This reverts commit 7ce4cd3a7e.
This breaks syzbot as it executes "cd " which gets it into
a completely unrelated dir and then it tries to format
everything there as Go code.
The tool is run as:
$ syz-runtest -config manager.config
This runs all programs from sys/*/test/* in different modes
on actual VMs and checks results.
Fixes#603
Add syz_errno syscall which sets errno to the argument,
and add a test with different errno values.
This mostly tests the testing infrastructure itself.
Add syz_compare syscall which compare two blobs,
this can be used for testing of argument memory layout.
Implement syz_mmap and fix Makefile to allow building syz-execprog for test OS.
Useful for debugging.
Update #603
Currently target binaries contain support for all OS/arch combinations.
However, obviously a fuchsia target binary won't test windows.
For target binaries we need support only for a single target
(with the exception of 386/arm target in amd64/arm64 binaries).
So compile in only _the_ target into target binaries.
This reduces akaros/amd64 fuzzer binary from 33 to 7 MB
and execprog from 28 to 2 MB.
Shell files cause portability problems.
On Linux it's hard to install /bin/sh,
/bin/bash is not present on *BSD.
Any solution is hard to test on Darwin.
Don't even want to mention Windows.
Just do it in Go.
Make as much code as possible shared between all OSes.
In particular main is now common across all OSes.
Make more code shared between executor and csource
(in particular, loop function and threaded execution logic).
Also make loop and threaded logic shared across all OSes.
Make more posix/unix code shared across OSes
(e.g. signal handling, pthread creation, etc).
Plus other changes along similar lines.
Also support test OS in executor (based on portable posix)
and add 4 arches that cover all execution modes
(fork server/no fork server, shmem/no shmem).
This change paves way for testing of executor code
and allows to preserve consistency across OSes and executor/csource.
If executor common headers are unformatted then go generate pkg/csource
will embed unformatted headers. Then format_cpp will re-format
only executor headers, but not embed versions. As the result
pkg/csource will end up with wrong embed headers.
Format C sources before generating Go to fix this.
Build of host Go binaries is broken on fuchsia,
because we use target toolchain and it creates broken binaries.
Introduce HOSTGO and use it for host binaries.
Currently all (linux-specific) suppressions are hardcoded in mgrconfig.
This is very wrong. Move them to pkg/report and allow to specify per OS.
Add gvisor-specific suppressions.
This required a bit of refactoring. Introduce mgrconfig.KernelObj finally.
Make report.NewReporter and vm.Create accept mgrconfig directly
instead of passing it as multiple scattered args.
Remove tools/syz-parse and it always did the same as tools/syz-symbolize.
Simplify global vars in syz-manager/cover.go.
Create reporter eagerly in manager. Use sort.Slice more.
Overall -90 lines removed.
We currently have native cross-compilation logic duplicated
in Makefile and in sys/targets. Some pieces are missed in one
place, some are in another. Only pkg/csource knows how to check
for -static support.
Move all CC/CFLAGS logic to sys/targets and pull results in Makefile.
This should make Makefile work on distros that have broken x86_64-linux-gnu-gcc,
now we will use just gcc. And this removes the need to define NOSTATIC,
as it's always auto-detected.
This also paves the way for making pkg/csource work on OSes other than Linux.
Travis is still broken with:
E: Unable to locate package gcc-aarch64-linux-gnu
E: Unable to locate package gcc-arm-linux-gnueabihf
E: Unable to locate package gcc-powerpc64le-linux-gnu
https://travis-ci.org/google/syzkaller/jobs/378034948
Let's at least see what's OS is there and what gcc packages present.
Travis CI started failing with:
E: Unable to locate package gcc-aarch64-linux-gnu
E: Unable to locate package gcc-arm-linux-gnueabihf
E: Unable to locate package gcc-powerpc64le-linux-gnu
make: *** [install_prerequisites] Error 100
https://travis-ci.org/google/syzkaller/jobs/377740347
Let's try to ignore these packages.
syz-sysgen depends on prog which depends on pkg/ifuzz.
Currently we concurrently regenerate pkg/ifuzz and build
syz-sysgen, which can cause failures.
Make pkg/ifuzz dependent on syz-sysgen, so that it is
built before we regenerate ifuzz.
* fuchsia: Fix the `extractor` tool.
The include path in Zircon has changed; updated syz-extract/fuchsia.go
to include this, and re-ran extract to get updated *.const files.
