OpenBSD Journal

Anatomy of a bug.

Contributed by grey on from the biking and bug squashing dept.

Henning Brauer posted a really good read on some recent bug hunting experiences for bgpd(8) and ntpd(8) to tech@. It's rare to see such a nice exposition on this sort of experience.

You can read the complete story here.

(Comments are closed)


Comments
  1. By Anonymous Coward (24.34.57.27) on

    List: openbsd-tech
    Subject: Re: Anatomy of a bug
    From: br1an <brian () ethernet ! org>
    Date: 2004-09-10 11:28:02
    Message-ID: <Pine.GSO.4.58.0409100725580.4267 () fatboy ! ethernet ! org>
    [Download message RAW]

    so basically what you're saying is that we have some fuck who can't
    code for shit - proven across two daemons you wrote - commiting code
    both to the userland and kernel of an OS we all rely on for various
    missions?

    great... thanks for keeping us posted.

    -b.

    Comments
    1. By Anonymous Coward (213.119.133.115) on

      Well, it's posted by the same Brad who wrote the latest version of the Stephanie patchset, so I assume he does know some shit... Nevertheless, nobody codes fault-free, and as they say practices makes perfect :)
      Keep up the good work Henning.

      Comments
      1. By Anonymous Coward (82.182.103.172) on

        If he is such a great programmer, why does he have the following on his Stephanie site :

        The code went under tremendous efforts to be efficient and secure. If you get crashes, panics, hangs, or anything else that you think you shouldn't, after making sure it's only reproducable on GENERIC kernels patched with Stephanie, mail me. Don't mail OpenBSD related mailing lists -- they have enough bugs to deal with as it is. ;)

        Why does the word "jerk" pop into my mind?

        /SH

      2. By djm@ (203.217.30.86) on

        He is not so good himself, I found a security bug that he introduces into ld.so in the first few lines of his patch :)

        Comments
        1. By Miod Vallat (212.234.41.17) miod@ on

          This does not really matter, since the patch applies to the a.out ld.so, which is not used on i386 since 3.4...

      3. By Anonymous Coward (69.197.92.181) on

        If the stephanie patches were good, wouldn't they have been included in openbsd by now? There's no license problem. Is the code bad, or does openbsd just not want any of these features?

    2. By Anonymous Coward (195.217.242.33) on

      no prgrammer writes bug free code ok ... maybe Seymore Cray

      Comments
      1. By Miod Vallat (212.234.41.17) miod@ on

        ... and Donald Knuth.

        Comments
        1. By Otto Moerbeek (82.197.192.49) otto@drijf.net on http://www.drijf.net

          Don Knuth does create bugs. A big chapter of his book "Literate Programming" is dedictated to the bugs he encountered while implementing TeX.

          Nice to know: the whole of TeX was written out on paper in Pascal before he even typed a single line on a terminal.

      2. By Anonymous Coward (69.197.92.181) on

        I didn't say anyone did write bug free code. I asked why its not part of openbsd. Is it because the code is crap, or because openbsd doesn't want any of these features?

  2. By Anonymous Coward (80.58.34.107) on

    God work,

    Comments
    1. By Mark Patterson (210.49.99.38) on

      Brian's abusive reply is not in the same generous spirit in which Henning offered the story of his bug. OSS programmers should be encouraged to be "open" about their mistakes, as well as their polished code. Image how much worse it would be if there were a need to hide that sort of thing? Discovering my own bugs serves as a wake up call to myself be more careful. So can reading about other people's bugs.

      But this does show that maybe the exclusive use of pure non-OO C is part of the problem. This is the sort of thing that OO design encourages you to encapsulate from the outset, the typical Add and Remove methods that I have used a number of times.

      Comments
      1. By Anonymous Coward (195.217.242.33) on

        OO is no silver bullet

      2. By Anonymous Coward (143.166.226.16) on

        Oh, please. OO is good for almost nothing. It is widely abused for what it was not meant.

        Comments
        1. By SH (82.182.103.172) on

          Oh, please. OO is good for almost nothing. It is widely abused for what it was not meant.

          That OO is used in situations where it's ill suited are well known, except for those that should know. But to claim that OO is good for almost nothing is pure ignorant drivel.

          /SH

    2. By Johan M:son Lindman (62.119.71.148) on

      I would certainly not attribute this bug fixing to god, it very much
      looks like a dedicated effort by Henning, Claudio et al.

      Comments
      1. By Craig (194.72.54.134) on

        I assumed he meant "Good work" but I could be wrong...

      2. By Anonymous Coward (217.215.66.75) on

        Reminds me of the old t-shirt text

        root, god, what's the difference..

  3. By chas (147.154.235.53) on

    This bug is fixed in the openntpd-20040824.tar.gz download from openntpd.org, correct?

    I don't like to mess with this CVS stuff.

    Comments
    1. By Otto Moerbeek (213.84.84.111) otto@drijf.net on http://www.drijf.net

      No, that archive is dated from before the time the bug was discovered. I'm sure an updated archive will appear soon.

      Comments
      1. By henning (199.185.136.137) henning@openbsd on

        yayayaya new tarball soon...

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]