Malloc broke Serenity's JPGLoader, or: how to win the lottery

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
programming-language operating-system Language C++ Go

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • serenity

    The Serenity Operating System 🐞

    • > the author entered them backwards

    You're mistaken.

    The author originally suspected - or hypothesized - that was possibly the bug, but the actual cause detailed in the post ended up being different (nondeterministic hashmap iteration over components) and the final patch does not include the initially proposed "fix" of swapping the red and blue components as was shown towards the very top of the article. The original order was correct. Swapping red/blue would've just been canceling out one bug with an other.

    https://github.com/SerenityOS/serenity/commit/a10ad24c760bfe...

    > The type system can prevent this flaw.

    The type system can add some roadbumps to encourage centralizing the conversion of "untyped" disk bytes to typed r/g/b components or a typed color component, but that conversion must still occur somewhere, and it can be written backwards at that somewhere, and one of those somewheres will be inside JPGLoader.cpp. That's the fundamental job of a JPEG loader - conversion of an untyped byte stream into useful types for the rest of the program to use. Additional use of the type system might limit where within JPGLoader.cpp such a component swapping flaw might be likely, but it's never going to prevent it for all of JPGLoader.cpp.

    The existence of the Color type already makes such a flaw fairly unlikely outside of JPGLoader.cpp and similar conversion points. That's sufficient use of the type system. More within JPGLoader.cpp, while possible, would be overkill based on my own experience with color conversion and swapped component bugs. Hell, to play devil's adovcate, further use of the type system could cause such flaws! The extra code is likely to cause additional reviewer fatigue in code reviews. Reviewer fatigue causes inattention. Inattention causes the reviewer to miss swapped or nondeterministics components. Perhaps such inattention caused this bug!

    I would be in favor of replacing:

        const Color color { (u8)block.y[pixel_index], (u8)block.cb[pixel_index], (u8)block.cr[pixel_index] };

  • go

    The Go programming language

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Creating a personal AI assistant a.k.a An approachable series on learning new stuff!

    1 project | dev.to | 10 May 2024

  • Arena-Based Parsers

    4 projects | news.ycombinator.com | 8 May 2024

  • Go: the future encoding/json/v2 module

    2 projects | dev.to | 2 May 2024

  • Evolving the Go Standard Library with math/rand/v2

    2 projects | news.ycombinator.com | 1 May 2024

  • Microsoft Maintains Go Fork for FIPS 140-2 Support

    5 projects | news.ycombinator.com | 30 Apr 2024