X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C8061B.771900F2@onstor-exch02.onstor.net>; Wed, 3 Oct 2007 16:14:01 -0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----_=_NextPart_001_01C8061B.771900F2"
Content-class: urn:content-classes:message
Subject: RE: coverity changes in open source code
Date: Wed, 3 Oct 2007 16:13:57 -0800
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E05DD6F7C@onstor-exch02.onstor.net>
In-Reply-To: <BB375AF679D4A34E9CA8DFA650E2B04E05DD6F58@onstor-exch02.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: coverity changes in open source code
Thread-Index: Acf6Kg0WTRm6hD3bQMelawNgxLWEPwKX67+AAGRrFWA=
References: <BB375AF679D4A34E9CA8DFA650E2B04E059638DD@onstor-exch02.onstor.net> <BB375AF679D4A34E9CA8DFA650E2B04E05DD6F58@onstor-exch02.onstor.net>
From: "Jonathan Goldick" <jonathan.goldick@onstor.com>
To: "Brian DeForest" <brian.deforest@onstor.com>,
	"Maxim Kozlovsky" <maxim.kozlovsky@onstor.com>,
	"Larry Scheer" <larry.scheer@onstor.com>,
	"Andy Sharp" <andy.sharp@onstor.com>,
	"Tim Gardner" <tim.gardner@onstor.com>,
	"Ron Bhanukitsiri" <ronb@onstor.com>,
	"Rendell Fong" <rendell.fong@onstor.com>

This is a multi-part message in MIME format.

------_=_NextPart_001_01C8061B.771900F2
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

I agree with Max

> _____________________________________________=20
> From: 	Brian DeForest =20
> Sent:	Wednesday, October 03, 2007 4:47 PM
> To:	Maxim Kozlovsky; Larry Scheer; Andy Sharp; Tim Gardner; Ron
> Bhanukitsiri; Rendell Fong; Jonathan Goldick
> Subject:	RE: coverity changes in open source code
>=20
> We should get closure on whether or not to fix ACTUAL open source bugs
> detected by Coverity, and if so, how to fix them (create a patch?).
> See Max's feedback below.=20
>=20
> On the one hand, we can have HCL potentially fix existing defects in
> open source code.  On the other hand, this causes the open source code
> to further diverge from the original, making future merges more
> difficult, and the same bugs may already be fixed in later rev's of
> the open source. =20
>=20
> We could also defer all open source changes and focus exclusively on
> NFX Coverity fixes initially.
>=20
> Note the HCL leads (Jeyaram and Sudharsan) are in Campbell this week,
> if we need/want to include them in the discussion.    Otherwise, I'll
> relay the decision to them.
>=20
> Let me know your thoughts and preferences.   If it makes sense to meet
> and discuss, we can do that too.
>=20
>=20
> _____________________________________________=20
> From: 	Maxim Kozlovsky =20
> Sent:	Tuesday, September 18, 2007 12:28 PM
> To:	dl-Software
> Subject:	coverity changes in open source code
>=20
> Looking at more coverity changes:
>=20
> We have done a bunch of changes in the open source code like samba and
> sshd to fix coverity warnings. The changes were done under #ifdef NFX,
> like this:
>=20
> =3D=3D=3D=3D //depot/dev/nfx-tree/code/ssc-sshd-kb5/misc.c#2 (text) =
=3D=3D=3D=3D
>=20
> ***************
> *** 268,275 ****
> --- 268,277 ----
>                         return -1;
>                 }
>                 total +=3D secs;
> +         #ifndef NFX
>                 if (total < 0)
>                         return -1;
> +         #endif
>                 p =3D endp;
>         }
>  =20
> It seems to me that this work is completely useless and only creates
> problems for merges when future releases of the open source code will
> be available.=20
>=20
> What should be done instead:
>=20
> 1)	If there is a real problem, submit a patch and make the fix
> without #ifdef NFX=20
> 2)	If there is no real problem and we just want to make coverity
> happy, mark the defect in the database and don't do any code changes.
>=20
> If somebody has a different opinion, please speak up.=20
>=20
>=20
>=20

------_=_NextPart_001_01C8061B.771900F2
Content-Type: text/html;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7652.24">
<TITLE>RE: coverity changes in open source code</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">I agree with =
Max</FONT>
</P>

<P><FONT SIZE=3D1 =
FACE=3D"Tahoma">_____________________________________________ </FONT>

<BR><B><FONT SIZE=3D1 FACE=3D"Tahoma">From: &nbsp;</FONT></B> <FONT =
SIZE=3D1 FACE=3D"Tahoma">Brian DeForest&nbsp; </FONT>

<BR><B><FONT SIZE=3D1 FACE=3D"Tahoma">Sent:&nbsp;&nbsp;</FONT></B> <FONT =
SIZE=3D1 FACE=3D"Tahoma">Wednesday, October 03, 2007 4:47 PM</FONT>

