[PATCH v2 00/10] syzkaller-start: Add option for gdb debug, on host compiler & other goodies
Lee, we don't have a shared repo, so here are the changes that I have until now.
Add [--gdb] option to start qemu for kernel gdb debug. Add clang-13 on host compiler option. And some other goodies.
v2: - update gdb patch and introduce a new variable: KERNEL_PARAMS - add Jun's logfile name extension - add clang-13 on host compiler option
Jun Nie (1): syzkaller-start: Extend logfile name with bugid, commit id and time
Tudor Ambarus (9): syzkaller-start: Add COMPILER_BIN_PATH syzkaller-start: Use the selected compiler to make oldconfig syzkaller-start: Describe [--again] option syzkaller-start: Add [--gdb] option to start qemu for kernel gdb debug syzkaller-start: Set printk.time=1 kernel parameter syzkaller-start: Add [-h] option to display help message syzkaller-start: Make script executable syzkaller-start: Prepare code for on host compiler option syzkaller-start: Add clang-13 on host compiler option
syzkaller-start | 91 ++++++++++++++++++++++++++++++++++++------------- 1 file changed, 67 insertions(+), 24 deletions(-) mode change 100644 => 100755 syzkaller-start
gcc-10.1.0 uses a different path for the binary than the other gcc compilers. Add a new variable to address this.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index 49a00d0..e23a8f0 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -155,6 +155,7 @@ while [[ ${COMPILER_CHOICE} -lt 1 || ${COMPILER_CHOICE} -gt 11 ]]; do echo ${COMPILER_CHOICE} > ${sandbox}/compiler_choice done
+COMPILER_BIN_PATH="gcc" while [ "${COMPILER_VERSION}" == "" ]; do case ${COMPILER_CHOICE} in 1) @@ -176,6 +177,7 @@ while [ "${COMPILER_VERSION}" == "" ]; do 5) COMPILER_URL="https://storage.googleapis.com/syzkaller/gcc-10.1.0-syz.tar.xz" COMPILER_VERSION="gcc-10.1.0-syz" + COMPILER_BIN_PATH="gcc-10" ;; 6) COMPILER_URL="https://storage.googleapis.com/syzkaller/clang-kmsan-329060.tar.gz" @@ -223,7 +225,7 @@ if echo ${COMPILER_VERSION} | grep -q clang; then
COMPILER=${COMPILERDIR}/bin/clang else - COMPILER=${COMPILERDIR}/gcc/bin/gcc + COMPILER=${COMPILERDIR}/${COMPILER_BIN_PATH}/bin/gcc fi
if [ ! -f $(basename ${COMPILER_URL}) ]; then
Use the selected compiler to make oldconfig. If the compiler is not set at "make oldoconfig" time, the on host native one is used which can mangle config options.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index e23a8f0..dace6c3 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -285,7 +285,7 @@ print_blue "\nCopying the .config to the build directory: ${BUILDDIR}" cp ${dotconfig} ${BUILDDIR}/.config
print_blue "\nBuilding the kernel\n" -oldconfig="ccache make KBUILD_OUTPUT=${BUILDDIR} oldconfig" +oldconfig="ccache make KBUILD_OUTPUT=${BUILDDIR} CC=${COMPILER} oldconfig" echo "${oldconfig}" yes "" | ${oldconfig}
Extend description of how the script should be used.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index dace6c3..55b8a04 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -10,7 +10,10 @@ occurence=1
function usage() { - echo "Usage: $(basename $0) --again <URL or ID> <report occurence>" + echo "Usage: $(basename $0) [<URL or ID> <report occurence>] [--again]" + echo + echo -e "\t--again" + echo -e "\t\tUse the current kernel commit and run qemu directly." exit 1 }
Add config option to start qemu for kernel gdb debug.
Specify the nokaslr kernel parameter to disable kernel randomization, that is, cause the kernel to be loaded at its standard location.
