Arm + KASAN + syzbot

Krzysztof Kozlowski krzk at kernel.org
Tue Jan 19 03:36:47 EST 2021 

On Mon, 18 Jan 2021 at 17:31, Dmitry Vyukov <dvyukov at google.com> wrote:
>
> Hello Arm maintainers,
>
> We are considering setting up an Arm 32-bit instance on syzbot for
> continuous testing using qemu emulation and I have several questions
> related to that.
>
> 1. Is there interest in this on your end?

Sure, the more, the better.

> What git tree/branch should
> be used for testing (contains latest development and is regularly
> updated with fixes)?

Depends on your testing capabilities, whether you can deal with every
sub-maintainer's tree. 0-day kernel robot tests everything possible
and this allows each submaintanier to early receive feedback about his
tree. It can be around 30 Git trees, though... If you want only few, I
would start with:
 - https://git.kernel.org/pub/scm/linux/kernel/git/soc/soc.git/
 - linux-next
 - and Russell's for-next
(http://git.armlinux.org.uk/cgit/linux-arm.git/log/?h=for-next)

> 2. I see KASAN has just become supported for Arm, which is very
> useful, but I can't boot a kernel with KASAN enabled. I am using
> v5.11-rc4 and this config without KASAN boots fine:
> https://gist.githubusercontent.com/dvyukov/12de2905f9479ba2ebdcc603c2fec79b/raw/c8fd3f5e8328259fe760ce9a57f3e6c6f5a95c8f/gistfile1.txt

Maybe try first with a kernel based on vexpress defconfig. Yours looks
closer to multi_v7 which enables a lot of stuff also as modules and
this by itself brought up few issues (mostly with order of probes).

You could also try other QEMU machine (I don't know many of them, some
time ago I was using exynos defconfig on smdkc210, but without KASAN).

> using the following qemu command line:
> qemu-system-arm \
>   -machine vexpress-a15 -cpu max -smp 2 -m 2G \
>   -device virtio-blk-device,drive=hd0 \
>   -drive if=none,format=raw,id=hd0,file=image-arm -snapshot \
>   -kernel arch/arm/boot/zImage \
>   -dtb arch/arm/boot/dts/vexpress-v2p-ca15-tc1.dtb \
>   -nographic \
>   -netdev user,host=10.0.2.10,hostfwd=tcp::10022-:22,id=net0 -device
> virtio-net-device,netdev=net0 \
>   -append "root=/dev/vda earlycon earlyprintk=serial console=ttyAMA0
> oops=panic panic_on_warn=1 panic=86400 vmalloc=512M"
>
> However, when I enable KASAN and get this config:
> https://gist.githubusercontent.com/dvyukov/a7e3edd35cc39a1b69b11530c7d2e7ac/raw/7cbda88085d3ccd11227224a1c9964ccb8484d4e/gistfile1.txt
>
> kernel does not boot, qemu only prints the following output and then silence:
> pulseaudio: set_sink_input_volume() failed
> pulseaudio: Reason: Invalid argument
> pulseaudio: set_sink_input_mute() failed
> pulseaudio: Reason: Invalid argument
>
> What am I doing wrong?

No clue but I just tried KASAN on my ARMv7 Exynos5422 board (real
hardware) and it works (although kernel log appeared with a bigger
delay):

[    0.000000] Booting Linux on physical CPU 0x100
[    0.000000] Linux version
5.11.0-rc3-next-20210115-00001-g77140600eeec (kozik at kozik-lap)
(arm-linux-gnueabi-gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, GNU ld
(GNU Binutils for Ubuntu) 2.34) #144 SMP PREEMPT Tue Jan 19 09:23:24
CET 2021
[    0.000000] CPU: ARMv7 Processor [410fc073] revision 3 (ARMv7), cr=10c5387d
...
[    0.000000] kasan: Truncating shadow for memory block at
0x40000000-0xbea00000 to lowmem region at 0x70000000
[    0.000000] kasan: Mapping kernel virtual memory block:
c0000000-f0000000 at shadow: b7000000-bd000000
[    0.000000] kasan: Mapping kernel virtual memory block:
bf000000-c0000000 at shadow: b6e00000-b7000000
[    0.000000] kasan: Kernel address sanitizer initialized

Best regards,
Krzysztof

More information about the linux-arm-kernel mailing list