Re: WARNING in __rcu_read_unlock

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Stefano Brivio <sbrivio@redhat.com>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>,
	Arjan van de Ven <arjan@linux.intel.com>,
	"Paul E. McKenney" <paulmck@linux.ibm.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	Josh Triplett <josh@joshtriplett.org>,
	LKML <linux-kernel@vger.kernel.org>,
	Ingo Molnar <mingo@kernel.org>,
	syzkaller-bugs <syzkaller-bugs@googlegroups.com>,
	netdev <netdev@vger.kernel.org>,
	Cong Wang <xiyou.wangcong@gmail.com>,
	Xin Long <lucien.xin@gmail.com>
Subject: Re: WARNING in __rcu_read_unlock
Date: Tue, 18 Dec 2018 15:12:58 +0100	[thread overview]
Message-ID: <20181218151258.38796e76@redhat.com> (raw)
In-Reply-To: <CACT4Y+az3--Y2f0OKSbF0kxwckdkKSASVog=XkX=+cXCt5r3ew@mail.gmail.com>

[Dropping syzbot from Cc:]

On Tue, 18 Dec 2018 14:26:00 +0100
Dmitry Vyukov <dvyukov@google.com> wrote:

> On Tue, Dec 18, 2018 at 1:40 PM Stefano Brivio <sbrivio@redhat.com>
> wrote:
>
> > Maybe it would be nice to have a semi-automated way to isolate and
> > describe/name specific conditions found by syzbot via fuzzing and
> > turn those into tests that are then repeated periodically. I'm not
> > sure how that would look like, but I think it's still more
> > maintainable than a pile of C reproducers with forged packets in
> > selftests/net.  
> 
> It would be nice to do something like this. Filed
> https://github.com/google/syzkaller/issues/884
> However, there are few open questions that I am not sure how to
> resolve yet...

I don't have a github account, so let me comment on your questions here:

> 1. How to effectively fetch so many repros from datastore without
> hitting timeouts? We probably need to limit this to 1 repro per bug,
> but still that's many repros.

I guess this would be less of a problem if reproducers are selected
based on input from developers, instead of just taking all the
reproducers. E.g. one could answer a report with something like:

	#syz regression-test: <name>
	<description>

in this case I would have answered:

	#syz regression-test: icmp-udp-in-gue-recursion
	ICMP exceptions on UDP direct encapsulation in GUE

and something could be automatically appended to the test name,
perhaps e-mail and date. It would also be nice to be able to undo
this and delete a regression test.

> 2. Do we need some sorting based on namespace? E.g. stable releases
> may not include fixes for bugs fixed in upstream, then we will just
> crash lots of kernels in vain.

Same here, I guess developer input might help, but I'm not sure how to
formalise this.

> 3. syzkaller repros depend on exact syzkaller revision, new syzkaller
> won't be able to use old repros. Using C repros is much harder and
> they are not present for all bugs. Not sure what to do here.

Would it make a difference if you could use the "syz" reproducers and
translate them to C reproducer only once needed?

-- 
Stefano

next prev parent reply	other threads:[~2018-12-18 14:13 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-12-15 12:41 WARNING in __rcu_read_unlock syzbot
2018-12-16 19:04 ` Paul E. McKenney
2018-12-17  9:44   ` Dmitry Vyukov
2018-12-17 11:29     ` Paul E. McKenney
2018-12-17 13:07       ` Dmitry Vyukov
2018-12-17 14:14       ` Arjan van de Ven
2018-12-17 14:40         ` Dmitry Vyukov
2018-12-17 14:49           ` Paul E. McKenney
2018-12-17 14:57           ` Eric Dumazet
2018-12-17 14:59             ` Stefano Brivio
2018-12-17 15:11               ` Dmitry Vyukov
2018-12-17 15:24             ` Stefano Brivio
2018-12-17 15:53               ` Dmitry Vyukov
2018-12-17 23:18                 ` Stefano Brivio
2018-12-18  8:49                   ` Dmitry Vyukov
2018-12-18 12:40                     ` Stefano Brivio
2018-12-18 13:26                       ` Dmitry Vyukov
2018-12-18 14:02                         ` Paul E. McKenney
2018-12-18 14:12                         ` Stefano Brivio [this message]
2018-12-18 16:05                           ` Dmitry Vyukov
2018-12-19  4:12                       ` Cong Wang
2018-12-17 18:21               ` Stefano Brivio
2018-12-17 18:45                 ` Dmitry Vyukov
2018-12-17 19:56                   ` Paul E. McKenney

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181218151258.38796e76@redhat.com \
    --to=sbrivio@redhat.com \
    --cc=akpm@linux-foundation.org \
    --cc=arjan@linux.intel.com \
    --cc=dvyukov@google.com \
    --cc=eric.dumazet@gmail.com \
    --cc=josh@joshtriplett.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucien.xin@gmail.com \
    --cc=mingo@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=paulmck@linux.ibm.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=xiyou.wangcong@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.