| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
./tools/syz-env bin/golangci-lint run ./... --fix
|
| |
|
|
|
| |
Otherwise we need to backport too many fix commits to address build/boot
errors.
|
| |
|
|
| |
They are shorter, more readable, and don't require temp vars.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The current common vcs interface and its implementations are designed to
support a very big number of situations (git modules, cleaning up
complex state, etc), which is too heavy and restrictive when we just
need a thin wrapper over the git command that supports a few basic
operations.
Refactor pkg/vcs to split out the wrapper code from the big git
implementation of the vcs.Repo interface.
Export the wrapper to enable reuse in other parts of the system.
|
| |
|
|
|
| |
Lint started warning about duplicate "gvisor" const in pkg/cover.
Add gvisor/starnix consts to sys/targets package to avoid duplication.
|
| |
|
|
|
|
|
| |
Bisection should not fail if the Kconfig or the baseline config have issues.
Broken kernel sources might lead to issues when parsing Kconfig, ignore this and
proceed with the original config. If the baseline config is not parseable,
proceed anyway as this is an optional parameter to begin with.
|
| |
|
|
|
|
|
|
|
| |
This should make syzkaller only fetch the commits relevant for further
processing. Also, specifying the exact commit/branch name to fetch
allows us to access commits from custom refs.
Test the new behaviour and double-check that remote tags fetch was not
broken.
|
| |
|
|
|
|
|
|
|
|
| |
For older bugs (or for bugs on stable trees), our cause bisection
strategy times out while trying to iterate over all reachable tags.
Try to be smarter and only take a subset of them, thus limiting the time
we spend detecting the bug-free release.
Closes #3376.
|
| |
|
|
|
|
| |
The transform() call is assumed to be idempotent, so let's also run it
before all predicate runs. It will ensure that we return exactly the
same config from getConfig() as the one that was actually tested.
|
| | |
|
| |
|
|
|
|
|
|
| |
It might be the case that the kernels that are being fuzzed on syz-ci
require their own backports to build/test older revisions during
bisection.
Let users specify it in the syz-ci config.
|
| |
|
|
|
|
| |
Factor out the code that cherry-picks missing fixes to a Linux repo.
Add two more commits that address issues with older kernel revisions.
|
| |
|
|
|
|
|
|
|
|
|
| |
1) Use the generic bisection implementation in pkg/bisect. It adds the
support of identifying several necessary config diffs at once.
2) For now, limit the number of minimization iterations to 6. It's a
lengthy process and we don't want to spend too much time doing this.
3) Bisect over leaf configuration options -- that is, those no other
config depends upon. This should make diff split during bisection
more reliable.
4) Save all intermediate configs to the debug files folder.
|
| |
|
|
|
|
|
|
|
|
| |
Refactor Minimize().
As a part of Minimize(), attempt to drop all unnecessary instrumentation
and test whether the kernel is still crashing.
This should reduce the number of irrelevant crashes during bisection and
thus increase bisection result quality.
|
| |
|
|
|
| |
The new linux_configs.go file will contain routines that manage
Linux-related configs.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We sometimes cherry-pick fixes to a bisected branch, for issues that
make large parts of history untestable. Previously we cherry-picked
if the fix commit hash isn't already present.
This is incorrect, as forks / lts trees may already cherry-picked the
fix. In this case the fix would be present, but not have the expected
hash. Unfortunately git doesn't have Change-Ids like gerrit, so there
is no great way to check if a fix is already present.
Instead we now just check whether any commit with the expected title
is present.
|
| |
|
|
|
| |
This was already the case before #3420. Using the default compiler so
far back was overly optimistic, as pointed out in #3814.
|
| |
|
|
|
|
|
|
|
|
| |
The buildroot images deployed after #2820 can only boot v4.19+ kernels.
This has caused lots of bad bisection results, see #3224. We either
need a new universal image or a kernel version dependant image
selection. For now we stop at v4.19+.
FATAL: kernel too old
[ 8.076311] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00007f00
|
| |
|
|
|
|
|
| |
This allows us to bisect at least recently introduced bugs, where the
manager that found the bug uses a non standard compiler. This is usefull
during development of a new sanitizer for which a compiler with
non-upstreamed patches is required.
|
| |
|
|
|
| |
Before we hardcoded bisection to use gcc, now the compiler family can
be configured in the bisection config.
|
| | |
|
| | |
|
| |
|
|
|
| |
We no longer support bisecting this far back anyhow. Plus the way this
checks for tags conflicts with future changes in this branch.
|
| |
|
|
|
|
| |
All bisections started failing with:
Compiler lacks asm-goto support.
Use gcc 10 for v5.9+.
|
| |
|
|
|
| |
Store config options identified using DebugTracer. Also change bisection
and configuration minimization code to use new DebugTracer.
|
| |
|
|
|
|
| |
Kconfig depends on the target arch.
Add target argument for Kconfig parsing.
Resolve $(SRCARCH) properly (previously we always assumed x86_64).
|
| |
|
|
|
|
| |
We currently detect v5.10-rc1 as v5.9 because we ignore -rc tags.
