Cohen: gccrs: An alternative compiler for Rust
Arthur Cohen has posted a detailed introduction to the
gccrs project on the Rust Blog, seemingly with the goal of convincing the Rust
community about the value of the project.
Likewise, many GCC plugins
are used for increasing the safety of critical projects such as the Linux
kernel, which has recently gained support for the Rust programming language.
This makes gccrs a useful tool for analyzing unsafe Rust code, and
more generally Rust code which has to interact with existing C code. We also
want gccrs to be a useful tool for rustc itself by helping pan out the
Rust specification effort with a unique viewpoint - that of a tool trying to
replicate another's functionality, oftentimes through careful
experimentation and source reading where the existing documentation did not
go into enough detail.
(LWN last looked at gccrs in October).
Security updates for Friday
Security updates have been issued by AlmaLinux (edk2),
Debian (webkit2gtk), Fedora (thunderbird), Oracle (bzip2, container-tools:ol8,
edk2, go-toolset:ol8, libtiff, python-idna, python3.11, and python3.12),
Slackware (expat), and SUSE (apache2, govulncheck-vulndb, grub2,
java-1_8_0-openjdk, python3, python39, qemu, xorg-x11-server, and
xwayland).
[$] The trouble with struct sockaddr's fake flexible array
Flexible arrays — arrays that are declared as the final
member of a structure and which have a size determined at run time — have long
drawn the attention of developers seeking to harden the kernel against buffer-
overflow vulnerabilities. These arrays have reliably been a source of bugs, so
anything that can be done to ensure that operations on them stay within bounds
is a welcome improvement. While many improvements, including the recent
counted-by work, have been made, one of the most difficult cases remains. Now,
however, developers who are interested in using recent compiler bounds-checking
features are trying to get a handle on struct sockaddr.
Security updates for Thursday
Security updates have been issued by AlmaLinux (bcc,
bpftrace, bzip2, container-tools:rhel8, grafana-pcp, haproxy, kernel, kernel-rt,
krb5, libtiff, python-gevent, python3.11, python3.11-urllib3, python3.12,
python3.12-urllib3, xmlrpc-c, and xorg-x11-server and xorg-x11-server-Xwayland),
Debian (puma and pypy3), Fedora (firefox), Gentoo (libgit2), Mageia
(libarchive), SUSE (ghostscript, go1.22-openssl, go1.23-openssl, htmldoc, kmail-
account-wizard, libarchive, libgsf, libmozjs-128-0, openssl-3, python-
jupyterlab, python-mysql-connector-python, python36, and ruby2.1), and Ubuntu
(cinder, linux-aws, linux-aws-6.8, linux-oracle, linux-oracle-6.8, linux-aws,
linux-azure-5.4, linux-kvm, linux-oracle, linux-xilinx-zynqmp, and linux-nvidia,
linux-nvidia-6.8, linux-nvidia-lowlatency).
[$] LWN.net Weekly Edition for November 7, 2024
The LWN.net Weekly Edition for November 7, 2024 is
available.