| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 09 Nov 2006 10:52:00 +0100 From: Arjan van de Ven <arjan@...radead.org> To: Andrew Morton <akpm@...l.org> Cc: Jesper Juhl <jesper.juhl@...il.com>, Linus Torvalds <torvalds@...l.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Adrian Bunk <bunk@...sta.de> Subject: Re: A proposal; making 2.6.20 a bugfix only version. > > 70% hit a bug this part I consider meaningless personally. If it was "70% hit a regression" or even x% hit a regression I would be a lot more worried. > 1/7th think it's deteriorating > 1/4th think lkml response is inadequate > 3/5ths think bugzilla response is inadequate > 2/5ths think we have features-vs-stability wrong after lots of press. > 2/3rds hit a bug. Of those, 1/3rd remain unfixed > 1/5th of users are presently impacted by a kernel bug > > Happy with that? I'm not saying things are perfect. Far from that. What I care about is if things are getting worse or not. My personal impression is that while things were flakey on the ABI front during early 2.6 (before 2.6.12 or so), that got fixed because every single bug is a major annoyance to a large group of people. (and most bugs in the survey were from before that). The counter argument to your "doom" data is that bugrates for acpi for example have been mostly steady, while the number of users has been increasing quite a bit. I don't have the impression things are getting worse personally. I do hit bugs, in -mm and in -rc kernels, but that is because I'm testing kernels intended for testing. (another thing that the 70% figure didn't separate out) We've gotten better. Adrian started tracking regressions, and that is helping to make sure that those don't slip through the cracks as much as they used to (some are unavoidable, especially performance ones or ones with really obscure hardware that is showing hard to reproduce things). The -stable series is working out well to fix security and other annoying bugs quickly post release (because yes things don't get tested fully until you release), but even -stable is not nearly getting massive infloods of serious regressions. Sure they are fixing more stuff now, but that's more a sign that the process is working, and that they are now picking up less critical stuff as well, than that it is a sign that things are getting worse. I'd love if bug responses were better. At the same time, declaring "bugfix only kernel" isn't going to improve that much; it just creates a larger flood of stuff for the kernel after that. Do you have the impression that high quality bug reports on lkml (with this I mean ones where there is sufficient information, which are not a request for support and where the reporter actually answers questions that are asked him) are not getting reasonable attention? -- if you want to mail me at work (you don't), use arjan (at) linux.intel.com Test the interaction between Linux and your BIOS via http://www.linuxfirmwarekit.org - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists