LLCIE1,.LECIE1-.LSCIE1
.4byte .LLFDE1
.LSFDE1:
.4byte .LSFDE1-__FRAME_BEGIN__
.4byte .LFB1
.4byte .LFE1-.LFB1
.byte 0x4
.4byte .LCFI0-.LFB1
.byte 0xe
.byte 0x8
.byte 0x85
.byte 0x2
.byte 0x4
.4byte .LCFI1-.LCFI0
.byte 0xd
.byte 0x5
.byte 0x4
.4byte .LCFI2-.LCFI1
.byte 0x83
.byte 0x3
.byte 0x4
.4byte .LCFI4-.LCFI2
.byte 0x2e
.byte 0x10
.align 4
.LEFDE1:
.set .LLFDE1,.LEFDE1-.LSFDE1
.ident "GCC: (GNU) 2.96 20000731 (Red Hat Linux
7.0)"
<<<<<<<<<<<<<<<<<
What is interresting to note is that there is very little difference in
the execution of the code, except that the compiler maintains the
management of the classes, and the C++ code has one extra mov
insrutction to retrieve the 'vtable.' In my C excample (for clarity) did
not initialize the structure member pointers, in C++ this is done
automatically for me, and it is done with a table that it loaded at run
time.
So, a C OO implementation is more problematic because it requires more
care.
C++'s implementation will be more efficient with memory because it
shares 'vtables' amongst classes, and if you do a 'vtable' methodology
in "C" then the execution profile will be identical, but the C++
compiler takes all the grunt work out of it.
There is no reason to create an OO environment in C. It has been done in
C++ and it is better than a roll your own system in C. There is no
performance penalty compiling code in C++ instead of C because similar
functions create similar object code. C++ implementations of C++
constructs are as good or better than those you can create (with a great
amount of work) in C.
So my question stands, why the C++ phobia?
--
http://www.mohawksoft.com
------------------------------
From: [EMAIL PROTECTED] (Donovan Rebbechi)
Subject: Re: OT: Could someone explain C++ phobia in Linux?
Date: 16 Nov 2000 13:45:30 GMT
On 16 Nov 2000 10:04:05 +0200, Michael Livshin wrote:
>[EMAIL PROTECTED] (Donovan Rebbechi) writes:
>
>it depends on what you consider the issue. if your issue is "but C++
>is better than C" then sure.
Fair enough. I understand your "issue" now.
Your points about lacking memory management are well taken, and I agree that
there are certainly advantages to using a GC language. However, there are
issues including performance, and toolkit availability. THese are the
main two reasons why I use it. If performance wasn't an issue, I'd move
to python or possibly java at the drop of a hat.
--
Donovan
------------------------------
From: "Ayende Rahien" <[EMAIL PROTECTED]>
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: The Sixth Sense
Date: Thu, 16 Nov 2000 11:56:58 +0200
"Aaron R. Kulkis" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> > Not the one I works with. And Microsoft doesn't black mail Sun users
with
> > non discosure agreements that essentially say: "We'll try harder to fix
this
>
> Really?
>
> Try publishing an "unhappy Microsoft experience" on company letter
> head, and watch how quickly Microsoft has your company in court
> for violating the EULA, which specifically states that the corporation
> MAY NOT publish *anything* disparaging about Microsoft's products...
> EVEN IF IT'S TRUE.
Only place it is on is on the SQL Server EULA, and it's only talking about
benchmarks.
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: RedHat BugList Summary
Date: Thu, 16 Nov 2000 13:36:02 GMT
"LuisMiguel Figueiredo" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> [EMAIL PROTECTED] (Chad Myers) wrote in
> <SGwQ5.4210$[EMAIL PROTECTED]>:
>
> >
> >"Marc Richter" <[EMAIL PROTECTED]> wrote in message
> >news:[EMAIL PROTECTED]...
> >> [ . . ]
> >
> >The only people being naive here are the penguinistas. We have heard
> >the continual mantra that OSS is superior, produces less bugs, if ANY
> >bugs at all, because of all these "reviewers" that constantly review
> >EVERY SINGLE line of code ALL THE TIME.
> >
> >However, we know this to be false and the numbers speak for themselves.
>
> I don't know that...
Well, I'm sorry you're so delusional then. The numbers are plainly obvious.
> >
> > - OSS is superior
> True
Not according to the numbers, or the quality of product they release.
>
> > * Then why are there more bugs in Linux than any other of the
> > closed source projects combined?
>
> Except for win2k...
What? Have you even looked at the numbers? Win2K has like a 3rd or
less of the exploits that Red Hat alone has.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: RedHat BugList Summary
Date: Thu, 16 Nov 2000 13:38:07 GMT
"Marc Richter" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> On Thu, 16 Nov 2000 03:43:45 GMT, Bob Hauck <[EMAIL PROTECTED]> wrote:
> >On Wed, 15 Nov 2000 14:01:22 GMT, Chad Myers
> ><[EMAIL PROTECTED]> wrote:
> >>
> >>"Marc Richter" <[EMAIL PROTECTED]> wrote in message
> >>news:[EMAIL PROTECTED]...
> >
> >>> Hiding and pretending that bugs and exploits don't exist don't make
> >>> them magically go away.
> >>>
> >>> It seems that opponents of Open Source laugh at the number of reported
> >>> bugs and exploits, without realizing that it's only by admitting flaws
> >>> and fixing them that software gets better.
> >
> >And then as usual Chad proceeds to post a response that ignores the
> >substance of the man's argument. I think Chad is one of those people
> >who like to hear themselves talk.
> >
> >
>
> Thanks Bob.
>
> Glad that you clearly understood what I was trying to say...
>
> 1. All software has bugs
> 2. Discovering bugs is good - that means that they get fixed
> 3. Not knowing about or admitting to bugs doesn't make them go away
>
> Chad can't seem to grok this. He seems like a bright enough fellow at
> times, but much like Claire, he seems to be a tad blinded by his
> dislike of Linux.
For the 4,522 time:
I understand all software has bugs, including, and especially OSS,
this is my point.
There were several people in this thread alone that had claimed that
OSS was near infalable and that it produces higher quality software.
And since it is reviewed by armies of developers, the released product
ends up being far superior than any mere closed source product
which is a completely pile of B.S. The numbers clearly show this.
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Thu, 16 Nov 2000 13:41:22 GMT
"Steve Mading" <[EMAIL PROTECTED]> wrote in message
news:8uvut3$fkk$[EMAIL PROTECTED]...
> In comp.os.linux.advocacy Chad Myers <[EMAIL PROTECTED]> wrote:
>
> : "Steve Mading" <[EMAIL PROTECTED]> wrote in message
> : news:8uvast$gmo$[EMAIL PROTECTED]...
> :> In comp.os.linux.advocacy Chad Myers <[EMAIL PROTECTED]> wrote:
> :>
> :> : It's a failing and design flaw of Linux, would you please admit this
> :> : and move on? Linus, Red Hat, and several others have admitted this
> :> : flaw and are fixing it, why can't you?
> :>
> :> I *am* willing to admit that not being able to go bigger than 2GB
> :> is a flaw. I am *not* willing to admit that this flaw has anything
> :> to do with high-end databases, since they use partitions anyway,
>
> : Which ones? Oracle? They say themselves that raw paritions aren't
> : very flexible, difficult to manage, and in fact can limit your
> : fault tolerance and offer only limited performance benefits.
>
> : The majority of DBAs run Oracle with files.
>
> : In fact, the leading contender in the TPC using Oracle is BullFrog
> : (notice Sun used Sybase??)
>
> : The Full Disclosure in PDF format is here:
> : http://www.tpc.org/results/FDR/Tpcc/bull.epc2450.00110701.fdr.pdf
>
> I had a look at that site, and under what definition of "leading"
> is Bull the "leading" contender?
Bull was frequently in the top 3 for quite awhile. It is still
in the Top 10, which is quite a feat. I would, as would many,
conclude that the Top 10 people are the leading contenders in the
OLTP business.
> I didn't see it at the top of any of the various rankings there,
> for any of the various types of TPC benchmark. It did come out fourth
> place in one of them though. I'll give you the benefit of the doubt
> and just assume the benchmarks shifted a bit since you last looked,
> though, since they are rather close.
>
> This mostly doesn't matter anyway, because of the really huge
> glaring error you made next:
>
> : Notice page 132 which is the database file setup scripts including
> : using files for the tablespaces, not raw partitions.
>
> Yup, I just read it. I don't see why you assume it was using
> a file in the filesystem for data, though. As you should already
> know if you are getting into this argument, in Unix systems, one
> typically refers to a partition by specifying its device filename.
> The "alter tablespace _foo_ add datafile _bar_" command that's
> in there can work on both ordinary files and device filenames
> that refer to partitions. Here's an example for how to do it
> on Solaris:
>
> (This is from the bottom of this page:
>
http://www.camden.rutgers.edu/HELP/Documentation/Oracle/server.805/a59708/ch3_op
t.html )
>
> If you want to add the partition to a tablespace in an existing Oracle
> database instead, enter:
>
> $ svrmgrl
>
> SVRMGR> alter tablespace tablespace_name add datafile
> '/dev/rdsk/c0t1d0s6' size 10000K reuse;
>
> (Note the use of "/dev/rdisk/c0t1d0s6", which is a device file
> referring to:
> scsi controller 0, scsi ID 1, lun 0, partition 6.)
>
>
> Those scripts you referred to on page 132 of that PDF file don't
> specify what type of filename was passed in to the function,
> so what you posted reveals absolutely nothing one way or the
> other on this question.
Ok, I stand corrected. Can anyone else, from those lists decipher
whether or not they were using partitions or dbf files?
-Chad
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Linux 2.4 mired in delays as Compaq warns of lack of momentum
Date: Thu, 16 Nov 2000 13:44:11 GMT
"Ketil Z Malde" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> "Ayende Rahien" <[EMAIL PROTECTED]> writes:
>
> > "Chad Myers" <[EMAIL PROTECTED]> wrote in message
> > news:RUwQ5.4392$[EMAIL PROTECTED]...
>
> >> "Ketil Z Malde" <[EMAIL PROTECTED]> wrote in message
>
> >>> You realize, of course, that for a four processor Dell, currently
> >>> Linux beats NT on SPECWEB99 almost by a factor of three.
>
> >> With the web server running in the kernel. That's no victory.
>
> Why not?
Because no one, in their right mind, would use the web server in the
kernel except for "cheating" on benchmarks.
> It's basically the same as IIS using NT's Sendfile.
WTH are you talking about?
> > I think they are talking about Tux, and I may be mistaken, but I do believe
> > that Tux is only capable of handling static pages. Not very useful
> > today.
>
> Why not?
Because almost everyone uses dynamic content. Well, at least most, if not all,
sites that count (e.g. not the hamster dance page)
> Most content is still static.
In business or personal? In business, you are completely wrong.
> Tux is perfectly able to pass on dynamic requests to another layer (e.g.
Apache)
Which would slow the whole works down considerably and move the linux figures
to the bottom.
-Chad
------------------------------
From: "Sam Morris" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.nt.advocacy,comp.os.ms-windows.advocacy,comp.sys.mac.advocacy,comp.os.os2.advocacy,comp.unix.advocacy
Subject: Re: A Microsoft exodus!
Date: Thu, 16 Nov 2000 14:09:07 -0000
Works fine for me on Win95 and 98. For Christ's sake, the HELP command has
been around since (AT LEAST) DOS 6! IF (and it's a biiiiig if) you *really*
get a Bad Command or Filename error when you run Help then you must have
done something to move or delete it.
--
Cheers,
Sam
_o/
>\
------------------------------
From: "Sam Morris" <[EMAIL PROTECTED]>
Crossposted-To:
comp.os.ms-windows.nt.advocacy,comp.os.ms-windows.advocacy,comp.sys.mac.advocacy,comp.os.os2.advocacy,comp.unix.advocacy
Subject: Re: A Microsoft exodus!
Date: Thu, 16 Nov 2000 14:11:23 -0000
> Funny thing. On my IBM windows 95 system a new window pops up titled
> C:\Windows\help full of icons accompanied by names like CMDLG95.cnt and
> so forth (150 objects 13.5 MB).
That is odd. Typing the name of a directory at the command prompt shouldn't
start a new Explorer window pointing at that location. Instead you should
see Bad Command or Filename. For some reason your machine is opening the
Help folder in your system folder. Bizarre.
