Re: Debian kernel testing on syzbot

To: Dmitry Vyukov <dvyukov@google.com>, debian-kernel@lists.debian.org, Salvatore Bonaccorso <carnil@debian.org>
Cc: Aleksandr Nogikh <nogikh@google.com>, Taras Madan <tarasmadan@google.com>, Ragh Srinivasan <raghsriniv@google.com>, Alexander Potapenko <glider@google.com>, Marco Elver <elver@google.com>
Subject: Re: Debian kernel testing on syzbot
From: Ben Hutchings <ben@decadent.org.uk>
Date: Sun, 16 Jul 2023 19:47:11 +0200
Message-id: <[🔎] 0d0906b734c1301d3ae73344dc3ed9ff5bc24dbf.camel@decadent.org.uk>
In-reply-to: <CACT4Y+Zzt3wYE1azwCB1pJsTGi7aeUZ0i+tGRWgCedd2rr3aMw@mail.gmail.com>
References: <CACT4Y+YSwEL5muFY1mwgE+5zoMByhFnVWUjeFGxcU9XhQ-v+KQ@mail.gmail.com> <CACT4Y+Zzt3wYE1azwCB1pJsTGi7aeUZ0i+tGRWgCedd2rr3aMw@mail.gmail.com>

On Wed, 2023-06-28 at 10:26 +0200, Dmitry Vyukov wrote:
> On Thu, 22 Jun 2023 at 16:46, Dmitry Vyukov <dvyukov@google.com> wrote:
> > 
> > Hello,
> > 
> > Our team works on syzkaller/syzbot kernel fuzzer:
> > https://github.com/google/syzkaller
> > https://github.com/google/syzkaller/blob/master/docs/syzbot.md
> > 
> > Currently we test the upstream kernel and recent LTS releases:
> > https://syzkaller.appspot.com/upstream
> > https://syzkaller.appspot.com/linux-6.1
> > https://syzkaller.appspot.com/linux-5.15
> > and report bugs to upstream developers:
> > https://groups.google.com/g/syzkaller-bugs
> > 
> > Due to Debian's relevance as one of the most widely used Linux
> > distributions, we plan to test the Debian kernel as well.
> > 
> > We were thinking about testing the "testing" release only initially.
> > Or do you have other suggestions here?

If you want to find issues affecting the next release, then that's the
right choice.  But if you want to find issues that still need fixes
uploaded, then "unstable" is the right choice.  Any fixes in testing
need to go via unstable.

> > Do you want bugs to be reported privately first (to some closed
> > mailing list) with some embargo? Or do we make them public (visible on
> > syzbot dashboard) right away as we do for upstream/LTS?
> 
> +Ben, you were pointed out as the person to provide "the official" response :)

I'm just one person on the kernel team, and not the most active at the
moment.  Salvatore Bonaccorso is doing most of the security updates.

> To clarify: we are not asking nor imply that anybody will actually act
> in any way on the reported bugs. I mean anybody is welcome to, but
> don't have to.
> We can also just create a public web dashboard (+new opt-in mailing
> list), if that's what we agree on here.
> 
> And if there is an active interest in acting on the reports, we can
> also test the unstable release (that's the better place to fix,
> right).

If syzbot is able to distinguish bugs that are reproducible on Debian
patched kernels but not in the corresponding stable releases, I think
that would be very useful to us.  My guess is that this would be a
manageable rate of bugs and we could receive those privately.  What do
you think, Salvatore?

If this isn't possible, then it's unlikely we will have the time to
look at the issues.  You can create a public web dashboard but I don't
know if that's going to help anyone.

Ben.

-- 
Ben Hutchings
Theory and practice are closer in theory than in practice - John Levine

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: Debian kernel testing on syzbot
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#1041160: linux-image-6.3.0-2-amd64: no pairing with 6.3.0.1 possible
Next by Date: Bug#1040343: linux-image-5.10.0-9-amd64: Kernel silenty de-supported nfsv3 UDP mounts
Previous by thread: Re: Debian kernel testing on syzbot
Next by thread: Re: Debian kernel testing on syzbot
Index(es):
- Date
- Thread