From fd8caa5462e64f37cb9eebd75ffca1737dde447d Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Thu, 23 Sep 2021 16:15:41 +0000 Subject: all: replace collide mode by `async` call property Replace the currently existing straightforward approach to race triggering (that was almost entirely implemented inside syz-executor) with a more flexible one. The `async` call property instructs syz-executor not to block until the call has completed execution and proceed immediately to the next call. The decision on what calls to mark with `async` is made by syz-fuzzer. Ultimately this should let us implement more intelligent race provoking strategies as well as make more fine-grained reproducers. --- tools/syz-execprog/execprog.go | 16 ++++++++++++++++ tools/syz-prog2c/prog2c.go | 2 -- tools/syz-reprolist/reprolist.go | 4 +++- 3 files changed, 19 insertions(+), 3 deletions(-) (limited to 'tools') diff --git a/tools/syz-execprog/execprog.go b/tools/syz-execprog/execprog.go index 6c69e0ff6..d22b5a0bf 100644 --- a/tools/syz-execprog/execprog.go +++ b/tools/syz-execprog/execprog.go @@ -38,6 +38,19 @@ var ( flagHints = flag.Bool("hints", false, "do a hints-generation run") flagEnable = flag.String("enable", "none", "enable only listed additional features") flagDisable = flag.String("disable", "none", "enable all additional features except listed") + // The following flag is only kept to let syzkaller remain compatible with older execprog versions. + // In order to test incoming patches or perform bug bisection, syz-ci must use the exact syzkaller + // version that detected the bug (as descriptions and syntax could've already been changed), and + // therefore it must be able to invoke older versions of syz-execprog. + // Unfortunately there's no clean way to drop that flag from newer versions of syz-execprog. If it + // were false by default, it would be easy - we could modify `instance.ExecprogCmd` only to pass it + // when it's true - which would never be the case in the newer versions (this is how we got rid of + // fault injection args). But the collide flag was true by default, so it must be passed by value + // (-collide=%v). The least kludgy solution is to silently accept this flag also in the newer versions + // of syzkaller, but do not process it, as there's no such functionality anymore. + // Note, however, that we do not have to do the same for `syz-prog2c`, as `collide` was there false + // by default. + flagCollide = flag.Bool("collide", false, "(DEPRECATED) collide syscalls to provoke data races") ) func main() { @@ -73,6 +86,9 @@ func main() { log.Logf(0, "%-24v: %v", feat.Name, feat.Reason) } } + if *flagCollide { + log.Fatalf("setting -collide to true is deprecated now") + } config, execOpts := createConfig(target, features, featuresFlags) if err = host.Setup(target, features, featuresFlags, config.Executor); err != nil { log.Fatal(err) diff --git a/tools/syz-prog2c/prog2c.go b/tools/syz-prog2c/prog2c.go index aa9c146e1..7cea629f8 100644 --- a/tools/syz-prog2c/prog2c.go +++ b/tools/syz-prog2c/prog2c.go @@ -21,7 +21,6 @@ var ( flagArch = flag.String("arch", runtime.GOARCH, "target arch") flagBuild = flag.Bool("build", false, "also build the generated program") flagThreaded = flag.Bool("threaded", false, "create threaded program") - flagCollide = flag.Bool("collide", false, "create collide program") flagRepeat = flag.Int("repeat", 1, "repeat program that many times (<=0 - infinitely)") flagProcs = flag.Int("procs", 1, "number of parallel processes") flagSlowdown = flag.Int("slowdown", 1, "execution slowdown caused by emulation/instrumentation") @@ -72,7 +71,6 @@ func main() { } opts := csource.Options{ Threaded: *flagThreaded, - Collide: *flagCollide, Repeat: *flagRepeat != 1, RepeatTimes: *flagRepeat, Procs: *flagProcs, diff --git a/tools/syz-reprolist/reprolist.go b/tools/syz-reprolist/reprolist.go index 0833a8593..a14740d05 100644 --- a/tools/syz-reprolist/reprolist.go +++ b/tools/syz-reprolist/reprolist.go @@ -177,9 +177,11 @@ func createProg2CArgs(bug *dashapi.BugReport, opts csource.Options, file string) "-prog", file, "-sandbox", opts.Sandbox, fmt.Sprintf("-segv=%v", opts.HandleSegv), - fmt.Sprintf("-collide=%v", opts.Collide), fmt.Sprintf("-threaded=%v", opts.Threaded), } + if opts.Collide { + args = append(args, "-collide") + } if haveOSFlag { args = append(args, "-os", *flagOS) } -- cgit mrf-deployment