Announcement

**davidbepo** · 06 November 2017, 07:28 PM

Originally posted by tildearrow

Dang it. Does this mean no DC for Linux 4.15? (I'm not sad at all since I consider bugs)

why would this affect dc? those are "bugs" in already landed code

**Masush5** · 06 November 2017, 08:28 PM

Originally posted by davidbepo View Post

why would this affect dc? those are "bugs" in already landed code

No, there are a bunch in */display/dc/* as far as i can tell.

**Happy Heyoka** · 06 November 2017, 10:56 PM

Given the number of lines of code involved, 108 _possible_ errors is not so bad; but it'd be a pain for us out here in TV land if their code was kept out of the mainline for another cycle because of it.

AMD could even turn this into a positive by demonstrating a monster multi Ryzen build machine doing kernel compiles and static analysis runs side by side between keystrokes or something

**smitty3268** · 06 November 2017, 11:25 PM

This seems like a non-issue. Things like overflow checks are typically pretty easy to add in once you find where they need to go, you just have to find someone motivated to do it. I bet somebody could fix all these in a day if they want to.

**RealNC** · 06 November 2017, 11:33 PM

If it weren't for WebGL, I'd shrug this off with a "meh."

But now that websites could potentially "root" your machine through the GPU driver using WebGL... Eh, not so "meh" anymore.

**Guest** · 07 November 2017, 01:03 AM

Originally posted by smitty3268 View Post

This seems like a non-issue. Things like overflow checks are typically pretty easy to add in once you find where they need to go, you just have to find someone motivated to do it. I bet somebody could fix all these in a day if they want to.

Uh huh - Heartbleed was pretty much an overflow bug - didn't check the actual length of the data that was sent - that simple bug sure caused a big ruckus.

**smitty3268** · 07 November 2017, 02:38 AM

Originally posted by sandy8925 View Post

Uh huh - Heartbleed was pretty much an overflow bug - didn't check the actual length of the data that was sent - that simple bug sure caused a big ruckus.

Right, because no one knew it was there. I'm guessing it didn't take very many LOCs to fix it once it was found.

**cl333r** · 07 November 2017, 04:33 AM

Originally posted by smitty3268 View Post

This seems like a non-issue. Things like overflow checks are typically pretty easy to add in once you find where they need to go, you just have to find someone motivated to do it. I bet somebody could fix all these in a day if they want to.

Not trolling, would Rust protect against these types of overflow?

**hjahre** · 07 November 2017, 05:12 AM

Originally posted by smitty3268 View Post

This seems like a non-issue. Things like overflow checks are typically pretty easy to add in once you find where they need to go, you just have to find someone motivated to do it. I bet somebody could fix all these in a day if they want to.

It is best to fix these trivial bugs when the code is written in the first place. It is much harder to fix a bug that occur in production code, than during development. The cost of debugging is not trivial.

Of course, there are more non-trivial bugs that's let through to production, but trivial bugs should always be fixed when encountered. The root of an non-trivial bug can easily be several "trivial" bugs that should have been squashed when coding.

Defect Prevention: Reducing Costs and Enhancing Quality

https://www.isixsigma.com/industries/software-it/defect-prevention-reducing-costs-and-enhancing-quality/

Defect prevention in software development involves a structured problem-solving methodology to identify, analyze and prevent the occurrence of defects. This article outlines the five general activities of a defect prevention methodology.

Announcement

Oracle Linux Security Developer To AMD: "Smatch" Your Driver

Oracle Linux Security Developer To AMD: "Smatch" Your Driver

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment