Tootfinder

#heiseshow: KI auf Bug-Suche, Kernkraft-Comeback, Homeoffice in der Energiekrise
In der #heiseshow: KI findet Firefox-Bugs schneller als Menschen, von der Leyen bereut den Atomausstieg und Homeoffice als Reaktion auf Energiekrisen.

from my link log —
Code reviews do find bugs.
https://entropicthoughts.com/code-reviews-do-find-bugs
saved 2026-03-11 https://

Years ago I had a "ReworkCTF" board with 20-odd PCB layout bugs designed into it on purpose, ranging from backwards LEDs to missing vias under a BGA to inner layer differential pair swaps.
The original board had some design issues that made some of the fixes easier/harder than intended, and also ancient, I think now EOL, parts (a Spartan-3A FPGA - even if not EOL nobody wants to use one of those in 2026).
I'm hoping to do a gen 2 of the challenge soon probably based…

Anthropic debuts a Code Review feature for Claude Code, which uses agents working in teams to check pull requests for bugs, available in research preview (David Gewirtz/ZDNET)
https://www.zdnet.com/article/claude-code-review-ai-agents-pull-request-bug-d…

This new Claude Code Review tool uses AI agents to check your pull requests for bugs - here's how
Each pull request can cost up to $25. Here's why companies might still pay to prevent catastrophic bugs.

Apple throwing some time into bugs today…
• 240961: `position: relative` doesn't work as expected on table row, 26 May 2022, https://bugs.webkit.org/show_bug.cgi?id=240961
• 305719: REGRESSION (iOS 26): Datalist options obscure text input, 18 January 2026,

Hey @… can I request attention towards:
https://bugs.kde.org/show_bug.cgi?id=515271
I like

https://itsfoss.com/news/linux-kernel-ai-fuzzing/
The Linux kernel is toying with LLM tooling, not to write code (phew!), but to assist reviews and find bugs:
The fuzzer surfaces potential bugs; a human with decades of kernel experience reviews them, writes the…

Is a Clanker Being Used to Carry Out AI Fuzzing in the Linux Kernel?
Greg Kroah-Hartman appears to be running AI-assisted fuzzing on the kernel. Don't outrage yet, as this may not be a bad thing.

@… Very much your kinda thing here.
https://oldbytes.space/@flexion/116568266171204034

/usr/people/flexion (@flexion@oldbytes.space)
Attached: 1 image Chased and fixed a lot of bugs today! GTA VC on IRIX ❤️

Me when terfs start their fucking Nazi bullshit.

Fixed 137 bugs found using AI.
I guess the code is now unusable and somehow worse than before if you believe the average discourse here.

There was a time when creating massive amounts of code would have been valuable. There was a time when lowering the bar for creating software would have been beneficial. But today we are inundated with garbage apps, written too quickly and never maintained, half-working libraries, projects someone took up once and abandoned (I have several), and grift startups just waiting to be acquired and "fixed."
#LLM code generation is a pestilence. We don't need more code owned by people who know less, we need less code managed by people who know more. It's literally the opposite of everything we want. Oh, but it will be easier for infosec to find bugs so it's fine, right? I've found critical bugs that never get fixed (I think one of mine is like 7 years old now).
There are a lot of bugs that just can't be fixed because there are no systems to fix them. Go on Shodan and look for ATGs. There are thousands of them. I'm betting that most of those are not honeypots. It may be possible to blow up a bunch of gas stations with a for loop, but, yeah, we need #AI to find some more bugs.
https://www.darkreading.com/ics-ot-security/fuel-tank-monitoring-systems-vulnerable-disruption

Oof. Time to shut down #apache on the one server I still run it on for a few hours until this gets updated.. #debian https://bugs.debian.org/1135737…

Daniel Stenberg (@…) from curl provides important security advice for FOSS maintainers: ‘Any project that has not scanned their source code with AI powered tooling will likely find huge number of flaws, bugs and possible vulnerabilities with this new generation of tools.
Not using AI code analyzers in your project means that you leave adversaries and attackers…

