Host: Ubuntu 18.04 and run DIFUZE on the provided docker
Android kernel: android-msm-crosshatch-4.9-pie-qpr2 (for google pixel 3/3L)
/home is the directory where I mounted the repo diretory.
Compile the kernel with GCC:
python run_all.py -l /home/llvm_bitcode_out -a 2 -c /home/compile_commands.json -n 2 -o /home/out -k /home/private/msm-google -f /home/ioctl_finder_out
When running run_all.py at the process of "[] Running compilation commands in multiprocessing modea". It shows a lot of errors:
In file included from ../../../../private/msm-google/drivers/thermal/tsens-mtc.c:14:In file included from /home/private/msm-google/drivers/thermal/tsens.h:16:In file included from /home/private/msm-google/include/linux/kernel.h:13:In file included from /home/private/msm-google/include/linux/printk.h:305:In file included from /home/private/msm-google/include/linux/dynamic_debug.h:5:In file included from /home/private/msm-google/include/linux/jump_label.h:107:/home/private/msm-google/arch/arm64/include/asm/jump_label.h:31:6: error: expected '(' after 'asm'asm goto("1: nop\n\t"^/home/private/msm-google/arch/arm64/include/asm/jump_label.h:45:6: error: expected '(' after 'asm'asm goto("1: b %l[l_yes]\n\t"^2 errors generated.
[+] Finished running compilation commands.
[] Writing all linker commands to /home/llvm_bitcode_out/llvm_link_cmds.sh
[] Got 0 regular linker commands.
[] Running linker commands in multiprocessing mode.
[+] Finished running linker commands.
[*] Got 815 recursive linker commands.
[!] Failed to link following driver objects.
[!] drivers/base/power/clock_ops.o
[+] Component: BearLLVMBuild ran successfully.
[+] Component: BearLLVMBuild passed successfully.
[*] Trying to Run Component: BearGenerateIncludes
[+] Setup for component: BearGenerateIncludes complete
[+] Component: BearGenerateIncludes ran successfully.
[+] Component: BearGenerateIncludes passed successfully.
[*] Trying to Run Component: BearGeneratePreprocessed
[+] Setup for component: BearGeneratePreprocessed complete
[*] Writing all preprocessing commands to /home/llvm_bitcode_out/llvm_generate_preprocessed.sh
[*] Got 1244 preprocessing commands.
[*] Running preprocessing commands in multiprocessing modea.
[+] Finished running preprocessing commands.
[+] Component: BearGeneratePreprocessed ran successfully.
[+] Component: BearGeneratePreprocessed passed successfully.
[*] Trying to Run Component: BearParseHeaders
[+] Setup for component: BearParseHeaders complete
[*] Running grep to find ops and operations structure.
[+] Grep ran successfully to find ops and operations structures.
[*] Running c2xml to find entry point configurations.
[+] Component: BearParseHeaders ran successfully.
[+] Component: BearParseHeaders passed successfully.
[*] Trying to Run Component: BearParseV4L2Headers
[+] Setup for component: BearParseV4L2Headers complete
[+] Grep ran successfully to find ops and operations structures.
[*] Running c2xml to find entry point configurations.
[!] Unable to find v4l2 base bitcode file:/home/llvm_bitcode_out/drivers/media/v4l2-core/v4l2-ioctl.llvm.bc
[?] Component: BearParseV4L2Headers failed.
[+] Component: BearParseV4L2Headers passed successfully.
[*] Trying to Run Component: BearEntryPointIdentifier
[+] Setup for component: BearEntryPointIdentifier complete
[*] Running EntryPointIdentifier..
[+] Entry point file present:/home/llvm_bitcode_out/hdr_file_config.txt
[+] Successfully generated all the possible entry points into file: /home/llvm_bitcode_out/entry_point_out.txt
[+] Component: BearEntryPointIdentifier ran successfully.
[+] Component: BearEntryPointIdentifier passed successfully.
[*] Trying to Run Component: DevNameFinder
[+] Setup for component: DevNameFinder complete
[*] Invoking Dev Name finder
[*] Found: 0 ioctl functions to process.
[*] Processing in multiprocessing mode
[*] Finished processing: 0 ioctl functions.
[*] Dev name finder failed for: 0 out of: 0 Ioctl functions.