<BR><B><FONT SIZE=3D1 =
FACE=3D"Tahoma">To:&nbsp;&nbsp;&nbsp;&nbsp;</FONT></B> <FONT SIZE=3D1 =
FACE=3D"Tahoma">Maxim Kozlovsky; Larry Scheer; Andy Sharp; Tim Gardner; =
Ron Bhanukitsiri; Rendell Fong; Jonathan Goldick</FONT>

<BR><B><FONT SIZE=3D1 =
FACE=3D"Tahoma">Subject:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</FONT>=
</B> <FONT SIZE=3D1 FACE=3D"Tahoma">RE: coverity changes in open source =
code</FONT>
</P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">We should get closure =
on whether or not to fix ACTUAL open source bugs detected by Coverity, =
and if so, how to fix them (create a patch?).&nbsp;&nbsp; See Max's =
feedback below. </FONT></P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">On the one hand, we =
can have HCL potentially fix existing defects in open source code.&nbsp; =
On the other hand, this causes the open source code to further diverge =
from the original, making future merges more difficult, and the same =
bugs may already be fixed in later rev's of the open source.&nbsp; =
</FONT></P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">We could also defer =
all open source changes and focus exclusively on NFX Coverity fixes =
initially.</FONT>
</P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Note the HCL leads =
(Jeyaram and Sudharsan) are in Campbell this week, if we need/want to =
include them in the discussion.&nbsp;&nbsp;&nbsp; Otherwise, I'll relay =
the decision to them.</FONT></P>

<P><FONT COLOR=3D"#0000FF" SIZE=3D2 FACE=3D"Arial">Let me know your =
thoughts and preferences.&nbsp;&nbsp; If it makes sense to meet and =
discuss, we can do that too.</FONT>
</P>
<BR>

<P><FONT SIZE=3D1 =
FACE=3D"Tahoma">_____________________________________________ </FONT>

<BR><B><FONT SIZE=3D1 FACE=3D"Tahoma">From: &nbsp;</FONT></B> <FONT =
SIZE=3D1 FACE=3D"Tahoma">Maxim Kozlovsky&nbsp; </FONT>

<BR><B><FONT SIZE=3D1 FACE=3D"Tahoma">Sent:&nbsp;&nbsp;</FONT></B> <FONT =
SIZE=3D1 FACE=3D"Tahoma">Tuesday, September 18, 2007 12:28 PM</FONT>

<BR><B><FONT SIZE=3D1 =
FACE=3D"Tahoma">To:&nbsp;&nbsp;&nbsp;&nbsp;</FONT></B> <FONT SIZE=3D1 =
FACE=3D"Tahoma">dl-Software</FONT>

<BR><B><FONT SIZE=3D1 =
FACE=3D"Tahoma">Subject:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</FONT>=
</B> <FONT SIZE=3D1 FACE=3D"Tahoma">coverity changes in open source =
code</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">Looking at more coverity =
changes:</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">We have done a bunch of changes in the =
open source code like samba and sshd to fix coverity warnings. The =
changes were done under #ifdef NFX, like this:</FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">=3D=3D=3D=3D =
//depot/dev/nfx-tree/code/ssc-sshd-kb5/misc.c#2 (text) =
=3D=3D=3D=3D</FONT>
</P>

<P><FONT SIZE=3D2 FACE=3D"Arial">***************</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">*** 268,275 ****</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">--- 268,277 ----</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp; return -1;</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; total +=3D secs;</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #ifndef =
NFX</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (total &lt; 0)</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp; return -1;</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
#endif</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; p =3D endp;</FONT>

<BR><FONT SIZE=3D2 =
FACE=3D"Arial">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }</FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">&nbsp; </FONT>

<BR><FONT SIZE=3D2 FACE=3D"Arial">It seems to me that this work is =
completely useless and only creates problems for merges when future =
releases of the open source code will be available. </FONT></P>

<P><FONT SIZE=3D2 FACE=3D"Arial">What should be done instead:</FONT>
</P>
<UL>
<OL TYPE=3D1>
<LI><FONT SIZE=3D2 FACE=3D"Arial">If there is a real problem, submit a =
patch and make the fix without #ifdef NFX </FONT></LI>

<LI><FONT SIZE=3D2 FACE=3D"Arial">If there is no real problem and we =
just want to make coverity happy, mark the defect in the database and =
don&#8217;t do any code changes.</FONT></LI>
<BR>
</OL></UL>
<P><FONT SIZE=3D2 FACE=3D"Arial">If somebody has a different opinion, =
please speak up. </FONT>
</P>
<BR>
<BR>

</BODY>
</HTML>
------_=_NextPart_001_01C8061B.771900F2--