Set norandmaps so that we do not use address space randomization.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/syzkaller-start b/syzkaller-start index 55b8a04..305d09d 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -10,10 +10,12 @@ occurence=1
function usage() { - echo "Usage: $(basename $0) [<URL or ID> <report occurence>] [--again]" + echo "Usage: $(basename $0) [<URL or ID> <report occurence>] [--again] [--gdb]" echo echo -e "\t--again" echo -e "\t\tUse the current kernel commit and run qemu directly." + echo -e "\t--gdb" + echo -e "\t\tdebug with gdb" exit 1 }
@@ -37,6 +39,9 @@ while [ $# -gt 0 ]; do --again|-a) AGAIN=true ;; + --gdb) + GDB="-s -S" + ;; --norepro|-n) NOREPRO=true ;; @@ -60,6 +65,10 @@ if [ "${url}" == "" ]; then usage fi
+if [ -n "${GDB}" ]; then + KERNEL_PARAMS="nokaslr norandmaps" +fi + reset # Required on subsequent runs, since QEMU borks the terminal
print_blue "Starting SyzKaller Repro" @@ -292,6 +301,10 @@ oldconfig="ccache make KBUILD_OUTPUT=${BUILDDIR} CC=${COMPILER} oldconfig" echo "${oldconfig}" yes "" | ${oldconfig}
+if [ -n "${GDB}" ]; then + scripts/config --file ${BUILDDIR}/.config --enable GDB_SCRIPTS +fi + if grep -q KASAN_STACK_ENABLE lib/Kconfig.kasan; then scripts/config --file ${BUILDDIR}/.config --enable KASAN_STACK_ENABLE scripts/config --file ${BUILDDIR}/.config --set-val KASAN_STACK 1 @@ -314,7 +327,7 @@ if [[ -z "${AGAIN}" && -z "${NOREPRO}" ]]; then read fi
-qemu-system-x86_64 -smp 8 -m 16G -enable-kvm -cpu host -no-reboot \ +qemu-system-x86_64 -smp 8 -m 16G -enable-kvm -cpu host -no-reboot ${GDB} \ -kernel ${BUILDDIR}/arch/x86/boot/bzImage -nographic \ -net user,host=10.0.2.10,hostfwd=tcp::10022-:22 \ -net nic,model=virtio-net-pci \ @@ -323,4 +336,4 @@ qemu-system-x86_64 -smp 8 -m 16G -enable-kvm -cpu host -no-reboot -drive file=${IMAGEDIR}/${IMAGE},format=raw,if=none,id=d0 \ -chardev stdio,id=char0,mux=on,logfile=serial.out,signal=off \ -serial chardev:char0 -mon chardev=char0 \ - -append "root=/dev/sda1 rw console=ttyAMA0 panic_on_warn=0" + -append "root=/dev/sda1 ${KERNEL_PARAMS} rw console=ttyAMA0 panic_on_warn=0"
printk.time=1/CONFIG_PRINTK_TIME=1 adds a unmodified local hardware clock timestamp to printk messages. The local hardware clock loses time each day making it difficult to determine exactly when an issue has occurred in the kernel log, and making it difficult to determine how kernel and hardware issues relate to each other in real time.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index 305d09d..8bcc23a 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -65,8 +65,9 @@ if [ "${url}" == "" ]; then usage fi
+KERNEL_PARAMS="printk.time=y " if [ -n "${GDB}" ]; then - KERNEL_PARAMS="nokaslr norandmaps" + KERNEL_PARAMS+="nokaslr norandmaps" fi
reset # Required on subsequent runs, since QEMU borks the terminal
Add -h option to display help message: ``` $ ./syzkaller-start -h Usage: syzkaller-start [<URL or ID> <report occurence>] [--again] [--gdb] [-h]
