[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20190726155732.GA30211@e109758.arm.com>
Date: Fri, 26 Jul 2019 16:57:32 +0100
From: Catalin Marinas <catalin.marinas@....com>
To: Dmitry Vyukov <dvyukov@...gle.com>
Cc: syzbot <syzbot+a871c1e6ea00685e73d7@...kaller.appspotmail.com>,
alexandre.belloni@...e-electrons.com,
LKML <linux-kernel@...r.kernel.org>,
Linux-MM <linux-mm@...ck.org>, nicolas.ferre@...el.com,
Rob Herring <robh@...nel.org>, sre@...nel.org,
syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: Re: memory leak in vq_meta_prefetch
On Fri, Jul 26, 2019 at 05:20:55PM +0200, Dmitry Vyukov wrote:
> On Fri, Jul 26, 2019 at 3:00 PM Catalin Marinas <catalin.marinas@....com> wrote:
> > On Wed, Jul 24, 2019 at 12:18:07PM -0700, syzbot wrote:
> > > syzbot found the following crash on:
> > >
> > > HEAD commit: c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
> > > git tree: upstream
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=15fffef4600000
> > > kernel config: https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=a871c1e6ea00685e73d7
> > > compiler: gcc (GCC) 9.0.0 20181231 (experimental)
> > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=127b0334600000
> > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12609e94600000
> > >
> > > The bug was bisected to:
> > >
> > > commit 0e5f7d0b39e1f184dc25e3adb580c79e85332167
> > > Author: Nicolas Ferre <nicolas.ferre@...el.com>
> > > Date: Wed Mar 16 13:19:49 2016 +0000
> > >
> > > ARM: dts: at91: shdwc binding: add new shutdown controller documentation
> >
> > That's another wrong commit identification (a documentation patch should
> > not cause a memory leak).
> >
> > I don't really think kmemleak, with its relatively high rate of false
> > positives, is suitable for automated testing like syzbot. You could
>
> Do you mean automated testing in general, or bisection only?
> The wrong commit identification is related to bisection only, but you
> generalized it to automated testing in general. So which exactly you
> mean?
I probably meant both. In terms of automated testing and reporting, if
the false positives rate is high, people start ignoring the reports. So
it requires some human checking first (or make the tool more robust).
W.r.t. bisection, the false negatives (rather than positives) will cause
the tool to miss the problematic commit and misreport. I'm not sure you
can make the reporting deterministic on successive runs given that you
changed the kernel HEAD (for bisection). But it may get better if you
have a "stopscan" kmemleak option which freezes the machine during
scanning (it has been discussed in the past but I really struggle to
find time to work on it; any help appreciated ;)).
--
Catalin
Powered by blists - more mailing lists