Mythos finds a curl vulnerability
yes, as in singular one. Back in April 2026 Anthropic caused a lot of media noise when they concluded that their new AI model Mythos is dangerously good at finding security flaws in source code. Apparently Mythos was so good at this that Anthropic would not release this model to the public yet but instead … Continue reading Mythos finds a curl vulnerability →

ok, so I set out to fix a small bug in roundl for 80-bit x86 floats. The final tally is four toolchain bugs (two already mentioned here, one bitfield bug on arc and a clang crash on arm because it didn't like the way I wrote a function), transitioning to a new Zephyr SDK and new Arm Toolchain for Embedded compilers. Thirty commits later, I've managed to get things working again. Phew.

from my link log —
Finding a goroutine bug with TLA .
https://www.hillelwayne.com/post/tla-golang/
saved 2020-09-25 https://dotat.a…

Nice bit of #git #data driven #analysis https://

@… any overlap with UEFI-specific boot bug 293663?
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293663>

If AI was so great why doesn’t Apple or Microsoft simply tell it to fix all bugs in their operating systems?

Mozilla says Claude Opus 4.6 found 100 bugs in Firefox in two weeks in January, 14 of them high-severity, more than the bugs typically reported in two months (Robert McMillan/Wall Street Journal)
https://www.wsj.com/tech/ai/send-us-more-anthropics…

🇺🇦 #NowPlaying on KEXP's #SonicReducer
Donkey Bugs:
🎵 Abcs of Lust
#DonkeyBugs
https://open.spotify.com/track/0ZW3AsDjqoNgCCaBzEcA61

Wow, this image from Firefox visually shows the power of Mythos's bug-sniffing capabilities.
https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/

“Think about how you relate to your compiler. You write C , Rust, Go, and the toolchain spits out a binary. Do you open that binary and read through the assembly? Do you schedule a meeting with a colleague to review the object code before shipping?
Of course not. That would be absurd. And not because you blindly trust compilers, you don't. Compilers have bugs. Compilers have had famously catastrophic bugs. But you've constructed an entire apparatus that makes reviewing the output unnecessary: you write tests against observable behavior, you have type systems that constrain what the output can do, you have reproducible builds, you have fuzzing and sanitizers and formal verification in high-stakes domains. You trust the process, not the artifact.
We haven't built that apparatus for coding agents. And that, not the output itself, is what's actually missing.”
#AgenticSoftware
https://skiplabs.io/blog/codegen_as_compiler

Konsequent _drauf geguckt_ kommt raus, dass das Geld was die Anthropic-Token gekostet hätten, um die Bugs zu finden, wenn man es denn verwenden würde um menschliche Sicherheitsforscher zu bezahlen, grob den gleichen Effekt hätte*.
Aber fächelt euch ruhig weiter Luft zu…
https://social.bund.de/@bsi/1163802904

Excerpt from an essay I may or may not write:
Ontologies evolve to fulfill functions. They serve a purpose, and will be adapted until they fulfill this purpose. There are, occasionally, things that exist within those ontologies which do not actually exist.
Programming bugs are an example. There is no such thing. Code is code. It can't be right or wrong, it just is or isn't. The mismatch between the intent and the execution creates a side effect. We may confidently assert such a thing exists. We may name such things. But they don't exist. This becomes apparent when you try to figure out how to suppress one specific instance of a bug in one specific place through multiple revisions.
At some level, a lot of things don't actually exist. We only need to follow through the logic of The Ship of Theseus to see how our ontologies break down.
One thing that doesn't exist, that is a side effect rather than an object, is the personal self. You do not exist. Your perception of your existence is an illusion, a necessary side effect.
Every day you wake up a different person. Every second you are not who you were. That person is as dead as you will be the next instant, as all versions of you will be every second until there are no more. These selves are bound together by imperfect memories. The person you remember as yourself, all those people, never existed. You created them based on your current experience, your current iteration.
You could, just as easily, wake up an unrecognizable person, in some Dark City, and never know the difference. Continuity is absurd. And yet, some people believe they'll still experience the same self after being frozen or "uploaded." It's a silly illusion.
Once you can get over that illusion, you can let go of the need to thrash against the void. You can let go of the various furious dreams of immortality.
At a high enough level, all ontologies are illusions. Useful illusions, but illusions none-the-less. There is only the undifferentiated universe, and you are experiencing it. You are the universe. You will always persist, long past the time this specific iteration or any iteration experiences it.
This implies a certain obligation then to all the others experiencing the same self, the future iterations that may remember being someone like you, and any other person you, the universe, could wake up as tomorrow.

watchOS 26.5: Apple behebt SMS-Bug bei Dual-SIM und Training-Hinweisen
Apple hat den Release Candidate von watchOS 26.5 veröffentlicht. Das Update behebt zwei Fehler bei Dual-SIM-iPhones und Training-Alerts.

Apple Watch: Zwei nervige Bugs verschwinden mit watchOS 26.5
Apple hat den Release Candidate von watchOS 26.5 veröffentlicht. Das Update behebt zwei Fehler bei Dual-SIM-iPhones und Training-Alerts.

Don't talk about this :)
"Small models also found the vulnerabilities that Mythos found"
https://aisle.com/blog/ai-cybersecurity-after-mythos-the-jagged-frontier

it's so funny that in the space of like a month we went from "erm switching to Markdown rendering mode in Notepad and then clicking a link to an executable is RCE"
to "an LLM handed me an actual vim rce after I said yeah there's one in here somewhere"
https://blog.calif.io/p/mad-b…

MAD Bugs: vim vs emacs vs Claude
We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too.

Ansonsten gibts halt noch einige Ecken an denen die App nur halb aufpoppende Dialoge und andere kleine Interface-Bugs hat, aber man findet sich schon zurecht.
Es bleibt also, dass der Prozess jetzt wirklich papierlos ist. Die App kann man noch verbessern aber ansonsten ist das schon im Rahmen des Umfelds (Papierrechnungen von Ärzten) gut gelöst.
Am besten wäre natürlich eine Chipkarte und wenn das nicht alles über mein Konto laufen würde, aber das geht nur mit GKV (=todo).
5/5

272902 – Security: allow passphrases for WPA-EAP to be saved without using clear text
<#FreeBSD

"‘A celebration for the bugs’: Flowers burst into colour after southern Spain’s record rainfall"
#Spain #Environment #Nature

Vibrant wildflowers transform arid southern Spain after heavy rains
While beautiful, the swathes of invasive yellow flowers are an environmental concern.

Something else happened, and that was *very* recently. Those reports grew in numbers.
if I see 1-2 valid reports in a major open source lib from an AI tool, I'm not impressed. If I had enough funding, I could find valid vulns in a variety of ways.
When the Mozilla/Antropic thing came out, that was what I was thinking. "Yeah, these are real bugs, but you know, if I had infinite funding like Antropic, and a team of top security people, you know how many bugs I could find in …

#Jellyfin for #Roku 3.1.8-RC1 has been released
Testers, please load the candidate and test it out. We have some major changes this round, so we need as many peeps as possible to kick the tires.
As usual, our primary focus are bugs in the new features or new bugs introduced by the ne…

We’re taking a massive leap toward solving that problem by introducing a new, upgraded, guided workflow within our exiting Debugger Agent in #visualstudio
https://d…

Bugs were supposed to be the future of food. Now, the insect farming industry is collapsing.

“We have to get used to the idea of eating insects.”
This proclamation came from, of all people, an insect researcher. Dutch entomologist Marcel Dicke pitched eating bugs in his 2010 TED talk as critical to sustainably feeding a growing human population, because insects have a much smaller carbon footprint than beef, pork, and chicken.
Spoiler alert: We di…

Bugs were supposed to be the future of food. Now, the insect farming industry is collapsing. 
How the frenzy over farming insects for food went bust.

Progress, the list of cppcheck findings is shrinking. Lots of minor performance tweaks (unnecessary pass by value on stuff not in inner loops) and a few legit but minor bugs.

Anthropic is making a preview model of its new AI model to find and catch hardware and software bugs, called Mythos, available to about 50 companies, including giants such as Amazon, Microsoft, Apple, Alphabet-owned Google, and the Linux Foundation.

It is nice to see how the community of a small Emacs package I created is growing. And people are willing to crash into the bugs just to see the project improve.
I've done that for other projects as well, but it is my first time for my own code. Is kind of inspiring and encouraging.

