Commit Graph

2095 Commits

Author SHA1 Message Date
Dmitry Vyukov
5abac1920e pkg/report: add format for "workqueue leaked lock or atomic" crashes 2018-02-20 11:21:33 +01:00
Dmitry Vyukov
c8e73b95c6 sys/linux: fix mmap call args
Also add a test for this.
2018-02-20 10:54:03 +01:00
Dmitry Vyukov
c1f526e3e5 prog: mutate len fields based on hints
With the new address allocation logic,
the reason to not touch len has gone.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
4b696a5daf sys/linux: minor fixes to bt descriptions 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
a793204dd2 pkg/compiler: fix corner case in alignment calculation 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
fc3afc7164 vm: keep more context before new output
In pkg/report we add up to 5 lines of kernel output before the report.
However, MonitorExecution leaves only up to 128 bytes of preceeding output,
so frequently preceeding lines are not included in the report.
Increase the context to 512 bytes.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
d9222fc03a pkg/report: improve ODEBUG bug reports 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
75a7c5e2d1 prog: rework address allocation
1. mmap all memory always, without explicit mmap calls in the program.
This makes lots of things much easier and removes lots of code.
Makes mmap not a special syscall and allows to fuzz without mmap enabled.

2. Change address assignment algorithm.
Current algorithm allocates unmapped addresses too frequently
and allows collisions between arguments of a single syscall.
The new algorithm analyzes actual allocations in the program
and places new arguments at unused locations.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
90fd650313 prog: fix PhysicalAddr for NULL addresses
Turns out we never produced NULL pointers because
what's meant to be NULL pointer was actually encoded
as pointer to beginning of the data region.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
6e89f94756 prog: fix mutationArgs for special types
There are 2 bugs currently:
1. mutationArgs recurses into special types,
even though they must be mutated as the whole only.
2. When mutationArgs is called from Gen.MutateArg,
it included the top special type as well,
it must not because at this point only the subargs
must be mutated.

Fix both problems.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
6051a5b552 prog: combine RequiresBitmasks and RequiresChecksums into RequiredFeatures 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
4eef71bb2d prog: merge foreachSubargOffset into foreachArgImpl 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
85d1218f41 prog: rework foreachArg
Make Foreach* callback accept the arg and a context struct
that can contain lots of aux info.
This (1) removes lots of unuser base/parent args,
(2) provides foundation for stopping recursion,
(3) allows to merge foreachSubargOffset.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
2be2288ee2 syz-fuzzer: don't break syscalls during minimization
If the original call was successful, keep it successful during minimization.
Successful calls are much more valuable.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
b99141b797 syz-fuzzer: refactor proc.execute arguments
5 bool's in a row is too much.
2 are unnecessary because they control execOpts,
and we already pass execOpts in.
Combine the remaining 3 into ProgFlags field.
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
76ab9250a7 prog: move Minimize tests to an own file 2018-02-19 21:48:20 +01:00
Dmitry Vyukov
dd768bf1c6 prog: reorder Minimize arguments
Make the predicate the last argument.
It's more common and convenient (arguments are not separated by multiple lines).
2018-02-19 21:48:20 +01:00
Dmitry Vyukov
833f78c7b0 executor: fix build
Older versions of linux require an additional header.
2018-02-17 19:11:57 +01:00
Dmitry Vyukov
9df1a36a98 sys/linux: add bridge netfilter support 2018-02-17 19:02:12 +01:00
Dmitry Vyukov
1f693e0219 tools/syz-mutate: allow limiting set of syscalls 2018-02-17 19:02:12 +01:00
Dmitry Vyukov
4f4f70406c prog: unexport Args and PyPhysicalAddr 2018-02-17 19:02:12 +01:00
Dmitry Vyukov
32aa64c5ac sys/syz-extract: run make with -j 2018-02-17 19:02:12 +01:00
Dmitry Vyukov
414c035582 pkg/compiler: support template template arguments
Can be useful for netfilter descriptions.
2018-02-17 19:02:12 +01:00
Dmitry Vyukov
a08436c973 prog: give special type generators access to target 2018-02-17 19:02:12 +01:00
Dmitry Vyukov
5204f75a58 prog: fix test output
Print programs as strings, rather than byte sequences.
2018-02-17 19:02:12 +01:00
Dmitry Vyukov
dd4fcef5a2 pkg/compiler: allow len of var-len arrays
All netfilter subsystems use this unfortunately,
so demote this to a warning.
2018-02-17 19:02:12 +01:00
Dmitry Vyukov
d21a39fc48 sys/linux: fixes for network descriptions
1. Fix connlimit netfilter match version.
2. Fix xt_time_info layout.
3. Introduce mac_addr_mask type.
4. Limit vlan id's for better matches between them.
2018-02-17 19:02:12 +01:00
Dmitry Vyukov
29d7cb9a16 dashboard/app: show info about dups
Dups are currently completely invisible in the bug tables.
Account for them in NumCrashes, LastTime and ReproLevel.
2018-02-17 19:02:11 +01:00
Dmitry Vyukov
9e421cc9c5 dashboard/app: allow showing source coverage report 2018-02-17 19:02:11 +01:00
Dmitry Vyukov
223b2499f7 dashboard/app: allow sorting bug tables
Fixes #523
2018-02-17 19:02:11 +01:00
Julia Hansbrough
c8b3f7c1d1 Makefile: Enable CGO and set ZIRCON_BUILD_DIR for Fuchsia targets.
While CGO should be disabled by default, it is necessary when building
FUCHSIA.