* fuchsia: Update syzkaller to build with current Fuchsia API.
Fuchsia doesn't have a stable API right now, so alas, this will probably
continue to change until that's nailed down.
But, useful to get this up-to-date at least.
Relevant notes:
* zx_channel_call_finish and _retry aren't technically public; leave
them out until we have a less-cludgy way to expose them
* musl supports setjmp/longjmp but not _setjmp/_longjump
* remove some unsupported syscalls
* update the build invocation
Makefile falsely detected a modified git tree when the first ifeq
argument was unquoted. Also switch to the $(shell ... style for
consistency.
As requested, add myself to AUTHORS and CONTRIBUTORS.
The race initially showed up on the new benchmark (see race report below).
The race indicated a wrong call passed to replaceArg,
as the result we sanitized the wrong call and left the new call un-sanitized.
Fix this.
Add test that exposes this.
Run benchmarks in race mode during presubmit
(benchmarks have higher chances of uncovering races than tests).
WARNING: DATA RACE
Write at 0x00c42000d3f0 by goroutine 18:
github.com/google/syzkaller/sys/linux.(*arch).sanitizeCall()
sys/linux/init.go:155 +0x256
github.com/google/syzkaller/sys/linux.(*arch).(github.com/google/syzkaller/sys/linux.sanitizeCall)-fm()
sys/linux/init.go:42 +0x4b
github.com/google/syzkaller/prog.(*Prog).replaceArg()
prog/prog.go:357 +0x239
github.com/google/syzkaller/prog.generateHints.func2()
prog/hints.go:105 +0x124
github.com/google/syzkaller/prog.checkConstArg()
prog/hints.go:128 +0xf3
github.com/google/syzkaller/prog.generateHints()
prog/hints.go:120 +0x495
github.com/google/syzkaller/prog.(*Prog).MutateWithHints.func1()
prog/hints.go:72 +0x67
github.com/google/syzkaller/prog.foreachSubargImpl.func1()
prog/analysis.go:86 +0x9f
github.com/google/syzkaller/prog.foreachSubargImpl()
prog/analysis.go:104 +0xc8
github.com/google/syzkaller/prog.foreachArgArray()
prog/analysis.go:113 +0x89
github.com/google/syzkaller/prog.foreachArg()
prog/analysis.go:121 +0x50
github.com/google/syzkaller/prog.(*Prog).MutateWithHints()
prog/hints.go:71 +0x18e
github.com/google/syzkaller/prog.BenchmarkHints.func1()
prog/hints_test.go:477 +0x77
testing.(*B).RunParallel.func1()
testing/benchmark.go:626 +0x156
Previous read at 0x00c42000d3f0 by goroutine 17:
github.com/google/syzkaller/prog.clone()
prog/clone.go:38 +0xbaa
github.com/google/syzkaller/prog.(*Prog).cloneImpl()
prog/clone.go:21 +0x17f
github.com/google/syzkaller/prog.generateHints()
prog/hints.go:95 +0xd0
github.com/google/syzkaller/prog.(*Prog).MutateWithHints.func1()
prog/hints.go:72 +0x67
github.com/google/syzkaller/prog.foreachSubargImpl.func1()
prog/analysis.go:86 +0x9f
github.com/google/syzkaller/prog.foreachSubargImpl()
prog/analysis.go:104 +0xc8
github.com/google/syzkaller/prog.foreachArgArray()
prog/analysis.go:113 +0x89
github.com/google/syzkaller/prog.foreachArg()
prog/analysis.go:121 +0x50
github.com/google/syzkaller/prog.(*Prog).MutateWithHints()
prog/hints.go:71 +0x18e
github.com/google/syzkaller/prog.BenchmarkHints.func1()
prog/hints_test.go:477 +0x77
testing.(*B).RunParallel.func1()
testing/benchmark.go:626 +0x156
This commit adds tools/check_links.py script, that checks that all local
links from documentation files are valid; fixes some of the invalid links
that we had; and makes travis buildbot check them as well.
This fails on bots with:
strip --strip-debug ./bin/linux_arm64/syz-executor
strip: Unable to recognise the format of the input file `./bin/linux_arm64/syz-executor'
We don't generate debug info for Go binaries to reduce their size.
Don't generate debug info for executor as well.
For akaros this reduces binary size from 4.5MB to 800KB.