My favorite part of a changelog:
«Fixes for Bugs I caused:»

When someone wants to add an #LLM scraping tool into #Gentoo.
Yes, the kind of shit that's designed to work around all the scraping protections, mask itself and DDoS Gentoo. I mean, technically I don't think that violates any rules but seriously…
#AI #NoAI #NoLLM

RE: https://neuromatch.social/@jonny/116328504299888679
Wow, next level security /s
I often make fun of developers for coming up with engineering recommendations that are essentially obfuscated versions of “don’t write bugs!,” but here’s a system avoiding security flaws by literally telling itself “don’t have security flaws!.”

@… thanks.
Not directly related, a review of <https://bugs.kde.org/show_bug.cgi?id=484259> may be timely:
― Auto login behaviour has X11 session s…

No bugs. Duh.
Drivers help study road-trip mystery: what became of bug splats?
https://phys.org/news/2026-04-drivers-road-mystery-bug-splats.html

RE: https://infosec.exchange/@flyingpenguin/116399482954754093
«There were 50 crash categories pre-discovered by Claude Opus 4.6. Mythos did not find these bugs. Ok, now it’s getting even more awkward. Not Firefox. Not found by Mythos. The bugs were…

16-year-old Safari bug to ignore `text-transform` on text copy:
https://bugs.webkit.org/show_bug.cgi?id=43202
Today, there’s a PR to address it:

Oddly, the speed of an old msata drive has gotten slower and slower over time. It's running debian stable, and that means it's regularly doing TRIM.. but hdparm -t shows 40MB/s disk reads. I've read that this often happens due to firmware bugs, so I'm going to try upgrading the firmware.
I grabbed an .exe from Dell's site, and ran it under wine(32) to basically unzip the files. Now a small side quest to install xfce on it and see if I can get a remote root terminal…

Mozilla says its Firefox 150 release includes fixes for 271 vulnerabilities identified using early access to Anthropic's Mythos Preview (Lily Hay Newman/Wired)
https://www.wired.com/story/mozilla-used-anthropics-mythos-to-find-271-bugs-in-firefox/

Mozilla Used Anthropic’s Mythos to Find and Fix 151 Bugs in Firefox
The Firefox team doesn’t think emerging AI capabilities will upend cybersecurity long term, but they warn that software developers are likely in for a rocky transition.

RE: https://hachyderm.io/@fasterthanlime/116487817082303086
This.
Regardless of the fact they did this to themselves, I would understand slow CI/web pages (and they are, indeed, slow). But GitHub is now riddled with incredible logical bugs that c…

@… no, that's not what I'm telling you.
I prefer to believe that most people will be thoughtful.
＂… a huge number of bugs. I have so many bugs in the Linux kernel that I can't report because I haven't validated them yet. I'm not going to make some open source developer validate bugs that I haven't checked yet. I'm not going to send …

from my link log —
Interesting JavaScript bugs caught by no-constant-binary-expression in ESLint.
https://eslint.org/blog/2022/07/interesting-bugs-caught-by-no-constant-binary-expression/
saved 2023-11-09

Interesting bugs caught by no-constant-binary-expression - ESLint - Pluggable JavaScript Linter
A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.

Bed Bugs and Beyond
#MedievalStoreNames
#HashTagGames

"A year ago, about 5% of Trail of Bits was on board with our AI initiative. The other 95% ranged from passively skeptical to actively resistant. Today we have 94 plugins, 201 skills, 84 specialized agents, and on the right engagements, AI-augmented auditors finding 200 bugs a week."

How we made Trail of Bits AI-native (so far)
We had 5% buy-in and 95% resistance. A year later, AI-augmented auditors are finding 200 bugs a week on the right engagements. Here's the six-part operating system we built, open sourced, and are giving away.

🐞 Mirror image pheromones help beetles 'swipe right' to find mates
#bugs

Mirror image pheromones help beetles 'swipe right' to find mates
There are many ways to communicate with prospective romantic partners. If you are a Japanese scarab beetle, it's a matter of distinguishing left from right. New work from U.S. and Chinese scientists, published this week in Proceedings of the National Academy of Sciences, shows how these beetles use mirror-image pheromones to find a mate. The work could lead to better monitoring and control of significant agricultural pests.

