lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070429234102.GA13344@linuxtv.org>
Date:	Mon, 30 Apr 2007 01:41:02 +0200
From:	Johannes Stezenbach <js@...uxtv.org>
To:	Indan Zupancic <indan@....nu>
Cc:	Adrian Bunk <bunk@...sta.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Diego Calleja <diegocg@...il.com>,
	Andi Kleen <andi@...stfloor.org>,
	Chuck Ebbert <cebbert@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: Linux 2.6.21

On Mon, Apr 30, 2007, Indan Zupancic wrote:
> On Mon, April 30, 2007 00:36, Johannes Stezenbach wrote:
> > The lesson to learn is that there are some very valid
> > reasons why bug reports get ignored (some not mentioned here),
> > and there's nothing you can do about it. And it has nothing to
> > do with the method or tool used for reporting or tracking.
> >
> > And I also think that ignoring bad bug reports _increases_
> > the software quality, because you can use the saved time
> > working on something productive. And it makes developers
> > happier :-)
> >
> > [Just to avoid misunderstandings: By no means do I advocate
> > ignoring *every* bug report. But ignoring the bad ones
> > is just the sane thing to do.]
> 
> I don't know, but what about telling the hapless person who went
> through the process of posting a bug what's wrong with the bug report?
> Or is software quality the only thing you care about, and you don't
> want to waste time on learning people to write better bug reports?
> 
> If you want to scare away bug reporters, just ignore their first (and
> thus likely bad) bug report they write. There isn't much less motivating
> than a deafening silence. Just compare it with writing a patch.
> 
> Though, in a sense, if the software quality is measured by the number of
> bug reports, your tactic might "improve" it indeed.
> 
> That said, if someone is an obvious idiot, ignoring saves time. But I
> think that's quite rare, and in general you should give the reporter
> feedback, and then ignore the bug report. (Until it improves.)

Well, I'm a moody bastard, and I would hope other people handle
this better than I. However, all the bugzillas of this world
are full with old, ignored bugs, amd I thought this might
serve as an explanation why.

Developers are just humans and if they have no incentive to
act on a bug report they will ignore it. I think this is a
fact that you have to deal with.

It's also not necessarily the fault of the reporter if
a bug report gets ignored, but for every report a developer
has to make a decision to handle it or not, and there are
lots of reasons why he may decide to not handle it, or
at least not now (and then forget about it).

But I'm quite sure that an important bug would be reported
again until fixed.


Johannes
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