lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.0.99999.0711132239350.3960@sheep.housecafe.de>
Date:	Tue, 13 Nov 2007 22:56:01 +0100 (CET)
From:	Christian Kujau <lists@...dbynature.de>
To:	Andrew Morton <akpm@...ux-foundation.org>
cc:	linux-kernel@...r.kernel.org, torvalds@...ux-foundation.org
Subject: Re: [BUG] New Kernel Bugs

On Tue, 13 Nov 2007, Andrew Morton wrote:
> There are a number of process things we _could_ do.  Like
> - have bugfix-only kernel releases

Adrian Bunk does (did?) this with 2.6.16.x, although it always seemed to 
me like an unrewarded one man show. AFAIK not even the big distros are 
begging for bugfix-only versions, as they too want to have (sell) new 
features. Mission critical systems might want to require such versions, 
but I guess they're using heavily customized trees anyway.

> - Just refuse to merge any non-bugfix patches for a subsystem when it is
>  determined that the subsystem has "too many" regressions.

Hm, that's what I had in mind. Has this been tried already?

> - Create an "if you added a regression, you should fix some other bug
>  too" rule.

Naah, I'm not really in favour of blaming someone. The kernel doesn't have 
SLA contracts (yet), so no need for giving out penalties :)

> But we can't/shouldn't do any of that until it is generally agreed that we
> have a problem and that the problem is of sufficient magnitude that process
> changes are needed to address it.  We aren't at that stage yet.

Keeping track of the (number of) regressions / bugs each release seems to 
be a good start, IMHO.

> process changes, they all would be aimed at a single thing: shifting some
> of the developers' time away from <otherstuff> and onto bugfixing.

True. Implementing "only bugfixes from now on" (i.e. a longer 
freeze-window) would perhaps speed up the shifting a bit: $developer can 
still do $otherstuff all day long, but it won't get merged anyway, because 
we're in "only bugfixes from now on"-mode.

> At this stage the only tool which is being deployed to attempt to bring
> about that reprioritisation is suasion.  aka "lkml flamewar".

True. But I just noticed that I have to distinguish between 
"flamewars" and "fierce discussions": if I'd imagine a room with ~50 
developers/bystanders brainstorming on a issue like this (at the same 
time, without the wonderful delay of writing/sending an email), it'd
feel much more uncomfortable.

Christian.
-- 
BOFH excuse #433:

error: one bad user found in front of screen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