IRC logs for #trustable for Friday, 2018-09-21

*** traveltissues has quit IRC01:13
*** iker has joined #trustable07:09
*** toscalix has joined #trustable08:02
*** paulwaters_ has joined #trustable08:09
*** paulwaters_ has quit IRC08:15
*** paulwaters_ has joined #trustable08:21
*** Shaun has joined #trustable09:06
*** paulwaters_ has quit IRC09:19
*** ikerperez has joined #trustable09:26
*** ikerperez has joined #trustable09:28
*** paulwaters_ has joined #trustable09:33
*** ikerperez has joined #trustable09:36
*** ikerperez has quit IRC09:38
*** ikerperez has joined #trustable09:39
*** iker has quit IRC09:39
flatmushSTANDUP! Order: flatmush, Shaun, ikerperez, ctgriffiths09:50
flatmush## Ben Brewer (flatmush)09:50
flatmush* Done09:50
flatmush  - Build latest SYSLINUX from git.09:50
flatmush  - Got minimal distro building with freedesktop-sdk junctions.09:50
flatmush  - Safety workshop09:50
flatmush* Doing09:50
flatmush  - Now I've realised that the minimal-vm distro in freedesktop-sdk is also baserock based, we're figuring out where to make the split between freedesktop and minimal distro.09:50
flatmush  - Continue to move freedesktop-sdk sources to git where possible.09:50
flatmush  - Port SYSLINUX work to freedesktop-sdk09:50
flatmush## Shaun Mooney (Shaun)09:50
Shaun* Done09:50
Shaun  - Project catchup09:50
Shaun  - AV STPA losses and hazards09:50
Shaun* Doing09:50
Shaun  - STPA Reading09:50
Shaun    - Re-reading handbook in more detail09:50
Shaun  - Working through primer09:50
Shaun* Next09:50
Shaun  - AV STPA responsibilites and control actions09:50
Shaun* Issues09:50
Shaun  - None09:50
Shaun## Iker Perez ( ikerperez )09:50
ikerperez* Done09:51
ikerperez   - Find a way to report the maximun latency in test-minimal-system script09:51
ikerperez* Doing09:51
ikerperez    - Change the way in which fredesktop elements are installed09:51
ikerperez      - Change parted from tar to git09:51
ikerperez# Craig Griffiths ( ctgriffiths )09:51
ctgriffiths  * Done09:51
ctgriffiths    - Try alternatives to SYS-LIINUX as there are problems building it09:51
ctgriffiths      - systemd-boot requires systemd so we dropped that idea.09:51
ctgriffiths      - flatmush managed to fix the SYS-LINUX build.09:51
ctgriffiths  * Doing09:51
ctgriffiths    - Working on using junctions and minimal-systemd-vm-image-x86_64.bst09:51
ctgriffiths      from freedesktopsdk for the trustable minimal distribution.09:51
ctgriffiths    - Read up on STAMP and previous #trustable discussions.09:51
ctgriffiths## Discussion09:51
Shaun_o_09:51
ctgriffiths_o_09:51
paulwaters__o_09:52
ikerperez_O_09:52
flatmushGood aeroplane impressions everyone!09:52
flatmushSTANDUP ENDS!09:52
paulsherwoodelsewhere someone mentioned https://ssvlab.github.io09:52
paulsherwoodwould this be potentially useful as a test approach?09:53
paulsherwoodhttps://github.com/ssvlab/esbmc09:53
paulsherwoodseems to be a fork of https://github.com/esbmc/esbmc not sure what the differences are09:54
flatmushhaving a look now09:56
flatmushDoes anyone have any experience running this? I've run it against a C program and it's spending literally minutes checking a single loop. I suspect we couldn't afford the hardware required to run this over buildstream.10:01
paulsherwoodflatmush: interestingly, affordability is never accepted as a justification for failing to address safety... so if this is worthwhile, we might need to find the money :)10:05
flatmushFor building linux I think any static code analysis is going to find a large number of issues, I know this because just switching to gcc-8 has caused detectable issues10:05
flatmushwhat do we do when we find out we rely on programs that have literally thousands of static code analysis issues?10:06
paulsherwoodstart chipping away at them?10:06
paulsherwoodie offer fixes upstream10:06
flatmushpaulsherwood: The solver is still running over that same single loop10:06
paulsherwoodsounds like a bug10:06
paulsherwoodmaybe a problem in the setup of the solver?10:07
flatmushthe solver seems to be designed for really embedded C where you don't have loops with a potential maximum index of say (2 ^ 32) - 110:08
flatmushI don't think this will practically run against the software that we'll need for a minimal distro10:08
flatmushbut if anyone knows of a way to make this practical, I'm happy to be proven wrong10:08
flatmushThere are smaller steps towards this if we really think it's where we want to go10:09
flatmushlike we could run cppcheck or scanbuild on all of our dependencies10:09
flatmushand the same issues of what do you do when you find a bug (or a potential bug) crop up10:10
*** ecclescake has joined #trustable10:28
*** traveltissues has joined #trustable12:13
paulsherwood"In my C coding standards written for BT, I recommended that code should be compiled under more than one implementation as a matter of course, not only for the reasons you cite but also because it's a simple check on whether a programmer has inadvertently relied on the particular characteristics of a single implementation.15:05
paulsherwood"15:05
paulsherwoodfrom Olwen on systemsafetylist.org15:06
*** Shaun has quit IRC15:08
flatmushI found out that clang doesn't support nested functions doing just that15:15
flatmushthese hints are good for writing new code, I'm not sure how we apply them to a large existing codebase though15:16
paulsherwoodack15:23
*** toscalix has quit IRC15:33
*** ikerperez has quit IRC16:52
*** ecclescake has quit IRC17:16
persiaFor freeciv, when the idea of using two compilers was introduced, the project accepted bugs/patches to make clang work as well as gcc.  After a few years, the codebase worked fine with either compiler, and a decision was taken to consider code that was submitted that was not compatible with both compilers buggy.18:05
persiaTakes a while, but it is certainly possible to move long-standing projects with lots of almost-orphaned code to comply with multi-implementation language standards.18:06
persiaI've seen a few efforts to compile linux with clang.  Last I knew it didn't work reliably, but some patches to help have landed mainline.18:07
persiaI suspect a similar approach can be taken for any project that has hard dependencies on specific compilers and/or toolchains.18:07
*** traveltissues has quit IRC19:10
*** traveltissues has joined #trustable21:35
*** traveltissues has quit IRC21:44

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!