From: NeilBrown <neilb@suse.com>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "ksummit-discuss@lists.linuxfoundation.org"
<ksummit-discuss@lists.linuxfoundation.org>,
Andy Lutomirski <luto@kernel.org>
Subject: Re: [Ksummit-discuss] [MAINTAINER TOPIC] ABI feature gates?
Date: Mon, 14 Aug 2017 14:19:24 +1000 [thread overview]
Message-ID: <87o9riok6r.fsf@notabene.neil.brown.name> (raw)
In-Reply-To: <CA+55aFxFh8K_HxXEDXGizCj097u7VE8NZB8LpAVEdA2aSYgHHg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2604 bytes --]
On Fri, Aug 11 2017, Linus Torvalds wrote:
> On Fri, Aug 11, 2017 at 1:02 AM, NeilBrown <neilb@suse.com> wrote:
>>
>> What do you mean by "upgrade"?
>> Can I upgrade from 3.15 to 3.16-rc1? If not, why not?
>
> Yes..
>
> Of course, bugs happen, and then they get fixed.
>
> But yes, even including things like -rc1 (or just "random untagged
> kernel of the day") you should
>
> (a) feel safe in always upgrading to any higher version (I *hope* you
> can always also downgrade to a lower kernel version, but obviously at
> some point user space may start depending on newer features that
> simply don't exist in older kernels).
>
> (b) also feel that if something breaks, it's a bug, and people will
> take it seriously and not dismiss it with some crazy "N+1 version"
> excuse.
I think the issue is that some of us would like a clearer statement on
what values of "some point" we will honor, and which values are
crazy-talk.
This related slightly to your comment:
>
> And then I say "if it took you three years to upgrade and notice a
> behavioral change that nobody else noticed, it's no longer _our_
> fault".
Can we also say "if you started depending on an API that has only been
in the kernel for 3 weeks and we had to revise it, then it not _our_
fault if you depend on it already"??
In the original post in this thread, Andy seemed to think that as long
as it gets "fixed before the next real release", we are safe. Your
comments could be read to mean that you don't agree and that there is no
clear line at which we are safe.
You mentioned trust earlier:
> The whole point is that users are supposed to be able to *trust*
> the kernel.
I agree, but I think trust works best if it works both ways. Can we
trust application developers not to depend on an API which hasn't
reached maturity? I think we can if we tell them what we expect - what
constitutes "maturity" - and make it a reasonable expectation. Do we
have to declare "maturity" the moment an API hits mainline (or hits
-next, or hits mailing lists), or can we negotiate a formal grace
period?
Yes, "no regressions" is an import rule that should remain, but there
has always been a loophole. The loophole is "no harm, no foul". If we
can negotiate an understanding that results in "no harm" from early
revisions to an API, then those revisions will not cause actual
regressions. "No foul".
But maybe I'm wrong and all the people talking about automatic tooling
to discover and highlight API changes in linux-next are on the right
track... or would be if everything actually went through linux-next.
Thanks,
NeilBrown
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 832 bytes --]
next prev parent reply other threads:[~2017-08-14 4:19 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-04 1:16 Andy Lutomirski
2017-08-04 1:30 ` Greg KH
2017-08-04 4:15 ` Andy Lutomirski
2017-08-04 5:08 ` Sergey Senozhatsky
2017-08-04 8:23 ` Daniel Vetter
2017-08-04 2:26 ` Theodore Ts'o
2017-08-04 3:27 ` Stephen Rothwell
2017-08-04 5:13 ` Julia Lawall
2017-08-04 14:20 ` Theodore Ts'o
2017-08-04 15:47 ` Julia Lawall
2017-08-04 8:42 ` Jiri Kosina
2017-08-04 8:53 ` Hannes Reinecke
2017-08-04 16:04 ` Greg KH
2017-08-04 17:14 ` Theodore Ts'o
2017-08-04 17:53 ` Greg KH
2017-08-04 22:52 ` Joe Perches
2017-08-09 20:06 ` Geert Uytterhoeven
2017-08-14 19:49 ` Steven Rostedt
2017-08-14 19:51 ` Linus Torvalds
2017-08-15 7:13 ` Julia Lawall
2017-08-04 8:57 ` Julia Lawall
2017-08-04 11:27 ` Michael Kerrisk (man-pages)
2017-08-09 0:00 ` NeilBrown
2017-08-09 11:54 ` Laurent Pinchart
2017-08-14 20:07 ` Steven Rostedt
2017-08-09 20:21 ` Linus Torvalds
2017-08-11 6:21 ` NeilBrown
2017-08-11 6:39 ` Linus Torvalds
2017-08-11 8:02 ` NeilBrown
2017-08-11 23:10 ` Linus Torvalds
2017-08-14 4:19 ` NeilBrown [this message]
2017-08-14 18:34 ` Linus Torvalds
2017-08-14 18:40 ` Linus Torvalds
2017-08-14 23:23 ` Andy Lutomirski
2017-08-15 0:54 ` Linus Torvalds
2017-08-15 16:11 ` Andy Lutomirski
2017-08-15 18:26 ` Michael Kerrisk (man-pages)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o9riok6r.fsf@notabene.neil.brown.name \
--to=neilb@suse.com \
--cc=ksummit-discuss@lists.linuxfoundation.org \
--cc=luto@kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox