On Tue, Sep 15, 2020 at 6:57 PM Dmitry Vyukov [off-list ref] wrote:

On Tue, Sep 15, 2020 at 3:23 PM Himadri Pandya [off-list ref] wrote:

quoted

quoted

quoted

quoted

Hi,

Is it correct to mark bugs as "invalid" if they have reproducers but
the reproducer doesn't trigger any issue on testing current status? If
not, then what should be done about such bugs?

Thanks & Regards,
Himadri

Himadri,

if possible try to determine which commit fixed the issue the
reproducer triggered.

You can potentially bisect with the reproducer on the git history or
you can simply look in the git log of the affected files if someone
mentioned fixing something related to the trigger.

That helps to make sure we do not just close reproducers that just
need a lot of time, configuration or luck to hit a certain crash.

Hi Himadri,

Basically what Lukas said.
Bulk closing all of them as "invalid" would be bad for several
reasons. Either do some reasonable amount of degging, or wait for
syzbot fix bisection, maybe it will shed some light. It should happen
after 30 days since last crash IIRC. Also all testing requests/results
are shown on the dashboard, so this bit of information is not lost.

Understood.

I incorrectly assumed(before posting this question) that I should mark
such bugs as invalid and sent the command to syzbot for one such bug.
Now I understand that it was not the right thing. It doesn't show on
the dashboard and I don't know how to undo it :(.

Bug's dashboard link -
https://syzkaller.appspot.com/bug?id=4c7fd5b46451d957a3d8188f393f1982f9753fe7

Hi Himadri,

Transitions to terminal states are not undo-able. Consider the same
bug is rediscovered concurrently with one undoing "#syz invalid". Now
we have 2 versions of the same bug and it will be an incomprehensible
mess.

Understood. My sincerest apologies for being naive.

My assumption was that commands like "invalid" are similar to the
action of submitting a patch, it would generate some discussion about
the bug and if it is really invalid, someone with authority(like
maintainers) would actually go and mark it as "invalid". I was clearly
mistaken. But if we don't have any gatekeeping on such commands and
anyone can directly change the status of the bug by merely sending an
email to syzbot, isn't it a security issue?

Himadri

But marking one bug in such a way is not the end of the world. We have
other real bugs marked as invalid. So no worries.

_______________________________________________
Linux-kernel-mentees mailing list
Linux-kernel-mentees@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees