| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Fixes a build error for android-6.12 where llvm-link is not found.
|
| |
|
|
|
|
| |
It is required to build gvsior.
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
| |
Update our docker containers to Debian Trixie.
Fixes #6432
|
| |
|
|
|
|
|
| |
The needed Bazel version to build gVisor got bumped. However, instead of
doing the same bump in two places whenever this happens, we can simply
use bazelisk in syzkaller to determine which bazel version to use
automatically.
|
| | |
|
| |
|
|
|
| |
Add the new dependencies necessary for generating RUST=y Linux configs
and for building RUST=y kernels.
|
| |
|
|
|
|
|
| |
clang-15 is now the minimum required version, so we're already on the
verge of not being able to compile the Linux kernel.
But keep clang-15 anyway - it will be used during bisections.
|
| |
|
|
| |
"go mod go@1.23" updates go.mod to the latest 1.23.*.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Linux-next now offers a choice between using `CONFIG_GENDWARFKSYMS`
and `CONFIG_GENKSYMS`. See:
Docs: https://www.kernel.org/doc/html/next/kbuild/gendwarfksyms.html
Series: https://patchwork.kernel.org/project/linux-kbuild/list/?series=922143
We could either enforce CONFIG_GENKSYMS=y and keep things as they used
to be or we could add a libdw-dev dependency to the container and be
more flexible.
CONFIG_GENDWARFKSYMS offers a slight advantage in that it will be better
if/when we start fuzzing Rust code in the kernel.
|
| |
|
|
|
|
| |
As part of #5518, I'm adding fsck logs as annotation to the mounted
file system assets. For this, I need a variety of fsck-like commands in
the ci environment as well as eventually in the production environment.
|
| |
|
|
|
|
|
|
| |
ARM64 instances may require running QEMU, so add them to the container.
Do not install packages for MIPS/PPC/s390, as we currently do not need them.
Also fix a minor nit in the comment: Debian Bookworm seems to be providing
QEMU 7.2, not 7.4.
|
| |
|
|
|
|
| |
We need these changes to be available for syzkaller user.
Let's make it a system wide config to also enable it for root.
It'll be easier to copy-paste it later to syz-env (just in case).
|
| |
|
|
|
| |
Some builds require these tools and update-alternatives lets us use
these tools without hardcoding the LLVM version suffix.
|
| |
|
|
|
|
|
| |
Some commits don't live long remotely.
It sometimes happens we need them later to:
1. Merge coverage.
2. Mention during communication.
|
| |
|
|
| |
Use 1.22.7.
|
| |
|
|
|
| |
It enables us to use CloudRun.
The goal is to run syzkaller tools as a gcp job.
|
| |
|
|
| |
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
|
|
|
|
| |
Use llvm-addr2line instead of addr2line if it's available.
llvm-addr2line seems to be way faster than llvm-addr2line
and consumes less memory on syzbot's vmlinux.
Also move the detection logic to sys/targets since that's
where we generally do this type of logic. This also allows
to reuse addr2line binary in other packages if needed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
gVisor relies on eBPF since the following 2 commits, so libbpf-dev is
required when building:
- https://github.com/google/gvisor/commit/2ae19ffb
- https://github.com/google/gvisor/commit/f6d380ad
Without this change, syzkaller can't build gVisor and gets the following
error:
tools/xdp/cmd/bpf/redirect_host.ebpf.c:15:10: fatal error: 'bpf/bpf_endian.h' file not found
FAILED: Build did NOT complete successfully
|
| |
|
|
| |
1.22 release is expected in Feb 2024. We'll go 1.21 - 1.22 then.
|
| |
|
|
|
|
|
| |
qemu 7.4 (default for bookworm) is not able to boot syzbot's arm64 MTE
kernels.
Use qemu 8 from the backports instead.
|
| |
|
|
| |
These are required for building linux with LLVM=1.
|
| |
|
|
|
|
|
| |
Closes #3973.
