lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 8 Feb 2017 05:02:46 -0800
From:   "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Waiman Long <longman@...hat.com>, Ingo Molnar <mingo@...nel.org>,
        Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH v3 0/3] locking/spinlock_debug: Change it to a mostly
 fair lock

On Wed, Feb 08, 2017 at 10:27:26AM +0100, Peter Zijlstra wrote:
> On Tue, Feb 07, 2017 at 11:53:08AM -0800, Paul E. McKenney wrote:
> > My usual question is "how often does the spinlock_debug code find a
> > problem that would be hard to find otherwise?"  Probably unanswerable
> > given the nature of Linux-kernel development, but I figured I would ask
> > anyway.  ;-)
> 
> So I've not found it useful in many years, and quite to the contrary,
> its proven prone to generate false positives because the lock timeout
> gets hit because of various reasons.
> 
> But that's just me of course..

I have seen neither useful information nor false positives from it, nor
have I heard of anyone else having recently done so.  So I have nothing
indicating that I should either defend it on the one hand or advocate
for its removal on the other.  But I was asked, so...

One approach would be to push the patch and see if anyone complained.
But there are quite a few people who wouldn't complain about anything
until it bit them, which wouldn't happen for some time.  Which -might-
be OK, but...

Another would be to announce the patch widely, via social media, LWN
articles, presentations, etc., in order to increase the probability of
finding out if anyone relies on it sooner rather than later.

My recommendation is to do both in parallel.  Get the patch out there
for testing, get it headed for mainline, and make noise about it along
the way.  If no one complains, it goes in.  If someone does complain,
we can see what they really need, which would hopefully point the way
to an improved mechanism.

But that's just me of course...  ;-)

							Thanx, Paul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