Linux-USB Archive on lore.kernel.org
 help / color / Atom feed
From: Andrey Konovalov <andreyknvl@google.com>
To: Oliver Neukum <oneukum@suse.com>, Dmitry Vyukov <dvyukov@google.com>
Cc: syzkaller-bugs <syzkaller-bugs@googlegroups.com>,
	steve_bayless@keysight.com,
	Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	guido.kiener@rohde-schwarz.com,
	syzbot <syzbot+55b0304b360654a7537b@syzkaller.appspotmail.com>,
	USB list <linux-usb@vger.kernel.org>
Subject: Re: divide error in usbtmc_generic_read
Date: Mon, 19 Aug 2019 17:40:38 +0200
Message-ID: <CAAeHK+xum44QNGCgnFc-W69AfA4Rt1hEiRc4SrSWhFfqhhuf0A@mail.gmail.com> (raw)
In-Reply-To: <1566222541.5663.27.camel@suse.com>

On Mon, Aug 19, 2019 at 3:49 PM Oliver Neukum <oneukum@suse.com> wrote:
>
> Am Montag, den 19.08.2019, 15:18 +0200 schrieb Andrey Konovalov:
> > On Mon, Aug 19, 2019 at 3:09 PM Oliver Neukum <oneukum@suse.com> wrote:
> > >
> > > Am Montag, den 19.08.2019, 14:43 +0200 schrieb Andrey Konovalov:
> > > > On Mon, Aug 19, 2019 at 2:37 PM Oliver Neukum <oneukum@suse.com> wrote:
> > > > > The original error was a divide by zero. The first fix fixed that
> > > > > but still another error showed up. If I propose a fix there are
> > > > > other possibilities besides it working.
> > > > >
> > > > > I could have no effect on the original bug or my fix breaks
> > > > > something else and KASAN is making no difference between
> > > > > those cases.
> > > >
> > > > I think you mean syzbot here and not KASAN. Do I understand correctly,
> > > > that you're saying that the original report was
> > >
> > > Yes, sorry syzbot.
> > >
> > > > divide-by-zero, but
> > > > when you requested to test the patch the reproducer triggered a
> > > > use-after-free, and syzbot didn't treat the patch you provided as a
> > > > correct fix?
> > >
> > > No, obviously there is still a bug. What I would like syzbot to have
> > > would be a third category: inconclusive.
> > > Seeing another bug instead may also mean the first bug struck
> > > before the second could ever happen. We just lack data to tell.
> >
> > OK, I see. The exact words that syzbot uses in this case are "syzbot
> > has tested the proposed patch but the reproducer still triggered
> > crash". What would you like to see instead?
> >
>
> "syzbot has tested the proposed patch but the reproducer triggered
> another crash" would make it clearer.

This implies that we can differentiate between different crashes. We
can differentiate between different manifestations of crashes, but
those can be caused by the same bug. I think we can remove the word
"still" though, so the words will be: "syzbot has tested the proposed
patch, but the reproducer triggered a crash".

Dmitry, WDYT?

  reply index

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-08-14 11:38 syzbot
2019-08-14 13:25 ` Oliver Neukum
2019-08-14 13:38   ` syzbot
2019-08-14 13:52     ` Andrey Konovalov
2019-08-15 13:31     ` Oliver Neukum
2019-08-19 12:17       ` Andrey Konovalov
2019-08-19 12:37         ` Oliver Neukum
2019-08-19 12:43           ` Andrey Konovalov
2019-08-19 13:09             ` Oliver Neukum
2019-08-19 13:18               ` Andrey Konovalov
2019-08-19 13:49                 ` Oliver Neukum
2019-08-19 15:40                   ` Andrey Konovalov [this message]
2019-08-20  9:01                     ` Oliver Neukum
2019-08-15 14:28 ` Oliver Neukum
2019-08-15 14:48   ` syzbot
2019-11-19 13:35 ` Andrey Konovalov

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAeHK+xum44QNGCgnFc-W69AfA4Rt1hEiRc4SrSWhFfqhhuf0A@mail.gmail.com \
    --to=andreyknvl@google.com \
    --cc=dvyukov@google.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=guido.kiener@rohde-schwarz.com \
    --cc=linux-usb@vger.kernel.org \
    --cc=oneukum@suse.com \
    --cc=steve_bayless@keysight.com \
    --cc=syzbot+55b0304b360654a7537b@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-USB Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-usb/0 linux-usb/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-usb linux-usb/ https://lore.kernel.org/linux-usb \
		linux-usb@vger.kernel.org
	public-inbox-index linux-usb

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-usb


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git