lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180115130836.GA1408@amd>
Date:   Mon, 15 Jan 2018 14:08:36 +0100
From:   Pavel Machek <pavel@....cz>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     Mike Galbraith <efault@....de>,
        LKML <linux-kernel@...r.kernel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        syzkaller <syzkaller@...glegroups.com>
Subject: Re: LKML admins (syzbot emails are not delivered)

On Mon 2018-01-15 11:08:12, Dmitry Vyukov wrote:
> On Thu, Jan 4, 2018 at 12:18 PM, Pavel Machek <pavel@....cz> wrote:
> > On Thu 2018-01-04 12:09:26, Dmitry Vyukov wrote:
> >> On Thu, Jan 4, 2018 at 10:56 AM, Pavel Machek <pavel@....cz> wrote:
> >> >> On Thu, 2018-01-04 at 10:25 +0100, Pavel Machek wrote:
> >> >> > Hi!
> >> >> > >
> >> >> > > Some of syzbot emails don't appear on LKML mailing lists, while they
> >> >> > > were mailed as any other emails. Here are few examples:
> >> >> > >
> >> >> > > "KASAN: use-after-free Read in rds_tcp_dev_event"
> >> >> > > https://groups.google.com/d/msg/syzkaller-bugs/nEeIAsNLWL4/1GzamOmRAwAJ
> >> >> > >
> >> >> > > "general protection fault in __wake_up_common"
> >> >> > > https://groups.google.com/d/msg/syzkaller-bugs/4TrrZ0bIViw/rBcYLUJHAgAJ
> >> >> > >
> >> >> > > Does anybody know how to get in contact with real people behind LKML
> >> >> > > and/or bugzilla?
> >> >> >
> >> >> > Not delivering syzbot emails might be good thing?
> >> >>
> >> >> Nah, the thing is finding and reporting bugs just like a human would,
> >> >> it just doesn't need sleep etc, so sometimes reports more than humans
> >> >> can keep up with.  It needs a smarter brother.. but then again, maybe
> >> >> not, if bots start fixing things too, a lot of meatware hackers would
> >> >> have to go find real jobs.
> >> >
> >> > Sending random, unrepeatable Oopses to lkml is not what humans would
> >> > do, and perhaps not something bots should do, either.
> >>
> >>
> >> Hi Pavel,
> >>
> >> I've answered this question here in full detail. In short, this is
> >> useful and actionable.
> >> https://groups.google.com/d/msg/syzkaller/2nVn_XkVhEE/GjjfISejCgAJ
> >
> > I've already deleted many such reports from my lkml folder. It
> > definitely is below quality of normal bug reports.
> 
> 
> Pavel, if you point to exact deficiencies in the process and propose
> ways to improve it, we can turn this into a positive, constructive and
> actionable discussion.
> 
> In lots of cases (~50%) quality of syzbot reports is equal to human
> reports, or _higher_.
> It provides exact kernel commit, config, compiler, stand-alone C
> reproducer and a nice, symbolized report even with inline frames. You
> don't always get all of this from human reports.
> 
> In the remaining cases (no reproducer), quality of syzbot reports is
> the _same_ as for human reports.
> Say, your machine randomly crashes. You reboot it, but it crashes
> again after some time. You try to repeat what you did before the crash
> (say, opened a particular web page), but it does not reproduce the
> crash. But one way or another, it happened and it's a kernel bug

I have not seen a good quality report from syzbot, yet.

Normally, humans agregate test reports, and test patches etc. Can you
step between robot and lkml, and provide same services humans usually
provide?

Thanks,

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