🇺🇦 #NowPlaying on BBCRadio3's #NightTracks
Hassle Hound:
🎵 Lucky Bugs Win Prizes
#HassleHound
https://open.spotify.com/track/6Lguoiilo8mBWRW59vWyqU

Deutsche Bahn weirdnesses again...
I was not aware that Deutschlandticket is a subscription, just wasted €200, dangit.
Booking a trip where I set that I have a Deutschlandticket *does not account for it*, due to bugs or whatever, charging an extra €30 - so I booked partial journeys instead.
The return trip costs *less than half* the price - we're talking €130 vs €60. Like, what...

OpenAI is rolling out GPT-5.5-Cyber, a security-focused variant of the model, in a limited preview capacity to vetted cybersecurity teams (Sam Sabin/Axios)
https://www.axios.com/2026/05/07/openai-gpt-55-cybersecurity-model

OpenAI makes its Mythos rival more widely available to cyber defenders
Recent security testing suggests that GPT-5.5. model is nearly as good at finding and exploiting software bugs as Anthropic's Mythos Preview.

Chuck Norris doesn't need a coffin because bugs can't eat him and his flesh will never rot. #rip #chucknorris

The number of computer scientists in a room is inversely proportional
to the number of bugs in their code.

Always fun starting a new job and seeing the exact same bugs due to mocks in test code!

SpotBugs: Find bugs in #Java Programs
https://spotbugs.github.io/

I guess it's time to find a replacement for #IceCubesApp. With the developer joining one of the worst companies in the world, I don't feel comfortable using it anymore – and I suspect the bugs will never be fixed now.

Carelessness versus craftsmanship in cryptography
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. […] The aes-js/pyaes maintainer, on the other hand, has taken a more… cavalier approach.
🔓 https://…

Carelessness versus craftsmanship in cryptography
Two popular AES libraries (aes-js and pyaes) provide dangerous default IVs that lead to key/IV reuse vulnerabilities affecting thousands of projects. One maintainer dismissed the issue, while strongSwan’s maintainer exemplified proper security response by comprehensively fixing the vulnerability in their VPN management tool.

Having a good time with JavaScript
https://bloomberg.github.io/js-blog/post/temporal/

Temporal: The 9-Year Journey to Fix Time in JavaScript
JavaScript's Date object has been a source of bugs for three decades. Temporal, which just reached Stage 4, is a modern replacement with immutable types, first-class time zone and calendar support, and nanosecond precision. This is the story of how Bloomberg, Igalia, and the TC39 community spent nine years turning an idea into a shipping standard.

I'm giving Proton Sheets a try. I do like CryptPad (for a number of reasons) but there are a few things that bug me (mostly the bugs) so I figure testing what Proton has is worth a shot.
(I'd still like to find a self-hosted spreadsheet application at some point.)
https://proton.me/drive/sheets

Protect and analyze data with encrypted online spreadsheets | Proton
Safeguard sensitive data, collaborate with clients, and keep your team aligned with end-to-end encrypted spreadsheet software from Proton

RE: https://vox.ominous.net/@occult/116182975603760287
I'd actually argue it's the opposite: Claude & co are unarguably inserting subtle (and not so subtle) bugs into your code...

Well, I've written all my number equality stuff. It's full of bugs, but it's written.
Debugging is a problem for another day.

@… hmm to be honest, your use-case seems niche. There's no single-page view of individual scheduled posts because they're not really the final rendered post (even the payload is different).
Mastodon's scheduled posts API is lagging behind. Can't edit and still has bugs. Currently it's just best-effort support on Phanpy as I wait for them…

@… @…
<https://bugs.fr…

Mozilla says Anthropic's Mythos Preview and other AI models helped it identify and ship 423 Firefox security bug fixes in April, compared to 31 a year earlier (Russell Brandom/TechCrunch)
https://techcrunch.com/2026/05/07/how-anth…

How Anthropic’s Mythos has rewritten Firefox’s approach to cybersecurity | TechCrunch
Security researchers at Mozilla say Anthropic's Mythos has unearthed a wealth of high-severity bugs in Firefox.