This makes it impossible to enable configs that were already added for v5.10.
Treat v5.10-rc1 as v5.10 already.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the new kconfig.Minimize for config minization
instead of the config-bisect.pl script.
This is mostly just deleting code.
Also update tests:
- minimization is now supposed to test the baseline config
(update "testos" stub accordingly)
- minimization is not supposed to return a config that does not build
(a reasonable config minimization procedure can't arrive to such config),
remove test that tests this
Update #2171
|
| |
|
|
|
|
|
| |
Use pkg/kconfig to make changes to .config.
We now have slightly more civilized way of messing with configs.
Update #2171
|
| |
|
|
|
|
|
|
|
|
| |
The pkg/vcs code assumed that we fully manage the repo
within an autonomous program. In particular it tried
to repair any errors by dropping and re-creating the repo.
This does not work well for command-line tools that work
with a user-provided repo. Add OptPrecious for such uses.
Update #2171
|
| |
|
|
|
|
|
| |
Add ReleaseTag method that returns last release tag
for the given commit.
Update #2171
|
| |
|
|
|
|
|
|
|
| |
This config is causing problems to kernel signature calculation. New
initramfs is generated as a part of every build. Due to this init.data
section containing this generated initramfs is differing between
builds causing signture being random number.
Signed-off-by: Jouni Hogander <jouni.hoegander@partner.bmw.de>
|
| |
|
|
|
|
|
| |
UBSAN is broken in multiple ways before v5.3, see:
https://github.com/google/syzkaller/issues/1523#issuecomment-696514105
Update #1523
|
| |
|
|
|
|
| |
Add option to use ccache in kernel builds.
Signed-off-by: Jouni Hogander <jouni.hoegander@partner.bmw.de>
|
| |
|
|
|
|
| |
Create a struct on pkg/vcs to store data of syzkaller email recipients
and update its users. The struct contains default name, email, and a
label to divide user into To and Cc when sending the emails.
|
| |
|
|
|
|
|
|
|
|
|
| |
config-bisect.pl uses bash-isms and can't run on non-linux.
It also silently ignores all errors which made failures
very obscure -- the script happily succeeds in presence
of any errors. So the test failed later reading .config.
Use "set -eu" to not fail silently.
Also trace all config-bisect.pl invocations and output.
good/bad decisions are important and we always log them
in the normal bisection.
|
| |
|
|
|
| |
That part is not linux-specific, move it to the common code.
The more code we have in the common code, the more code we can test.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Implement Linux kernel configuration bisection. Use bisected minimalistic
configuration in commit bisection. Utilizes config_bisect.pl script from Linux
kernel tree in bisection.
Modify syz-bisect to read in kernel.baseline_config. This is used as a "good"
configuration when bisection is run.
|
| |
|
|
|
|
|
|
|
| |
Jann pointed out that the frame pointer unwinder fails to unwind double
fault stacks. Switch to using the ORC unwinder instead.
https://www.kernel.org/doc/html/latest/x86/orc-unwinder.html
Suggested-by: Jann Horn <jannh@google.com>
|
| |
|
|
|
|
|
|
| |
We disabled it in configs, now also disable during bisection.
This config only adds debug output. It should not be enabled at all,
but it was accidentially enabled on some instances for some periods of time,
and kernel is boot-broken for prolonged ranges of commits with deadlock
which makes bisections take weeks.
|
| |
|
|
|
|
| |
BTF fails lots of builds with:
pahole version v1.9 is too old, need at least v1.13
Failed to generate BTF for vmlinux. Try to disable CONFIG_DEBUG_INFO_BTF.
|
| |
|
|
| |
Update #1441
|
| |
|
|
| |
Fixes #1532
|
| |
|
|
|
|
| |
We were almost there...
Update #1271
|
| |
|
|
|
| |
There are few more dynamic variables related to kernel release tagging.
Set these to known deterministic values.
|
| |
|
|
|
|
|
| |
All callers of EnvForCommit need the compiler path,
so move this logic into EnvForCommit to avoid duplication.
Also simplifies tests because test impl can now return
an empty compiler (which should be unused).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(note: incomplete change)
Refactor existing code as follows:
* Move reusable test utility functions from git_repo_test.go to
pkg/vcs/test_util.go and make them exported.
* Split Run() into Run()+runImpl().
* Change type of bisect.go:env.inst to `instance.BuilderTester`.
Change usage inside syz-testbuild/testbuild.go accordingly.
* Move most of linux.PreviousReleaseTags() into vcs/git.go as
git.previousReleaseTags().
* Allow build.CompilerIdentity to be mocked.
Introduce the following changes:
* instance.BuilderTester is an interface with methods
BuildSyzkaller()
BuildKernel()
Test()
NewEnv() now returns this interface.
* type testEnv implements instance.BuilderTester.
* type testBuilder implements builder interface. Add a entry into table
inside pkg/build/build.go:getBuilder() to return testBuilder object.
|
| |
|
|
| |
See https://groups.google.com/d/msg/syzkaller/mODXmnauUZM/HLZiO2UDBAAJ for context.
|
| |
|
|
| |
Update #501
|