[+] Component: DevNameFinder ran successfully.
[+] Component: DevNameFinder passed successfully.
[*] Trying to Run Component: IoctlCmdFinder
[+] Setup for component: IoctlCmdFinder complete
[*] Invoking Ioctl cmd finder
[*] Found: 0 ioctl functions to process.
[*] Processing in multiprocessing mode
[*] Finished processing: 0 ioctl functions.
[*] Ioctl Cmd finder failed for: 0 out of: 0 Ioctl functions.
[+] Component: IoctlCmdFinder ran successfully.
[+] Component: IoctlCmdFinder passed successfully.
[*] Trying to Run Component: V4L2CmdFinder
[!] Setup failed for component: V4L2CmdFinder , with Error: No file specified for v4l2 id -> cmdid list.
[!] Component: V4L2CmdFinder failed. Exiting.
[*] Component Runtime information:
[*] BearGeneratePreprocessed:43.1071650982 seconds.
[*] BearGenerateIncludes:10.1442651749 seconds.
[*] BearParseHeaders:3.64340209961 seconds.
[*] IoctlCmdFinder:0.119308948517 seconds.
[*] BearEntryPointIdentifier:0.000860929489136 seconds.
[*] DevNameFinder:0.10435795784 seconds.
[*] BearLLVMBuild:122.601122856 seconds.
[*] BearParseV4L2Headers:6.89029693604e-05 seconds.
2. Compile the kernel with clang
`python run_all.py -l /home/llvm_bitcode_out -a 2 -c /home/compile_commands.json -n 2 -o /home/out -k /home/private/msm-google -f /home/ioctl_finder_out -isclang -clangp /home/prebuilts-master/clang/host/linux-x86/clang-4393122/bin/clang-5.0 -llvmlinkp /home/prebuilts-master/clang/host/linux-x86/clang-4393122/bin/llvm-link`
When compiling, there are many error info: `LLVM ERROR: IO failure on output stream.`
And running run_all.py still failed:
[*] Trying to Run Component: BearLLVMBuild
[+] Setup for component: BearLLVMBuild complete
[*] Writing all compilation commands to /home/llvm_bitcode_out/llvm_build.sh
[*] Got 1244 compilation commands.
[*] Running compilation commands in multiprocessing modea.
[+] Finished running compilation commands.
[*] Writing all linker commands to /home/llvm_bitcode_out/llvm_link_cmds.sh
[*] Got 0 regular linker commands.
[*] Running linker commands in multiprocessing mode.
[+] Finished running linker commands.
[*] Got 4 recursive linker commands.
[!] Failed to link following driver objects.
[!] drivers/input/touchscreen/stm/ftm5.lto.o
[!] drivers/input/touchscreen/sec_ts/sec_touch.ko
[!] drivers/input/touchscreen/sec_ts/sec_touch.lto.o
[!] drivers/input/touchscreen/stm/ftm5.ko
[+] Component: BearLLVMBuild ran successfully.
[+] Component: BearLLVMBuild passed successfully.
[*] Trying to Run Component: BearGenerateIncludes
[+] Setup for component: BearGenerateIncludes complete
[+] Component: BearGenerateIncludes ran successfully.
[+] Component: BearGenerateIncludes passed successfully.
[*] Trying to Run Component: BearGeneratePreprocessed
[+] Setup for component: BearGeneratePreprocessed complete
[*] Writing all preprocessing commands to /home/llvm_bitcode_out/llvm_generate_preprocessed.sh
[*] Got 1244 preprocessing commands.
[*] Running preprocessing commands in multiprocessing modea.
[+] Finished running preprocessing commands.
[+] Component: BearGeneratePreprocessed ran successfully.
[+] Component: BearGeneratePreprocessed passed successfully.
[*] Trying to Run Component: BearParseHeaders
[+] Setup for component: BearParseHeaders complete
[*] Running grep to find ops and operations structure.
[+] Grep ran successfully to find ops and operations structures.
[*] Running c2xml to find entry point configurations.
[+] Component: BearParseHeaders ran successfully.
[+] Component: BearParseHeaders passed successfully.
[*] Trying to Run Component: BearParseV4L2Headers
[+] Setup for component: BearParseV4L2Headers complete
[+] Grep ran successfully to find ops and operations structures.
