| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Certain environments might need a specific make command or wrap make
calls with extra logic. This lets users provide a path to a custom make
binary.
|
| |
|
|
|
|
|
|
| |
It might be the case that the kernels that are being fuzzed on syz-ci
require their own backports to build/test older revisions during
bisection.
Let users specify it in the syz-ci config.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current code only supports fix/cause bisections when the known bad
commit is reachable from Kernel.Repo/Kernel.Branch.
Add a CrossTree parameter to pkg/bisect. If it's set to true and we're
doing a fix bisection, the bisection algorithm first operates with the
original commit message (i.e. checks that it indeed crashes the kernel
and performs config minimization), but the actual bisection starts from
the merge base of Commit and Branch.
We could have calculated the merge base outside of pkg/bisect and just
started the algorithm from that merge base, but there's a problem:
there's no guarantee that the kernel will build/boot with a syzbot
config at the merge base. So we take the commit known to work well and
then assume that the bug is also present on the merge base commit. If it
were not present, we wouldn't have found a fix commit from Branch
anyway.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
This allows us to bisect at least recently introduced bugs, where the
manager that found the bug uses a non standard compiler. This is usefull
during development of a new sanitizer for which a compiler with
non-upstreamed patches is required.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When bisecting a breaking commit, syzkaller starts the bisection from
the commit recorded in the last crash for the given bug. Previously the
bisection was aborted should the commit no longer exist in the repo.
Now we try to reidentify the breaking commit. For git pretty much the
best we can do is to search a commit reachable from HEAD with the same
title. Other VCS systems might have something better.
Syzkaller will still first validate that the start commit is indeed
broken in the way it expects. This prevents syzkaller from getting
confused should we accidentally pick a completely unrelated commit.
|
| |
|
|
|
| |
Before we hardcoded bisection to use gcc, now the compiler family can
be configured in the bisection config.
|
| |
|
|
| |
Store bisection results into given crashdir as fix.commit or cause.commit
|
| |
|
|
|
| |
Store config options identified using DebugTracer. Also change bisection
and configuration minimization code to use new DebugTracer.
|
| |
|
|
| |
Use vcs.HEAD if syzkaller or kernel commit is not given
|
| | |
|
| |
|
|
|
|
| |
Currently syz-bisect is expecting to find kernel.config and
kernel_baseline.config from given crashdir. Unify with syz-ci
and use configuration files from bisect config file.
|
| |
|
|
|
|
| |
Currently syz-bisect is reading repro.c or repro.syz. Syz-manager is storing
reproducers as repro.cprog and repro.prog. Use these names instead. Also add
check to ensure either one is found before bisect.Run is called
|
| |
|
|
|
|
| |
These are widely used with the config as the refactoring shows.
This removes a bunch of unnecessary code.
Also fixes a number of bugs where we confused Arch with VMArch.
|
| |
|
|
|
|
| |
Add option to use ccache in kernel builds.
Signed-off-by: Jouni Hogander <jouni.hoegander@partner.bmw.de>
|
| |
|
|
|
|
|
|
|
| |
Implement Linux kernel configuration bisection. Use bisected minimalistic
configuration in commit bisection. Utilizes config_bisect.pl script from Linux
kernel tree in bisection.
Modify syz-bisect to read in kernel.baseline_config. This is used as a "good"
configuration when bisection is run.
|
| |
|
|
|
|
| |
1. Filename should be relative to flagCrash, not the current dir.
2. Use osutil.IsExist, os.Stat can fail for other reasons, e.g. no permissions.
3. Dedup filepresence check.
|
| |
|
|
|
|
| |
Currenlty only syz file is taken into account when testing.
Use also c source file if available. Still use syz as a "main"
reproducer.
|
| |
|
|
|
|
|
|
| |
Detect bisection to merge commits and to commits that don't affect
kernel binary (comments, other arches, whitespaces, etc).
Such bisections are not reported in emails (but shown on web).
Update #1271
|
| |
|
|
|
|
|
| |
* Modify Run() to return the commit object when a failure occurs on the
oldest tested release(for BisectCause) and latest tested
release(for BisectFix).
* Modify tests to check the returned commit object.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
A bunch of improvements after more wide bisection testing.
Improve logging.
Support returning several commits for inconclusive bisection.
Return Report with the final crash.
Remove code that was moved to pkg/vcs.
Update #501
|
| |
|
|
|
|
| |
It's better to fail early then to wait for kernel build.
Update #501
|
| |
|
|
|
|
|
|
| |
mgrconfig was used only by syz-manager initially,
but now it's used by a dozen of packages and it's
weird to import from under a binary dir.
pkg/ is much more reasonable dir for a widely used
helper package.
|
|
|
Add first version of bisection package
(supports both bug and fix bisection).
And tools/syz-bisect wrapper for testing.
Update #501
|
