lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20090324194254.GB26930@elte.hu>
Date:	Tue, 24 Mar 2009 20:42:54 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	sinter <sinter.salt@....de>
Cc:	Alan Cox <alan@...rguk.ukuu.org.uk>, linux-kernel@...r.kernel.org,
	"David S. Miller" <davem@...emloft.net>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	netdev@...r.kernel.org
Subject: Re: BUG in 2.6.29 final: broken network connection


* sinter <sinter.salt@....de> wrote:

> Am Dienstag 24 März 2009 18:25:03 schrieben Sie:
> > > It cost me almost 1 complete day
> >
> > Wouldn't it have been simpler to wait when you found a problem and read
> > Ingo's email on the subject from a few hours ago ?
> 
> Wouldn't it be simpler to restrictively avoid crap code in final 
> kernel versions? And if that does not work by appeal shouldn't the 
> netdev maintainer simply be substituted?
> 
> Who needs a maintainer adding his SOB with closed eyes under 
> untested crap code? Who needs someone like that for kernel 
> development?

Nonsense. 303c6a0 "gro: Fix legacy path napi_complete crash" was an 
obvious looking bug fix for a real crash that was reported, against 
a commit that went upstream in 2.6.29-rc1.

It was a fix for a serious regression and i'd have applied it too, 
and would have pushed it to Linus.

Furthermore, even on affected systems it took certain configs and 
certain conditions for the bug to trigger under high load. So there 
was no real good way to find this bug quickly.

Such kind of bugs can happen anytime, to any maintainer. Unless we 
100% freeze the kernel for a full month before release, this risk 
simply cannot be avoided. It is far more problematic if maintainers 
dont push known fixes or ignore fixes. The networking tree is 
exemplary in picking up fixes addressing bug reports quickly. A 
proposed fix was posted 33 minutes after i sent my bugreport.

Things breaking is simply the nature of software changes - get used 
to it. When new software with 1 million lines of changes over the 
previous version comes out, dont jump on it immediately, if your 
peace of mind depends on a 100% working system. Only try it if you 
want to help out developing it.

And there's an easy solution for you in any case: you can wait for 
.29.1 which i'm sure will be out quickly.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