--again Use the current kernel commit and run qemu directly. --gdb debug with gdb -h Display this help message and exit. ```
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index 8bcc23a..abd4ec7 100644 --- a/syzkaller-start +++ b/syzkaller-start @@ -10,12 +10,14 @@ occurence=1
function usage() { - echo "Usage: $(basename $0) [<URL or ID> <report occurence>] [--again] [--gdb]" + echo "Usage: $(basename $0) [<URL or ID> <report occurence>] [--again] [--gdb] [-h]" echo echo -e "\t--again" echo -e "\t\tUse the current kernel commit and run qemu directly." echo -e "\t--gdb" echo -e "\t\tdebug with gdb" + echo -e "\t-h" + echo -e "\t\tDisplay this help message and exit." exit 1 }
@@ -45,6 +47,7 @@ while [ $# -gt 0 ]; do --norepro|-n) NOREPRO=true ;; + -h) usage $0; exit 0 ;; *) # Is the arg an occurrence number or a report URL? if [ $(echo ${1} | wc -c) -gt 40 ]; then
Make script executable so that it spares user of explicitly make it executable when copying it to the kernel directory.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 syzkaller-start
diff --git a/syzkaller-start b/syzkaller-start old mode 100644 new mode 100755
From: Jun Nie jun.nie@linaro.org
We'd like to keep the logs from a run to another. Create dedicated logfile for each run we make.
Signed-off-by: Jun Nie jun.nie@linaro.org [ta: split commit to do just one logical thing, introduce LOGFILE_NAME] Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/syzkaller-start b/syzkaller-start index abd4ec7..37c6200 100755 --- a/syzkaller-start +++ b/syzkaller-start @@ -331,6 +331,9 @@ if [[ -z "${AGAIN}" && -z "${NOREPRO}" ]]; then read fi
+COMMIT=`git log --oneline | head -n 1 | awk '{print $1;}'` +TIME_TAG=`date +%Y%m%d_%H-%M-%S%z` +LOGFILE_NAME="serial.out.${bugid}-${COMMIT}-${TIME_TAG}" qemu-system-x86_64 -smp 8 -m 16G -enable-kvm -cpu host -no-reboot ${GDB} \ -kernel ${BUILDDIR}/arch/x86/boot/bzImage -nographic \ -net user,host=10.0.2.10,hostfwd=tcp::10022-:22 \ @@ -338,6 +341,6 @@ qemu-system-x86_64 -smp 8 -m 16G -enable-kvm -cpu host -no-reboot ${GDB} -device virtio-scsi-pci,id=scsi \ -device scsi-hd,bus=scsi.0,drive=d0 \ -drive file=${IMAGEDIR}/${IMAGE},format=raw,if=none,id=d0 \ - -chardev stdio,id=char0,mux=on,logfile=serial.out,signal=off \ + -chardev stdio,id=char0,mux=on,logfile=${LOGFILE_NAME},signal=off \ -serial chardev:char0 -mon chardev=char0 \ -append "root=/dev/sda1 ${KERNEL_PARAMS} rw console=ttyAMA0 panic_on_warn=0"
Prepare code for the introduction of an on host compiler option. Introduce the download_and_set_compiler() method which will be used only when COMPILER_URL is set. No functionality change.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 53 ++++++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 23 deletions(-)
diff --git a/syzkaller-start b/syzkaller-start index 37c6200..5e44a69 100755 --- a/syzkaller-start +++ b/syzkaller-start @@ -230,34 +230,41 @@ while [ "${COMPILER_VERSION}" == "" ]; do esac done