> --
> Russ Lyttle, PE
> <http://www.flash.net/~lyttlec>
> Not Powered by ActiveX
--
Cheers,
Sam
_o/
>\
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To:
alt.destroy.microsoft,comp.os.ms-windows.advocacy,comp.os.ms-windows.nt.advocacy
Subject: Re: The Sixth Sense
Date: Thu, 16 Nov 2000 13:54:40 GMT
"Giuliano Colla" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]...
> Chad Myers wrote:
> >
> > "Giuliano Colla" <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]...
> > > Christopher Smith wrote:
>
> > > [snip]
>
> > > Easy example. I put in an html page (or html e-mail) a link. Visible
> > > string tells anything reasonable such as www.microsoft.com, or
> > > Photograph, etc. Underlying link (which you don't see) contains:
> > > "C:\WINDOWS\rundll.exe User,ExitWindows". This, with crappy MS software
> > > (OS+IE or OS+OE) will shut down your computer even if you have disabled
> > > ActiveX, VB, and Javascript.
> > > Technically is a trojan, but anybody can be fooled and no other OS (IE
> > > is now part of the OS, they say!) in the world, however bad, is
> > > vulnerable to such a simple trick.
> >
> > You can't shut down the system in Linux? What? You can as root, but
> > not a user?
> >
> > Same way in NT, so this argument is really irrelevant.
>
> I'm afraid you failed to grasp what my example shows.
>
> It's not related only to shutdown, it is just an example.
Ok, well, let's get specific here...
1.) the ExitWindows wouldn't work, necessarily, because the running
process would have to modify it's process-level token to allow itself
the SE_SHUTDOWN privilege, if it was so granted from the NT OS, BEFORE
calling this function. Unfortunately, the AdjustToken call requires
a special data structure which means you couldn't callit from rundll32.
(By default, even though a process CAN have that privilege if the Admin
had granted that user such, the processes DON'T have them enabled, but
you can use a function called AdjustToken to add that privilege to your
token)
2.) There is, however, a similar function in shell32.dll, but it only pops
open the Shutdown window (similar to when you go to Start->Shutdown), but
doesn't actually shut down the machine.
> What I've shown is that it is possible, by clicking an
> apparently innocent link, to have your computer to perform
> ANY operation that you could type on the ->Start->Run box,
> with you being completely unaware of that.
> A malicious e-mail, a malicious site, or, much more
> commonly, a buggy e-mail or a buggy site may produce any
> destructive result, without you being able to tell until
> it's too late.
3.) You can't call a shell without some type of script. Granted, you could send
someone a .VBS file with that command in it, or a .BAT file, but in either
case, it's not as simple as "by clicking an apparently innocent link".
When you click on it, it will warn you that the file may be damaging and
asks you whether or not you wish to save it to disk (default) or run it.
If you run it, then it could call a shell command. But again, that shell
command would only have the permissions of the caller, so damage would
be negligible if any in a proper environment.
> Well, this problem result from the MS inability to tell
> apart "open a document with an application" from "run an
> application". And this is an MS-ONLY issue. No other OS is
> so crappy. No other Browser or e-mail client is so crappy.
> The feature is common on Desktop environment, and it is
> handy. But it must be (as it is on any other OS's) limited
> to desktop, it can't be a system wide feature.
So uninstall WSH, it's not that hard, really. Many environments do this,
as a matter of fact.
Also, many admins will leave WSH installed, but remove or rename
WScript.exe and CScript.exe to cripple it. If they need to run a script,
they rename it or copy it back, run the script, then cripple it again.
> > In an enterprise environment, the workstations would/should be locked
> > down in such a way that viruses become irrelevant.
>
> When the browser can't tell apart url addresses from
> executables on your box, it's not a trivial task.
> The only way is to rule out MS crapware. No other way out.
>
> >
> > Email viruses are easily defeated with rules and virus scanning software.
> >
>
> What will be your rule when a link appears just to be
> "report.doc" coming from a trusted site? (and it was
> intended to be, but the guy pasted the wrong thing, maybe
> the last command he typed on ->Start->Run?)
You can't paste a command like Start->run, I don't know what you're
talking about, and I don't think you do either.
> According a recent survey from the American Society for
> Information security roughly 75% of security breaches comes
> out of "casual errors" (i.e. bugs or unexpected operations).
> As MS accounts for 90% of installed stations, you may easily
> draw your conclusions.
That many sysadmins are not doing their job and securing their
machines.
-Chad
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
