Re: [PATCH] KVM: X86: Fix scan ioapic use-before-initialization

[Paolo Bonzini]

On 27/12/18 17:59, Linus Torvalds wrote:
> So the issue seems to be that syzbot is simply not useful enough. It's
> output is too rough for people to take it seriously. You see how the
> report by Wei Wu then got traction, because Wei took a syzbot report
> and added some human background and distilled it down to not be
> "here's a big dump of random information".

We do take it seriously.  Usually the reports are relatively easy to
distill and fix, but when new random multi-threaded use-after-free
comes, doing the bisection in syzkaller might not work because they are
not deterministic in how much it takes to reproduce them.  So the only
way to process them is "look at when it started to happen and stare at
150 commits until you find the culprit", which is of course time
consuming even though the syzkaller script usually gives a clue of which
commit to look at.

I agree with Linus that the report is more or less useless except for
trivial bugs, but I'm not sure what can be done to improve it.  I do use
it for trivial bugs, and at the very least, having many different
reports obviously means "use-after-free" or "dangling pointer" or some
other kind of memory corruption.  I try to prioritize those, but theory
and practice are different.

Paolo