I regularly drag my feet on some upgrades, but this is getting a bit ridiculous. I'm using an iPhone 13 Mini because my tiny hands can't hold the giant phablets. And iOS 18.7.2, because I hate the AI junk crammed into everything and don't want nauseating translucent UI effects. But there's a lot of security bugs lately that might demand something to change. Uggghh.
I wish portable pocket computers were less capable and had more battery life.
#apple #wtf

"There was a point in my life where I spent the better part of my waking hours either talking face to face with real-world mobsters, or listening to them talk to each other over wiretaps, body wires, or bugs. Not once did I hear any real-world gangster use the term 86 to refer to a murder or anything, and god knows these guys had colorful lingo, but never that phrase."
'Never ever': Ex-mafia prosecutor obliterates Trump's defense for latest legal battle - Raw Story
https://www.rawstory.com/trump-comey-2676832751/

Te world's operating system is in dire need of updating. Its current one – capitalism – has just far too many bugs.

Inquiring minds want to know: if you order two rainbow stag beetles and they arrive as larvae that you have to take care of (they live in a deli container, and you change the soil every 10 weeks) so they become the beetles - are they counted as "pets"?
Yes - definitely pets
No - they are bugs

Employer encourages us to "do stuff with LLMs" (employer is in the LLM business).
One of the things I do, is ask LLM to root-cause and repair bugs, sometimes as an experiment after solving it myself. It doesn't always succeed, but when they do, it's usually fast. E.g., yesterday I isolated a bug to "somewhere in the register allocator". This morning, I had a bee in my bonnet to fix it, and it took me two half-assed hours. On a whim, I fed the problem to th…

from my link log —
LastPass leaks credentials from previous site.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1930
saved 2019-09-16

Detecting Logic Bugs of Join Optimizations in DBMS
Xiu Tang, Sai Wu, Dongxiang Zhang, Feifei Li, Gang Chen
https://arxiv.org/abs/2602.21955 https://arxiv.o…

I have a major new feature for Left Wordle. I am testing the ability to sync settings and game history between devices. This feature is very much beta at this time and everything is subject to change.
My goal is to get as many people testing this as possible to identify any bugs that might cause problems once released. If you have time, please give it a try. Instructions here:

🇺🇦 #NowPlaying on KEXP's #VarietyMix
Jamila Woods:
🎵 Bugs
#JamilaWoods
https://open.spotify.com/track/2OUkcsx4AcCnWQ8ctZEJfU

You know those bugs where you go look at the code and wonder "how the heck did this work in the first place"?
Yeah, this is one of them.
https://github.com/ngscopeclient/scopehal/commit/a5f616ae9535c15a9eda2c04840cf63580adfafe

IQDemuxFilterAlignment: fixed indexing bug that somehow still usually… · ngscopeclient/scopehal@a5f616a
… gave correct results on nvidia but failed horribly on AMD

You know the classic story of the foolish employer who paid software developers per bug fixed? If you haven’t, you can guess the outcome: program called off when one developer “fixed“ hundreds of bugs in a single day (that they’d intentionally introduced).
This is just like that, except not like it at all: the “fake bugs” — ICE agents abducting random people to make a buck — are the •intended• effect.

@… privately
I didn't make you a cc recipient, but FYI:
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294221>
(I no…

Half of Mastadon going on about how terrible useless awful AI is and how it’s just dumb algorithms regurgitating shit. Having never tried it for more than the most silly things.
The rest of us over here having fixed 100s of bugs in 1 week and many CVEs in production software that was previously extensively audited by many many people and companies - shipping better software because we are willing to find the right way to use a tool.

from my link log —
Why every organization should make it easy to report security flaws.
https://this.weekinsecurity.com/why-every-organization-should-make-it-easy-to-report-security-flaws/
saved 2026-05-05

Why every organization should make it easy to report security flaws
Companies make it too challenging to report security bugs and data leaks. Having a dedicated security email address could save your company from a damaging hack.

