MIME-Version: 1.0
In-Reply-To: <CAG_fn=WpeCq70LGqt+GiYDSO72uvNWYndG+rGyMJzVuaFUcNQw@mail.gmail.com>
References: <20170322160647.32032-1-aryabinin@virtuozzo.com>
 <CAAeHK+zt9U+_8o4-k1mTvHsNTVGnKbzy7jVz2jn=TkNFf2neHQ@mail.gmail.com>
 <cbb22acb-1228-0f7b-c7a0-5822ea721b3f@virtuozzo.com> <CAAeHK+zAt=iim4SoU5U8cD8i_yYoC_HGVKSvBGBgEO15KdZEPg@mail.gmail.com>
 <CAG_fn=WpeCq70LGqt+GiYDSO72uvNWYndG+rGyMJzVuaFUcNQw@mail.gmail.com>
From: Dmitry Vyukov <dvyukov@google.com>
Date: Wed, 22 Mar 2017 18:42:53 +0100
Message-ID: <CACT4Y+Zh7fVnds9gssD393_vLYimDsubkFXY1H6gVpBxoVUJKA@mail.gmail.com>
Subject: Re: [PATCH] kasan: report only the first error
To: Alexander Potapenko <glider@google.com>
Cc: Andrey Konovalov <andreyknvl@google.com>,
        Andrey Ryabinin <aryabinin@virtuozzo.com>,
        Andrew Morton <akpm@linux-foundation.org>,
        Mark Rutland <mark.rutland@arm.com>,
        kasan-dev <kasan-dev@googlegroups.com>,
        Linux Memory Management List <linux-mm@kvack.org>,
        LKML <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
Content-Transfer-Encoding: 8bit
Content-Length: 2441
Lines: 65

On Wed, Mar 22, 2017 at 6:33 PM, Alexander Potapenko <glider@google.com> wrote:
> On Wed, Mar 22, 2017 at 6:07 PM, Andrey Konovalov <andreyknvl@google.com> wrote:
>> On Wed, Mar 22, 2017 at 5:54 PM, Andrey Ryabinin
>> <aryabinin@virtuozzo.com> wrote:
>>> On 03/22/2017 07:34 PM, Andrey Konovalov wrote:
>>>> On Wed, Mar 22, 2017 at 5:06 PM, Andrey Ryabinin
>>>> <aryabinin@virtuozzo.com> wrote:
>>>>> Disable kasan after the first report. There are several reasons for this:
>>>>>  * Single bug quite often has multiple invalid memory accesses causing
>>>>>     storm in the dmesg.
>>>>>  * Write OOB access might corrupt metadata so the next report will print
>>>>>     bogus alloc/free stacktraces.
>>>>>  * Reports after the first easily could be not bugs by itself but just side
>>>>>     effects of the first one.
>>>>>
>>>>> Given that multiple reports only do harm, it makes sense to disable
>>>>> kasan after the first one. Except for the tests in lib/test_kasan.c
>>>>> as we obviously want to see all reports from test.
>>>>
>>>> Hi Andrey,
>>>>
>>>> Could you make it configurable via CONFIG_KASAN_SOMETHING (which can
>>>> default to showing only the first report)?
>>>
>>> I'd rather make this boot time configurable, but wouldn't want to without
>>> a good reason.
>>
>> That would work for me.

Also note that KASAN now supports panic_on_warn=1, which achieves more
or less the same. Of course, WARNINGs may be not that bad, but KASAN
reports may be not tool bad as well (e.g. off-by-one reads).


>>>> I sometimes use KASAN to see what bad accesses a particular bug
>>>> causes, and seeing all of them (even knowing that they may be
>>>> corrupt/induced) helps a lot.
>>>
>>> I'm wondering why you need to see all reports?
>>
>> To get a better picture of what are the consequences of a bug. For
>> example whether it leads to some bad or controllable memory
>> corruption. Sometimes it's easier to let KASAN track the memory
>> accesses then do that manually.
> Another case is when you're seeing an OOB read at boot time, which has
> limited impact, and you don't want to wait for the code owner to fix
> it to move forward.
>>>
>>>>
>>>> Thanks!
>>>>
>
>
>
> --
> Alexander Potapenko
> Software Engineer
>
> Google Germany GmbH
> Erika-Mann-Straße, 33
> 80636 München
>
> Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle
> Registergericht und -nummer: Hamburg, HRB 86891
> Sitz der Gesellschaft: Hamburg