As Python 2.7 is no longer present in the packages, build it directly in
Dockerfile. It's rather small and doesn't take much time.
|
| |
|
|
|
|
|
| |
gVisor requires at least 5.4.0.
Reported-by: syzbot+50dd4616360299e7de26@syzkaller.appspotmail.com
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
|
| |
The git version used in bullseye is too old and is not compatible with
Fuchsia. This change modifies the dockerfile to install git from
bullseye-backports, which is more recent.
|
| | |
|
| |
|
|
|
| |
They are required to compile gVisor.
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
| |
env and syzbot containers will use go1.20.1
big-env and old-env containers will use go1.19.6
|
| |
|
|
| |
We are using stock Clang to build KMSAN now
|
| |
|
|
|
|
| |
This is a prerequisite for building KMSAN-instrumented kernels.
Now that https://github.com/google/syzkaller/pull/3649 is landed, the
tests should be passing.
|
| |
|
|
|
|
|
|
| |
The new compiler introduced some test failures, so we had to roll back
the containers. Revert the patch to Docker specs, so that they reflect
the actual state of the things.
This reverts commit 3d904c7acdbdd69b8c6e85799af7565955025201.
|
| |
|
|
| |
This is a prerequisite for building KMSAN-instrumented kernels.
|
| |
|
|
| |
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
| |
Now that we have the ability to specify the linker, make it possible to
choose between ld and ld.lld.
|
| |
|
|
|
|
|
|
|
|
| |
Fuchsia build fails inside of syzbot container
b/c syzkaller user does not have home dir:
$ out/x64/host_x64/fpublish --help
Could not initialize SDK mkdir /home/syzkaller
Create syzkaller home.
|
| |
|
|
|
| |
The fetch_cvd tool used for fetching Cuttlefish expects /usr/bin/bsdtar
to be available.
|
| |
|
|
|
|
| |
Switch to the upstream Clang version 610139d2d9ce.
This retires the custom -msan-pass-caller-to-runtime flag, but instead
allows us to use -fsanitize-memory-param-retval on syzbot.
|
| |
|
|
| |
We need it to build Cuttlefish images.
|
| |
|
|
|
|
|
| |
Switch to a custom Clang version built from LLVM trunk 9ffb5944a699
with a patch on top of it implementing the -msan-pass-caller-to-runtime
flag. This flag is needed to detect noinstr->instr transitions in the
kernel. Once it is tested on syzbot, it will be added to upstream Clang.
|
| |
|
|
| |
It's required by the NetBSD-KMSAN instance.
|
| | |
|
| |
|
|
|
| |
The existing build lacked some headers, which prevented us from being
able to configure newer kernels.
|
| |
|
|
|
|
| |
Until KMSAN compiler API is finalized, we often need to use ToT Clang to
build the kernel. Download the latest compiler build from GS, and put it
under /syzkaller/clang-kmsan.
|
| |
|
|
|
|
| |
Currently we use the default distro Go, which is 1.15 in Bullseye.
Switch to 1.17 which has register-based calling convention and is
significantly faster.
|
| |
|
|
|
|
|
|
|
| |
Without this flag I am getting:
D: Repository 'http://security.debian.org/debian-security
buster/updates InRelease' changed its 'Suite' value
from 'stable' to 'oldstable'
Error: Process completed with exit code 100.
|
| |
|
|
|
|
|
| |
The debian repo contains an old version and it can't build gVisor:
external/rules_pkg/private/pkg_files.bzl:315:12: name 'json' is not defined
Signed-off-by: Andrei Vagin <avagin@google.com>
|
| |
|
|
|
| |
Not really GRTE, but it's enough to run some
scripts that hardcode the path.
|
| |
|
|
|
|
| |
It's used by kernel/gen_kheaders.sh.
Update #2096
|
| |
|
|
| |
Update #2096
|
| |
|
|
|
| |
Don't install grub packages, grub is not working inside of containers.
Add psmisc for ps.
|
