Re: Report 2 in ext4 and journal based on v5.17-rc1

From: Theodore Ts'o
Date: Sun Mar 06 2022 - 09:19:43 EST

Next message: Guilherme G. Piccoli: "Re: [PATCH V4] notifier/panic: Introduce panic_notifier_filter"
Previous message: Xiaomeng Tong: "Re: [PATCH 2/6] list: add new MACROs to make iterator invisiable outside the loop"
In reply to: Byungchul Park: "Re: Report 2 in ext4 and journal based on v5.17-rc1"
Next in thread: Jan Kara: "Re: Report 2 in ext4 and journal based on v5.17-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Mar 06, 2022 at 07:51:42PM +0900, Byungchul Park wrote:
> >
> > Users of DEPT must not have to understand how DEPT works in order to
>
> Users must not have to understand how Dept works for sure, and haters
> must not blame things based on what they guess wrong.

For the record, I don't hate DEPT. I *fear* that DEPT will result in
my getting spammed with a huge number of false posiives once automated
testing systems like Syzkaller, zero-day test robot, etcs., get a hold
of it once it gets merged and start generating hundreds of automated
reports.

And when I tried to read the DEPT reports, and the DEPT documentation,
and I found that its explanation for why ext4 had a circular
dependency simply did not make sense. If my struggles to understand
why DEPT was issuing a false positive is "guessing", then how do we
have discussions over how to make DEPT better?

> > called prepare-to-wait on more than one wait queue, how is DEPT going
> > to distinguish between your "morally correct" wkaeup source, and the
> > "rescue wakeup source"?
>
> Sure, it should be done manually. I should do it on my own when that
> kind of issue arises.

The question here is how often will it need to be done, and how easy
will it be to "do it manually"? Suppose we mark all of the DEPT false
positives before it gets merged? How easy will it be able to suppress
future false positives in the future, as the kernel evolves?

Perhaps one method is to haved a way to take a particular wait queue,
or call to schedule(), or at the level of an entire kernel source
file, and opt it out from DEPT analysis? That way, if DEPT gets
merged, and a maintainer starts getting spammed by bogus (or
incomprehensible) reports, there is a simople way they can annotate
their source code to prevent DEPT from analyzing code that it is
apparently not able to understand correctly.

That way we don't necessarily need to have a debate over how close to
zero percent false positives is necessary before DEPT can get merged.
And we avoid needing to force maintainers to prove that a DEPT report
is a false positive, which is from my experience hard to do, since
they get accused of being DEPT haters and not understanding DEPT.

- Ted

Next message: Guilherme G. Piccoli: "Re: [PATCH V4] notifier/panic: Introduce panic_notifier_filter"
Previous message: Xiaomeng Tong: "Re: [PATCH 2/6] list: add new MACROs to make iterator invisiable outside the loop"
In reply to: Byungchul Park: "Re: Report 2 in ext4 and journal based on v5.17-rc1"
Next in thread: Jan Kara: "Re: Report 2 in ext4 and journal based on v5.17-rc1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]