On Tue, Apr 14, 2020 at 1:59 PM Qian Cai <cai@xxxxxx> wrote: > > On Apr 14, 2020, at 7:13 AM, Dmitry Vyukov <dvyukov@xxxxxxxxxx> wrote: > > > > How do these use-after-free's and locking bugs get past the > > unit-testing systems (which syzbot is not) and remain unnoticed for so > > long?... > > syzbot uses the dumbest VMs (GCE), so everything it triggers during > > boot should be triggerable pretty much everywhere. > > There are many reasons that any early testing would not be able to catch ALL the syzbot blockers. > > The Kconfigs are different. For example, I don’t have openvswitch enabled, so would miss that ovs rcu-list lockdep warning. Same for that use-after-free in net/bluetooth and a warning in sound subsystem. > > But, notifying Linux-next ML is a good start, so at least we could ask Paul or Steve to pull out the commit which enabling rcu-list debugging by default with PROVE_RCU. > > I learned through that restricted kconfig to some degree of minimal could save a lot of troubles late on especially those options that I have no way to exercise like net/bluetooth and sound currently. It is going to be extra works though because those default options in Linux-next or even defconfigs are not always pleasant and would want to enable something I don’t need if not given human intervention. We only try to enable what we can reach. There is significant reach for sound and net/bluetooth even without any hardware. So I would assume generic testing systems like KernelCI, LKFT, CKI should enable these as well. Hopefully we don't have all of the sound and net/bluetooth completely untested in linux-next.
