lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 26 Jul 2019 18:26:08 +0200
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Catalin Marinas <catalin.marinas@....com>
Cc:     syzbot <syzbot+a871c1e6ea00685e73d7@...kaller.appspotmail.com>,
        alexandre.belloni@...e-electrons.com,
        LKML <linux-kernel@...r.kernel.org>,
        Linux-MM <linux-mm@...ck.org>, nicolas.ferre@...el.com,
        Rob Herring <robh@...nel.org>, sre@...nel.org,
        syzkaller-bugs <syzkaller-bugs@...glegroups.com>
Subject: Re: memory leak in vq_meta_prefetch

On Fri, Jul 26, 2019 at 6:15 PM Catalin Marinas <catalin.marinas@....com> wrote:
> > > > > On Wed, Jul 24, 2019 at 12:18:07PM -0700, syzbot wrote:
> > > > > > syzbot found the following crash on:
> > > > > >
> > > > > > HEAD commit:    c6dd78fc Merge branch 'x86-urgent-for-linus' of git://git...
> > > > > > git tree:       upstream
> > > > > > console output: https://syzkaller.appspot.com/x/log.txt?x=15fffef4600000
> > > > > > kernel config:  https://syzkaller.appspot.com/x/.config?x=8de7d700ea5ac607
> > > > > > dashboard link: https://syzkaller.appspot.com/bug?extid=a871c1e6ea00685e73d7
> > > > > > compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
> > > > > > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=127b0334600000
> > > > > > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=12609e94600000
> > > > > >
> > > > > > The bug was bisected to:
> > > > > >
> > > > > > commit 0e5f7d0b39e1f184dc25e3adb580c79e85332167
> > > > > > Author: Nicolas Ferre <nicolas.ferre@...el.com>
> > > > > > Date:   Wed Mar 16 13:19:49 2016 +0000
> > > > > >
> > > > > >     ARM: dts: at91: shdwc binding: add new shutdown controller documentation
> > > > >
> > > > > That's another wrong commit identification (a documentation patch should
> > > > > not cause a memory leak).
> > > > >
> > > > > I don't really think kmemleak, with its relatively high rate of false
> > > > > positives, is suitable for automated testing like syzbot. You could
> > > >
> > > > Do you mean automated testing in general, or bisection only?
> > > > The wrong commit identification is related to bisection only, but you
> > > > generalized it to automated testing in general. So which exactly you
> > > > mean?
> > >
> > > I probably meant both. In terms of automated testing and reporting, if
> > > the false positives rate is high, people start ignoring the reports. So
> > > it requires some human checking first (or make the tool more robust).
> [...]
> > Do you have any data points wrt automated testing in general? This
> > disagrees with what I see.
>
> I'm fine with automated testing in general. Just that automated
> reporting for kmemleak could be improved a bit to reduce the false
> positives (e.g. run it a few times to confirm that it is a real leak).


I did a bunch of various external measures in syzkaller to improve
kmemleak quality. As far as I see the current rate is close to 100%
true positives. We already have 40 leaks (>50%) fixed.

Though, kmemleak can be improved too (stop-the-world, etc what we
discussed). That would make kmemleak directly usable e.g. during
unit-testing, something that's badly needed for kernel.


> Just to be clear, I'm not talking about syzbot in general, it's a great
> tool, only about improving kmemleak reporting and bisecting.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