*wow* the AMD GPU debug tools are awful compared to nvidia's lol.
I'll definitely keep this card to test on and find bugs that don't happen on nvidia, and it has way more VRAM than my others.
But I'm probably gonna be sticking with NSight for most of my shader optimization work.
I can't even capture a trace from the profiler I have to set a bunch of MESA_x environment variables then wait for a predefined frame number and hope that I see the data I want…

@… this bug?
287569 – bsdinstall: restarting installation: Error: No disk(s) present to configure — <https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=2…

from my link log —
A nasty bit of implicit timezone behavior in Golang.
https://www.dolthub.com/blog/2021-09-03-golang-time-bugs/
saved 2021-09-04

A nasty bit of undefined timezone behavior in Golang
Blog for DoltHub, a website hosting databases made with Dolt, an open-source version-controlled SQL database with Git-like semantics.

RE: https://mastodon.bsd.cafe/@grahamperrin/116155254526138460
FreeBSD-CURRENT testing with real hardware blocked by <

Where I'm at on post scarcity:
* The garbage collector is doing even worse than it was on 4th
February, when I did the last serious look at it.
* The bignum bugs are not fixed.
* You can (optionally) limit runaway stack crashes with a new command line option.
* If you enable the stack limiter feature, `(member? 5 '(1 2 3 4))` returns `nil`, as it should, but if you do not enable it, `(member? 5 '(1 2 3 4))` still causes a segfault. WTAF?
Does no…

Developing infra automation is a ton of fun!
Especially once you eradicated bugs and can do rollouts. 🥳

Used Claude to turn my Architecture Specs -> conformance tests in markdown -> Executable tests run against real deployed implementations.
Failures into go unit tests that runs in the code base.
So dope, verifies the spec is understandable, called out a number of ambiguities, found real bugs.
Prose to conformance testing. Total win.

@… many months ago, I might have mentioned to you a 2011 MacBookPro8,3 of the type that is bugged at <https://bugs.freebsd.org/bugzilla/show

from my link log —
Fuzzing an eBPF implementation in Rust.
https://secret.club/2022/05/11/fuzzing-solana.html
saved 2022-05-12 https://

Earn $200K by fuzzing for a weekend: Part 1
By applying well-known fuzzing techniques to a popular target, I found several bugs that in total yielded over $200K in bounties. In this article I will demonstrate how powerful fuzzing can be when applied to software which has not yet faced sufficient testing.

The `aria-description` attribute still won’t auto-translate in browsers (except Firefox in some cases):
https://adrianroselli.com/2025/01/aria-description-does-not-translate.html#Update02
The bugs I filed with Chrome, Safari, and Firefox ha…

Cogent Security, which aims to use AI agents to decide which software bugs to remediate, raised a $42M Series A led by Bain, taking its total raised to $53M (Lily Mae Lazarus/Fortune)
https://fortune.com/2026/02/18/exclusi

13 DRC errors and 60 warnings? Sounds like a board that's ready to order.
Here goes, hopefully there's no major bugs besides the ones I put there on purpose lol.

As if freebsd-update is not supported:
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293390#c3>
It seems peculiar to treat pkg-unregister(8) as not supported. It was a feature of pkg 2.5.0 three months ago, and we now have version 2.5.1 or greater pac…

Code Metal, which uses AI to let engineers translate legacy code into modern languages, raised a $125M Series B led by Salesforce Ventures at a $1.25B valuation (Lauren Goode/Wired)
https://www.wired.com/story/vibe-coding-startup-code-metal-raises-seri…

Code Metal Raises $125 Million to Rewrite the Defense Industry’s Code With AI
The Boston startup uses AI to translate and verify legacy software for defense contractors, arguing modernization can’t come at the cost of new bugs.

It's a Powerwolf, Sabaton, and designing sadistic PCB defects kind of night.
Or maybe it's more masochistic since I'm going to be reworking all of these bugs myself in a couple of weeks?

Plasma: high CPU usage whilst the screen is locked
<#FreeBSD

from my link log —
A tale about fixing eBPF spinlock issues in the Linux kernel.
https://www.rovarma.com/articles/a-tale-about-fixing-ebpf-spinlock-issues-in-the-linux-kernel/
saved 2026-03-17

A tale about fixing eBPF spinlock issues in the Linux kernel | Ritesh Oedayrajsingh Varma
A system freeze led us deep into Linux spinlock internals, where we helped find not one but three bugs in the kernel's resilient locking code used by eBPF.

@… @… excellent!
A fix for single user mode with csh/tcsh would be nice:
<https:/…