Additionally, the Fuchsia Go toolchain expects ZIRCON_BUILD_DIR to be
set (
https://github.com/fuchsia-mirror/third_party-go/blob/master/misc/fuchsia/gccwrap.sh
), so we set it here.
2018-02-15 07:43:44 +01:00
Dmitry Vyukov
77ed06bf16 pkg/report: skip mm/util.c in guilty files 2018-02-14 20:17:11 +01:00
Dmitry Vyukov
17061fc0f9 dashboard/app: finer-grained access control
This is the bulk of work for opening dashboard.
Implement finer-grained access control (admin/user/public).
Show only info designated to the current user access level.
Rework UIs for more clarity re bug statuses.
Show fixed bug.
2018-02-14 18:24:57 +01:00
Dmitry Vyukov
88bc17df05 pkg/report: improve corrupted report detection
Detect informational kernel reports that are not bugs in itself,
but contain stack traces. If we see them in the middle of another
report, we know stacks are intermixed and the report is potentially
corrupted.
2018-02-12 11:26:51 +01:00
Dmitry Vyukov
4e9b726d97 pkg/report: harden more against corrupted reports 2018-02-10 13:35:21 +01:00
Dmitry Vyukov
478746a50e sys/linux: fix field names in netfilter 2018-02-10 13:22:05 +01:00
Dmitry Vyukov
7d9727902f pkg/report: better titles for some kmalloc bugs 2018-02-10 12:33:20 +01:00
Dmitry Vyukov
e67d44e011 executor: compile with -O2
We don't frequently debug it and it does some intensive computations
on coverage, so no reason to not compile with -O2.
2018-02-10 12:14:13 +01:00
Dmitry Vyukov
2b6b214cf2 pkg/csource: fix debug calls
debug calls are only properly stripped if they are on a single line.
2018-02-09 20:31:41 +01:00
Dmitry Vyukov
033b610ec9 sys/linux: improve netfilter descriptions
Put the underflow entry at the end.
Entries must end on an unconditional, non-goto entry,
otherwise fallthrough from the last entry is invalid.

Add arp tables support.

Split unspec matches/targets to unspec and inet.

Reset ipv6 and arp tables in executor.

Fix number of counters in tables.

Plus a bunch of assorted fixes for matches/targets.
2018-02-09 20:14:33 +01:00
Dmitry Vyukov
bb826eb26c dashboard/app: fix job creation
1. Create/update job in a transaction.
Fixes #518

2. Add requesting user to CC even if job creation fails.
Fixes #511
2018-02-07 16:15:11 +01:00
Dmitry Vyukov
9fb5ec4367 pkg/report: special-case extraction of guilty file for rcu stalls 2018-02-07 14:22:10 +01:00
Dmitry Vyukov
d2473bc545 pkg/report: improve guilty frame extraction
1. Make extractStackFrame more picky about stray frames.
This fixes some TODO's in tests where we matched completley
unrelated frames printed by another task.

2. Extract KASAN guilty frame from report header
if the frame should not be skipped (e.g. not __lock_acquire).
This makes parsing more tolerant to corrupted reports.
2018-02-07 13:46:35 +01:00
Dmitry Vyukov
f34079dbcf pkg/report: detect when several reports are intermixed
If there are more than one report, detect where the second
report starts and extract description only from the first report.
There are too many cases where several reports gets intermixed
and as the result we extract bogus description.
2018-02-07 09:41:12 +01:00
Dmitry Vyukov
66c15deb7a pkg/report: fix KASAN report parsing
We did not skip kasan_check_read.
Also don't let stack parsing to silently sink to another stack trace.
2018-02-06 15:29:56 +01:00
Dmitry Vyukov
645ce5da79 pkg/report: improve report titles
1. Replace stacktraceRe with custom code which is more flexible.
stacktraceRe stumbled on any unrelated lines and
could not properly parse truncated stacks.

2. Match report regexp earlier.
If we match simler title regexp, but don't match
report regexp or fail to parse stack trace, the report is corrupted.
This eliminates lots of duplicate corrupted oops entries,
which were there only because we had complex regexp's in titles.

3. Ignore low-level frames during stack parsing.
E.g. we never want to report a GPF in lock_acquire or memcpy
(somewhat similar to what we do for guilty files).

4. Add a bunch of specialized formats for WARNINGs.
There is number of generic debugging facilities (like ODEBUG,
debug usercopy, kobject, refcount_t, etc), and the bug
is never in these facilities, it's in the caller instead.

5. Improve some other oops formats.

6. Add a bunch of additional tests.

This resolves most of TODOs in tests.
Fixes #515
2018-02-06 14:44:03 +01:00
Julia Hansbrough
a1bc9d40ad syz/syz-extract: Update Fuchsia extractor with current Fuchsia paths.
A change in Zircon a while back moved around where sysroots are located
in Fuchsia; this update will allow for proper extraction.
2018-02-04 12:21:23 +01:00
Dmitry Vyukov
632a8c2c6c
Update syzbot.md 2018-02-02 09:49:21 +01:00
Dmitry Vyukov
826b35d667 sys/linux: describe some new 4.16 features 2018-02-01 21:27:02 +01:00
Dmitry Vyukov
e86ddaca2e sys/syz-extract: save unsupported consts to the const files
We currently print unsupported consts to console during make extract.
But this is not very useful as there are too many output now.
This also does not allow to understand what's unsupported
in newly checked-in descriptions, or what's unsupported in all current
decriptions.

Save unsupported consts to the const files instead.
This solves all of the above problems.
2018-02-01 20:18:51 +01:00