The current memcg container seems to lead to lots of hangs/stalls.
Presumably the problem is with oom_score_adj and KASAN.
Executor process tree eats all memory and then the leaf process is killed
but the memory is not returned to memcg due to KASAN quarantine;
and the parent processes are protected from killing with oom_score_adj=-1000.
As the result the kernel locks up.
1. Don't use oom_score_adj=-1000. Instead bump leaf process score to 1000 (kill always).
2. Increase size of memcg to be larger than expected KASAN quarantine size.
Currently it triggers datastore timeouts episodically.
Don't fail build upload if bug commit update fails.
Split the large query into two smaller queries.
We are seeing lots of datastore timeout errors during bug fetch.
It's a bad idea to fetch thousands of bugs in one query,
so fetch them in batches of 1000 bugs.
Hopefully will reduce rate of errors.
This avoids the issue of "android" not having any registered configurations
or syscalls / ioctls / etc, when built with GOOS=android.
This occurs when building in Google3, since --config=android_arm64 selects
the Android toolchain.
Anytime we're running `make extract/generate` with Fuchsia as a target, we
probably want to update FIDL descriptions too, so we don't fall behind
what upstream is up to.
This includes generate_fidl as part of the `make extract` workflow.
Also, corrects fidlgenPath to properly find the path for ARM targets (we
only have host_x64 right now).
KMEMLEAK has lots of false positives and bugs without repros
may be unactionable. It's not completely clear how to handle
such cases in automatic systematic testing.
But let's try this and see how it works.
Rewind kmemleak fd before reading it second time,
otherwise we will read truncated reports.
Auto-learn what leak reports we've already seen
and ignore them in future. This is required because
there are some false positives and some fire too frequently.
So now we will hit each leak only once per manager run,
but we still will try to reproduce them.
syzkaller manages to turn on dynamic debug messages somehow,
which then produces tons of output on console. Disable dynamic
debug on kasan.
Disable bpfilter on kmsan as we already did on kasan.
* tools/create-openbsd-gce-ci: use config from /syzkaller
* Use syzkaller copy of src instead of a separate one.
* Using /dev/null disk in vm.conf
* Use KVM, enable doas, no longer symlink.
* Use a dummmy.img
* Revert "Use a dummmy.img"
This reverts commit 656b24d5e4573dde5e95c6158852001c7241e65a.
This sucks a lot, but ebtables.h is now broken too on Debian 4.17:
ebtables.h: In function ‘ebt_entry_target* ebt_get_target(ebt_entry*)’:
ebtables.h:197:19: error: invalid conversion from ‘void*’ to ‘ebt_entry_target*’
Improve go-fuzz fuzzer function and fix few new bugs it finds:
1. Panic in linux parser (bad).
2. Akaros can report empty rep.Report.
3. Fuchsia can return empty rep.Report.
Sometimes race conditions are reproduced by syz-execprog and are not
reproduced by the programs generated with syz-prog2c. In such cases
it's very helpful to know when exactly the fuzzing syscalls are executed.
Unfortunately, adding timestamps to the output of the original 'debug'
mode doesn't work. This mode provides very verbose output, which slows
down executor and breaks the repro.
So let's make the executor debug output less verbose and add
the timestamps.
Signed-off-by: Alexander Popov <alex.popov@linux.com>
On OpenBSD, nm(1) does not support the `-S' option.
The order of symbols from nm(1) varies between platforms, therefore rework the
test case to cope with that.
Fixes#723
gometalinter says the function is too complex:
syz-ci/manager.go:155:⚠️ cyclomatic complexity 30 of function (*Manager).loop() is high (> 24) (gocyclo)
Split into 2 functions.
vmctl start periodically fails with:
vmctl: start vm command failed: Operation already in progress
So try to sleep for a bit after vmctl stop.
And detect when vmctl start terminates prematurely
to avoid 10 minute timeout for ip extraction.
Now that syz-ci can upload coverage reports to GCS,
we can show up-to-date coverage for each manager
rather than a single static outdated file per namespace.
Don't show maintainers for crashes if we don't have them (only linux has).
Show short git hashes for kernel/syzkaller, 40 chars looks excessive (full hash is in hint).
Show current build kernel/syzkaller git hash in managers table.
Remove fuzzing time from managers table (does not seem too useful).
