Conversation

✨saleem✨
@saleemrash1d
the whole "it's extremely difficult for us to verify that this kernel patch isn't malicious" business is a real indictment of C
Quote Tweet
Filippo Valsorda
@FiloSottile
Possibly unpopular opinion, but I feel like "only merge things after verifying they are valid" should maybe be the default policy of the most used piece of software in the world.
Show this thread
Image
7
193
Daniel Micay
@DanielMicay
Replying to
@WatsonLadd
@bascule
and
@saleemrash1d
Linux kernel maintainers realistically need to accept patches they don't understand and can't really review. The tooling, and by tooling I primarily mean C, doesn't allow them to build abstractions in a way that the code can actually be understood without tons of subtle context.
1
14
Daniel Micay
@DanielMicay
Replying to
@DanielMicay
@WatsonLadd
and 2 others
C isn't the only problem. The monolithic kernel design is a huge part of the issue too. The project is far beyond the scale of human understanding. It isn't broken down into components people are capable of reviewing in isolation. C causes a similar problem at a language level.
2
17
Daniel Micay
@DanielMicay
Replying to
@bascule
@WatsonLadd
and
@saleemrash1d
If they did this to certain influential kernel maintainers I'd actually think it was pretty funny, but they did it to random people who did nothing wrong aside from failing at something unworkable. I don't get them claiming there were no human test subjects involved... what?
1
8
Show replies