-COMPILERDIR=${SYZKALLERDIR}/compilers/${COMPILER_VERSION} -mkdir -p ${COMPILERDIR} - -pushd ${COMPILERDIR} > /dev/null -if echo ${COMPILER_VERSION} | grep -q clang; then - # Parent directory in the Clang packages is already named correctly - cd .. - rmdir --ignore-fail-on-non-empty ${COMPILER_VERSION} - - COMPILER=${COMPILERDIR}/bin/clang -else - COMPILER=${COMPILERDIR}/${COMPILER_BIN_PATH}/bin/gcc -fi +download_and_set_compiler() +{ + COMPILERDIR=${SYZKALLERDIR}/compilers/${COMPILER_VERSION} + mkdir -p ${COMPILERDIR}
-if [ ! -f $(basename ${COMPILER_URL}) ]; then - print_blue "\nDownloading ${COMPILER_VERSION}:\n\n\t${COMPILER_URL}" - curl -C - -sLO --show-error ${COMPILER_URL} + pushd ${COMPILERDIR} > /dev/null + if echo ${COMPILER_VERSION} | grep -q clang; then + # Parent directory in the Clang packages is already named correctly + cd .. + rmdir --ignore-fail-on-non-empty ${COMPILER_VERSION}
- if echo ${COMPILER_URL} | grep -q "gz$"; then - tar -xzf ${COMPILER_VERSION}.tar.gz + COMPILER=${COMPILERDIR}/bin/clang else - tar -xJf ${COMPILER_VERSION}.tar.xz + COMPILER=${COMPILERDIR}/${COMPILER_BIN_PATH}/bin/gcc + fi + + if [ ! -f $(basename ${COMPILER_URL}) ]; then + print_blue "\nDownloading ${COMPILER_VERSION}:\n\n\t${COMPILER_URL}" + curl -C - -sLO --show-error ${COMPILER_URL} + + if echo ${COMPILER_URL} | grep -q "gz$"; then + tar -xzf ${COMPILER_VERSION}.tar.gz + else + tar -xJf ${COMPILER_VERSION}.tar.xz + fi + else + print_blue "\nUsing ${COMPILER_VERSION}" fi -else - print_blue "\nUsing ${COMPILER_VERSION}" -fi
-popd > /dev/null # ${COMPILERDIR} + popd > /dev/null # ${COMPILERDIR} +} + +if [ -n "${COMPILER_URL}" ]; then + download_and_set_compiler +fi
IMAGEDIR=${SYZKALLERDIR}/images mkdir -p ${IMAGEDIR}
Add clang-13 on host compiler option. Add some sanity checks to verify if the compiler is installed on the host.
Signed-off-by: Tudor Ambarus tudor.ambarus@linaro.org --- syzkaller-start | 11 +++++++++++ 1 file changed, 11 insertions(+)
diff --git a/syzkaller-start b/syzkaller-start index 5e44a69..fd9b853 100755 --- a/syzkaller-start +++ b/syzkaller-start @@ -161,6 +161,7 @@ while [[ ${COMPILER_CHOICE} -lt 1 || ${COMPILER_CHOICE} -gt 11 ]]; do echo -e "\t8. [clang 8.0.0 (trunk 343298)]" echo -e "\t9. [clang 10.0.0 (c2443155)]" echo -e "\t10. [clang 11.0.1 (llvm-11.0.1)]" + echo -e "\t11. [clang 13 (on host)]" echo -n "> " read COMPILER_CHOICE
@@ -223,6 +224,14 @@ while [ "${COMPILER_VERSION}" == "" ]; do COMPILER_URL="https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.1/clang+..." COMPILER_VERSION="clang+llvm-11.0.1-x86_64-linux-gnu-ubuntu-20.10" ;; + 11) + COMPILER="clang-13" + if ! [ -x "$(command -v ${COMPILER})" ]; then + print_red "ERROR: ${COMPILER} is not installed on host" + exit 1 + fi + COMPILER_VERSION="$(${COMPILER} -dumpversion)" + ;; *) print_red "ERROR: Something went wrong" exit 1 @@ -264,6 +273,8 @@ download_and_set_compiler()
if [ -n "${COMPILER_URL}" ]; then download_and_set_compiler +else + print_blue "\nUsing ${COMPILER_VERSION}" fi
IMAGEDIR=${SYZKALLERDIR}/images
linaro-kernel@lists.linaro.org
-
Tudor Ambarus