syz-fuzzer, syz-execprog: add -arch flag

arch flag specifies target arch, which can be different from GOARCH. For example, 386 executor with amd64 fuzzer.
author: Dmitry Vyukov <dvyukov@google.com> 2017-09-14 09:49:26 +0200
committer: Dmitry Vyukov <dvyukov@google.com> 2017-09-15 16:02:37 +0200
commit: c0cabacda7db153dcdb0940972a680296a9e56f3 (patch)
tree: f8d7182f5862bed821e8b6c3ea00fbf96b79276e
parent: c6d248ce95cf3e74ba38ca431ea4b018f75e1881 (diff)
4 files changed, 15 insertions, 6 deletions
diff --git a/pkg/repro/repro.go b/pkg/repro/repro.go
index 54c4a248a..c3aaa8a22 100644
--- a/pkg/repro/repro.go
+++ b/pkg/repro/repro.go
@@ -537,8 +537,10 @@ func (ctx *context) testProgs(entries []*prog.LogEntry, duration time.Duration,
 		}
 		program += "]"
 	}
-	command := fmt.Sprintf("%v -executor %v -cover=0 -procs=%v -repeat=%v -sandbox %v -threaded=%v -collide=%v %v",
-		inst.execprogBin, inst.executorBin, opts.Procs, repeat, opts.Sandbox, opts.Threaded, opts.Collide, vmProgFile)
+	command := fmt.Sprintf("%v -executor %v -arch=%v -cover=0 -procs=%v -repeat=%v"+
+		" -sandbox %v -threaded=%v -collide=%v %v",
+		inst.execprogBin, inst.executorBin, ctx.cfg.TargetArch, opts.Procs, repeat,
+		opts.Sandbox, opts.Threaded, opts.Collide, vmProgFile)
 	ctx.reproLog(2, "testing program (duration=%v, %+v): %s", duration, opts, program)
 	return ctx.testImpl(inst.Instance, command, duration)
 }
diff --git a/syz-fuzzer/fuzzer.go b/syz-fuzzer/fuzzer.go
index 467f176f5..25b84c85d 100644
--- a/syz-fuzzer/fuzzer.go
+++ b/syz-fuzzer/fuzzer.go
@@ -34,6 +34,7 @@ import (
 
 var (
 	flagName     = flag.String("name", "", "unique name for manager")
+	flagArch     = flag.String("arch", "", "target arch")
 	flagExecutor = flag.String("executor", "", "path to executor binary")
 	flagManager  = flag.String("manager", "", "manager rpc address")
 	flagProcs    = flag.Int("procs", 1, "number of parallel test processes")
@@ -105,7 +106,7 @@ func main() {
 	}
 	Logf(0, "fuzzer started")
 
-	if err := prog.SetDefaultTarget(runtime.GOOS, runtime.GOARCH); err != nil {
+	if err := prog.SetDefaultTarget(runtime.GOOS, *flagArch); err != nil {
 		Fatalf("%v", err)
 	}
 
@@ -835,6 +836,9 @@ func kmemleakScan(report bool) {
 //		First  - is the kcov device present in the system.
 //		Second - is the kcov device supporting comparisons.
 func checkCompsSupported() (kcov, comps bool) {
+	// TODO(dvyukov): this should run under target arch.
+	// E.g. KCOV ioctls were initially not supported on 386 (missing compat_ioctl),
+	// and a 386 executor won't be able to use them, but an amd64 fuzzer will be.
 	fd, err := syscall.Open("/sys/kernel/debug/kcov", syscall.O_RDWR, 0)
 	if err != nil {
 		return
diff --git a/syz-manager/manager.go b/syz-manager/manager.go
index 18b480e12..3d8933e81 100644
--- a/syz-manager/manager.go
+++ b/syz-manager/manager.go
@@ -512,8 +512,10 @@ func (mgr *Manager) runInstance(index int) (*Crash, error) {
 	start := time.Now()
 	atomic.AddUint32(&mgr.numFuzzing, 1)
 	defer atomic.AddUint32(&mgr.numFuzzing, ^uint32(0))
-	cmd := fmt.Sprintf("%v -executor=%v -name=vm-%v -manager=%v -procs=%v -leak=%v -cover=%v -sandbox=%v -debug=%v -v=%d",
-		fuzzerBin, executorBin, index, fwdAddr, procs, leak, mgr.cfg.Cover, mgr.cfg.Sandbox, *flagDebug, fuzzerV)
+	cmd := fmt.Sprintf("%v -executor=%v -name=vm-%v -arch=%v -manager=%v -procs=%v"+
+		" -leak=%v -cover=%v -sandbox=%v -debug=%v -v=%d",
+		fuzzerBin, executorBin, index, mgr.cfg.TargetArch, fwdAddr, procs,
+		leak, mgr.cfg.Cover, mgr.cfg.Sandbox, *flagDebug, fuzzerV)
 	outc, errc, err := inst.Run(time.Hour, mgr.vmStop, cmd)
 	if err != nil {
 		return nil, fmt.Errorf("failed to run fuzzer: %v", err)
diff --git a/tools/syz-execprog/execprog.go b/tools/syz-execprog/execprog.go
index 37360c7f0..53fcbb8ca 100644
--- a/tools/syz-execprog/execprog.go
+++ b/tools/syz-execprog/execprog.go
@@ -28,6 +28,7 @@ import (
 )
 
 var (
+	flagArch      = flag.String("arch", runtime.GOARCH, "target arch")
 	flagExecutor  = flag.String("executor", "./syz-executor", "path to executor binary")
 	flagCoverFile = flag.String("coverfile", "", "write coverage to the file")
 	flagRepeat    = flag.Int("repeat", 1, "repeat execution that many times (0 for infinite loop)")
@@ -46,7 +47,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err := prog.SetDefaultTarget(runtime.GOOS, runtime.GOARCH); err != nil {
+	if err := prog.SetDefaultTarget(runtime.GOOS, *flagArch); err != nil {
 		Fatalf("%v", err)
 	}
author	Dmitry Vyukov <dvyukov@google.com>	2017-09-14 09:49:26 +0200
committer	Dmitry Vyukov <dvyukov@google.com>	2017-09-15 16:02:37 +0200
commit	c0cabacda7db153dcdb0940972a680296a9e56f3 (patch)
tree	f8d7182f5862bed821e8b6c3ea00fbf96b79276e
parent	c6d248ce95cf3e74ba38ca431ea4b018f75e1881 (diff)