On Mon, Feb 15, 2016 at 5:35 PM, Dmitry Vyukov <dvyu...@google.com> wrote: > On Mon, Feb 15, 2016 at 5:29 PM, Peter Zijlstra <pet...@infradead.org> wrote: >> On Thu, Jan 14, 2016 at 11:05:50AM +0100, Dmitry Vyukov wrote: >>> There is a way to run it without coverage on a local machine. >>> >>> First, you need to setup Go toolchain: download latest Go distribution >>> from https://golang.org/dl: >>> https://storage.googleapis.com/golang/go1.5.3.linux-amd64.tar.gz >>> Unpack it to $HOME/go1.5. >>> >>> $ export GOROOT=$HOME/go1.5 >> >>> $ export GOPATH=$HOME/gopath >> >> So after I put that in a profile.d file: >> >>> Download syzkaller sources: >>> >>> $ go get github.com/google/syzkaller >> >> package github.com/google/syzkaller: no buildable Go source files in >> /root/gopath/src/github.com/google/syzkaller >> >>> Build necessary syzkaller binaries: >>> >>> $ cd $GOPATH/src/github.com/google/syzkaller >>> $ make >> >> That seems to have done its thing >> >>> Then save the following content into >>> $GOPATH/src/github.com/google/syzkaller/perf.cfg >>> >> >> { >> "http": "localhost:50000", >> "workdir": "root/gopath/src/github.com/google/syzkaller/workdir", >> "syzkaller": "/root/gopath/src/github.com/google/syzkaller", >> "vmlinux": "-", >> "type": "local", >> "count": 1, >> "procs": 160, >> "nocover": true, >> "nodropprivs": true, >> "enable_syscalls": [ >> "perf_event_open", >> "ioctl$PERF*", >> "prctl$void", >> "bpf$*", >> "sched_yield" >> ] >> } >> >>> Alter paths as necessary. Also you can change procs parameter (number >>> of parallel test processes), something like NCPU*4 would be a good >>> number. Also you can add additional syscalls to the mix. >> >> per the above >> >>> Then run: >>> >>> $ bin/syz-manager -config perf.cfg >>> >>> If you run it on a separate test machine, then scp syzkaller/bin dir >>> and perf.cfg to the machine (the syzkaller param in config is where it >>> will search for the bin dir). >>> >>> If syz-manager does not appear to be doing anything useful, then pleas >>> run it in the following mode and post output: >>> >>> $ bin/syz-manager -config perf.cfg -v 1 -debug >> >> root@ivb-ep:~/gopath/src/github.com/google/syzkaller# bin/syz-manager >> -config perf.cfg -v 1 -debug >> 2016/02/15 17:12:50 bad config syzkaller param: can't find bin/syz-execprog >> >> And its right, no such thing as bin/syz-execprog > > > Please also do: > > $ make execprog > > And replace: > > "nocover": true, > "nodropprivs": true, > > in config file with: > > "cover": false, > "dropprivs": false, > > (that's changed since I wrote the instructions).
Just to compensate the pain, here is what I've just got when re-enabled perf in my config :) 2016/02/15 16:52:18 qemu-15: saving crash 'WARNING: CPU: 0 PID: 18465 at kernel/events/core.c:2743 ctx_sched_in+0x255/0x17f0()' to crash-qemu-15-1455551538366997265 2016/02/15 16:54:02 qemu-17: saving crash 'WARNING: CPU: 0 PID: 1072 at kernel/events/core.c:2743 ctx_sched_in+0x255/0x17f0()' to crash-qemu-17-1455551642205132730 2016/02/15 16:54:44 qemu-30: saving crash 'WARNING: CPU: 3 PID: 19858 at kernel/events/core.c:2122 __perf_install_in_context+0x1c4/0x220()' to crash-qemu-30-1455551684741709699 2016/02/15 16:55:02 qemu-20: saving crash 'WARNING: CPU: 2 PID: 9873 at kernel/events/core.c:226 event_function+0x359/0x3e0()' to crash-qemu-20-1455551702744185903 2016/02/15 16:56:22 qemu-27: saving crash 'WARNING: CPU: 3 PID: 10602 at kernel/events/core.c:2122 __perf_install_in_context+0x1c4/0x220()' to crash-qemu-27-1455551782768040747 2016/02/15 16:56:45 qemu-27: saving crash 'WARNING: CPU: 0 PID: 12779 at kernel/events/core.c:8693 perf_event_exit_task+0x708/0x900()' to crash-qemu-27-1455551805030612662 2016/02/15 16:56:49 qemu-2: saving crash 'WARNING: CPU: 3 PID: 17062 at kernel/events/core.c:226 event_function+0x359/0x3e0()' to crash-qemu-2-1455551809378028704 2016/02/15 16:56:58 qemu-20: saving crash 'WARNING: CPU: 3 PID: 22426 at kernel/events/core.c:2743 ctx_sched_in+0x255/0x17f0()' to crash-qemu-20-1455551818913067860 2016/02/15 16:57:08 qemu-33: saving crash 'WARNING: CPU: 3 PID: 23837 at kernel/events/core.c:2122 __perf_install_in_context+0x1c4/0x220()' to crash-qemu-33-1455551828622810673 2016/02/15 16:57:11 qemu-27: saving crash 'INFO: rcu_sched detected stalls on CPUs/tasks:' to crash-qemu-27-1455551831109315050 2016/02/15 16:57:34 qemu-33: saving crash 'INFO: rcu_sched self-detected stall on CPU' to crash-qemu-33-1455551854588053356 2016/02/15 16:57:44 qemu-33: saving crash 'BUG: workqueue lockup - pool cpus=0 node=0 flags=0x0 nice=-20 stuck for 34s!' to crash-qemu-33-1455551864688663395