Archiveopteryx git head crashes a bit. Not every day, but some people
reports that it crashes every week or month, at random times. Clearly
there is a bug. Abhijit and I
have discussed it and found a way to contain it, and I've written the code.
But I haven't found a way to push the fix to the master tree. I seem
unable to commit and push that code. My soul wants to find the bug and fix
it, not contain it.
Meanwhile, I had an appointment with the dentist this morning.
In the waiting room I read a
fascinating blog post about a Chromium exploit. Sergey Glazunov,
clearly an admirably clever hacker, stitched together fourteen bugs,
quirks and missed hardening opportunities
to form a critical exploit.
The bugtracking information for one of the bugs
shows that it was reported, discussed for a few days, then it was idle until
Sergey leveraged it, and then it was fixed.
Chromium is a nice browser, and I appreciate the hardening and exploit
resistance the team has added. I particularly appreciate the team's
honesty: They run their pwnium contests and are frank about the results.
But now I am even less happy about making fault tolerant code. I feel
that it may be mentally difficult to make a program tolerate faults and at
the same time make a programmer not tolerate faults.