If you forget about the security focus that only started when Theo de Raadt got pwned by N3tBSD h4xx0rz, it is one of the best OS experiences the interwebs has to offer.
It has gotten a lot friendlier than it used to be too. It used to be that you had to build your own -CURRENT every week if you wanted to have something akin to an update.
Nowadays, you can run a binary update every six months and you even get binary patches for the errata in the interim. And if you need to patch your kernel you can grab it from GitHub.
I had a small board from 10 years ago I wanted to turn into a VPN and I just had to boot it, connect the serial adapter, download a new bsd.rd, and it was fresh and ready to go again.
It's sad that they had to let VAX and other legacy platforms go with the switch to clang, but, if some hardware has ever worked in OpenBSD, it is likely to keep working decades from now.
I'm willing to write a C compiler that detects all undefined behavior but instead of doing something sane like reporting it or disallowing it just adds the code to open a telnet shell with root privileges.
Can't wait to see the benchmarks.
I was thinking more along the lines of detectable instances with compiler introducing "optimizations", but as a C "programmer" I do not mind bounds checks and any other runtime improvements that stay true to the language.
If it's implementation-defined that you can turn them off when you're building for the PDP11, I'm sold.
Compilers already warn when they detect _unconditional_ undefined behavior. They just don't warn on _conditional_ undefined behavior because doing so would introduce far too many warnings.
Exploiting undefined behavior for optimization only requires local analysis, detecting whether that undefined behavior arises (either unconditionally or at all) requires global analysis. To put it differentially: The compiler often simply doesn't know whether the undefined behavior arises, it only knows that the optimization it introduces is valid anyway.
How?
It might expedite intel gathering and psychological warfare to an extent but let's not pretend China doesn't have agents inside of all of the "friendly" platforms already.
Because China can control what gets recommended to TikTok viewers and actively brainwash them. Even if it does not work on all people that's enough to be a security concern.
That the language includes a package manager that fetches an assortment of libraries from who knows whom on demand doesn't exactly inspire confidence in the process to me. Alice's secure AES implementation might bring Eve's string padding function along for the ride.
Rust(TM) the language might be (memory) safe in theory but I have serious issues (t)rusting (t)rust and anything built with it.
Was just reading about this one the other day.
Well-defined behavior and it actually solves a problem.
Conceptually, I can't say it is worse than variadic functions or setjmp.
It has gotten a lot friendlier than it used to be too. It used to be that you had to build your own -CURRENT every week if you wanted to have something akin to an update.
Nowadays, you can run a binary update every six months and you even get binary patches for the errata in the interim. And if you need to patch your kernel you can grab it from GitHub.
I had a small board from 10 years ago I wanted to turn into a VPN and I just had to boot it, connect the serial adapter, download a new bsd.rd, and it was fresh and ready to go again.
It's sad that they had to let VAX and other legacy platforms go with the switch to clang, but, if some hardware has ever worked in OpenBSD, it is likely to keep working decades from now.
Sent from my OpenBSD M2 MacBook.