[*] Running c2xml to find entry point configurations.
[!] Unable to find v4l2 base bitcode file:/home/llvm_bitcode_out/drivers/media/v4l2-core/v4l2-ioctl.llvm.bc
[?] Component: BearParseV4L2Headers failed.
[+] Component: BearParseV4L2Headers passed successfully.
[*] Trying to Run Component: BearEntryPointIdentifier
[+] Setup for component: BearEntryPointIdentifier complete
[*] Running EntryPointIdentifier..
[+] Entry point file present:/home/llvm_bitcode_out/hdr_file_config.txt
[+] Successfully generated all the possible entry points into file: /home/llvm_bitcode_out/entry_point_out.txt
[+] Component: BearEntryPointIdentifier ran successfully.
[+] Component: BearEntryPointIdentifier passed successfully.
[*] Trying to Run Component: DevNameFinder
[+] Setup for component: DevNameFinder complete
[*] Invoking Dev Name finder
[*] Found: 0 ioctl functions to process.
[*] Processing in multiprocessing mode
[*] Finished processing: 0 ioctl functions.
[*] Dev name finder failed for: 0 out of: 0 Ioctl functions.
[+] Component: DevNameFinder ran successfully.
[+] Component: DevNameFinder passed successfully.
[*] Trying to Run Component: IoctlCmdFinder
[+] Setup for component: IoctlCmdFinder complete
[*] Invoking Ioctl cmd finder
[*] Found: 0 ioctl functions to process.
[*] Processing in multiprocessing mode
[*] Finished processing: 0 ioctl functions.
[*] Ioctl Cmd finder failed for: 0 out of: 0 Ioctl functions.
[+] Component: IoctlCmdFinder ran successfully.
[+] Component: IoctlCmdFinder passed successfully.
[*] Trying to Run Component: V4L2CmdFinder
[!] Setup failed for component: V4L2CmdFinder , with Error: No file specified for v4l2 id -> cmdid list.
[!] Component: V4L2CmdFinder failed. Exiting.
[*] Component Runtime information:
[*] BearGeneratePreprocessed:16.6774599552 seconds.
[*] BearGenerateIncludes:10.4098279476 seconds.
[*] BearParseHeaders:3.70880007744 seconds.
[*] IoctlCmdFinder:0.120937108994 seconds.
[*] BearEntryPointIdentifier:0.00175595283508 seconds.
[*] DevNameFinder:0.109388113022 seconds.
[*] BearLLVMBuild:19.6144690514 seconds.
[*] BearParseV4L2Headers:0.000156879425049 seconds.
Could you please give me some advice?
Thank you!!
Host: Ubuntu 18.04 and run DIFUZE on the provided docker Android kernel: android-msm-crosshatch-4.9-pie-qpr2 (for google pixel 3/3L)
/homeis the directory where I mounted therepodiretory.python run_all.py -l /home/llvm_bitcode_out -a 2 -c /home/compile_commands.json -n 2 -o /home/out -k /home/private/msm-google -f /home/ioctl_finder_outWhen running run_all.py at the process of "[] Running compilation commands in multiprocessing modea". It shows a lot of errors:
In file included from ../../../../private/msm-google/drivers/thermal/tsens-mtc.c:14:In file included from /home/private/msm-google/drivers/thermal/tsens.h:16:In file included from /home/private/msm-google/include/linux/kernel.h:13:In file included from /home/private/msm-google/include/linux/printk.h:305:In file included from /home/private/msm-google/include/linux/dynamic_debug.h:5:In file included from /home/private/msm-google/include/linux/jump_label.h:107:/home/private/msm-google/arch/arm64/include/asm/jump_label.h:31:6: error: expected '(' after 'asm'asm goto("1: nop\n\t"^/home/private/msm-google/arch/arm64/include/asm/jump_label.h:45:6: error: expected '(' after 'asm'asm goto("1: b %l[l_yes]\n\t"^2 errors generated.[+] Finished running compilation commands. [] Writing all linker commands to /home/llvm_bitcode_out/llvm_link_cmds.sh [] Got 0 regular linker commands. [] Running linker commands in multiprocessing mode. [+] Finished running linker commands. [*] Got 815 recursive linker commands. [!] Failed to link following driver objects.