Xref: utzoo comp.bugs.4bsd:1423 comp.sources.d:4120 comp.unix.wizards:18420 Path: utzoo!utgpu!attcan!uunet!ginosko!gem.mps.ohio-state.edu!apple!usc!ucsd!ucbvax!bostic From: bostic@ucbvax.BERKELEY.EDU (Keith Bostic) Newsgroups: comp.bugs.4bsd,comp.sources.d,comp.unix.wizards Subject: Re: Bugs in the BSD sources ?? Message-ID: <31631@ucbvax.BERKELEY.EDU> Date: 1 Oct 89 19:09:04 GMT References: <1802@cooper.cooper.EDU> <13879@well.UUCP> <4281@mentor.cc.purdue.edu> <623@wet.UUCP> Organization: University of California at Berkeley Lines: 100 There have been a number of recent postings about the relationship between the source code on uunet.uu.net and various BSD releases and bugs found in the code. > Are the BSD sources, archived @uunet, among other places, > the sources to actual, working, tested programs? Pretty much. The BSD programs on uunet come from three possible sources. The first is the 4.3BSD-tahoe release, which was an interim release last year. The second is the BSD networking release of this spring. The third is piecemeal from Berkeley. Unfortunately, none of these methods involved real release engineering of the kind that 4.3BSD was subject to. Release engineering is hard to do well, takes a lot of time, and isn't all that much fun. (As an example, when 4.3BSD was being prepared for release, members of CSRG checked *every* entry in the SCCS logs to make sure it was both reasonable and, if necessary, documented. For more details read Kirk McKusick's paper "The Release Engineering of 4.3BSD" from the April USENIX Software Management Workshop Proceedings.) Anyhow, we generally put release engineering off until we're ready for a "final" version of the software, in this case, 4.4BSD. Vendors and other organizations don't want to wait for the final release, so Berkeley has historically done intermediate releases to make the software available to other development groups. These releases aren't snapshots, i.e. they've run for extended periods of time on a few machines, but they haven't gone through extensive beta cycles either. The large majority of the code on uunet comes from the 4.3BSD-tahoe release, is fairly well tested and has been run in the configuration in which it is presented. Code from the networking release is well tested, but has never been run in the configuration in which it is presented. This is because networking is a current research area at Berkeley and getting a coherent snapshot of our networking sources is somewhere between difficult and impossible. This is the reason that the code as distributed didn't compile -- we were trying to merge a number of versions of the software and it didn't quite work. (We apologize for that, by the way, and the next version will, at least, compile!) The final category is usually due to a significant security problem or simply because enough people have asked us for copies of the code that I've asked Rick Adams to add it to his sources so that we can direct people to uunet rather than email'ing out the source tree each week. Ftp and dbx are good examples of this. In general, this code is the least well tested, although you can be sure that it compiles and has been run -- for at *least* twenty minutes. These versions are usually copies of what we are currently running on our development machines, which causes problems in and of itself. For example, our method of doing Makefiles has recently been reworked and include files often change over time. > Sometimes it *is* identical to the unpublished proprietary source. > For instance, the freely redistributable version (5.3 (Berkeley) 6/29/88) > of mkstr.c from the 4.3BSD-Tahoe release of Berkeley UNIX (which is what > UUNET post in their archives) is exactly the same as the proprietary version > (5.1 (Berkeley) 5/31/85) of mkstr.c, with the exception of the SCCS info and > redistribution rights. Just an observation... As part of the process of identifying non-AT&T portions of our distribution, we occasionally simply change the copyright notice. Copyrights from Berkeley fall into three categories. Code from 32V which has not been modified: this code has whatever copyright notice that AT&T had on it when we got it, usually none. Code from 32V which has been modified at Berkeley: /* * Copyright (c) 1988 Regents of the University of California. * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. */ Code which has been written at Berkeley and is not proprietary to any vendor: /* * Copyright (c) 1989 The Regents of the University of California. * All rights reserved. * * Redistribution and use in source and binary forms are permitted * provided that the above copyright notice and this paragraph are * duplicated in all such forms and that any documentation, * advertising materials, and other materials related to such * distribution and use acknowledge that the software was developed * by the University of California, Berkeley. The name of the * University may not be used to endorse or promote products derived * from this software without specific prior written permission. * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ Until about a year or so ago we did not distinguish between the second and third cases, they both got the "see the Berkeley License for details" version of the copyright. That is why you can find source code where that copyright notice has simply been replaced with the "freely redistributable" version without software modification. --keith