-
Notifications
You must be signed in to change notification settings - Fork 652
Search for other free cores when bind fails #68
base: master
Are you sure you want to change the base?
Conversation
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed (or fixed any issues), please reply here with What to do if you already signed the CLAIndividual signers
Corporate signers
ℹ️ Googlers: Go here for more info. |
1 similar comment
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed (or fixed any issues), please reply here with What to do if you already signed the CLAIndividual signers
Corporate signers
ℹ️ Googlers: Go here for more info. |
@googlebot I signed it! |
CLAs look good, thanks! ℹ️ Googlers: Go here for more info. |
1 similar comment
CLAs look good, thanks! ℹ️ Googlers: Go here for more info. |
Under some circumstances, /proc may transparently lie to us, or we may have cgroups invisibly that prevent us from binding to certain CPUs but not others. In particular this shows up when running inside containers with resource limits applied to them. This patch makes AFL continue to try other CPU cores if the kernel rejects our attempt to bind to an apparently free one, since others may succeed. Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
55feb44
to
ad6314b
Compare
@JoeyJiao yeah I'd like to use your search method since that works for Android too, and I'd also like to keep my error messages / suggestions since they work for both android and my particular scenario, so I was thinking you could rebase on top of my commit to change the search algorithm in my patch to yours and we could merge the 2 commits, that seems like the cleanest resultant history and we both keep authorship. Of course I could also rebase mine onto yours but my diff is bigger so it seemed easier to do it the other way round. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks for the patch, the logic looks good to me, I've just added some suggestions regarding coding style
cpu_core_count); | ||
for (i = 0; i < cpu_core_count; i++) { | ||
|
||
if (!cpu_used[i]) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
let's decrease the indentation by inverting the condition:
for (i = 0; i < cpu_core_count; i++) {
if (cpu_used[i])
continue;
<the code trying to bind>
}
CPU_ZERO(&c); | ||
CPU_SET(i, &c); | ||
|
||
if (sched_setaffinity(0, sizeof(c), &c)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
similar suggestion here:
if (!sched_setaffinity(0, sizeof(c), &c)) {
cpu_aff = i;
bound = 1;
break;
}
saved_errno = errno;
tried_bind++;
WARNF("Binding attempt failed; looking for another core...");
|
||
if (i == cpu_core_count) { | ||
int bound = 0; | ||
int tried_bind = 0; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rename to bind_attempts
} | ||
|
||
OKF("Found a free CPU core, binding to #%u.", i); | ||
if (!bound) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
...
if (bound)
return;
<error reporting code here>
}
Edit:
I just noticed this is quite similar to #63... coincidence! How should we handle this? Looks like #63 can be rebased on top of mine to add
#ifdef ANDROID
bits for inverting the search order and drop the rest? @JoeyJiao thoughts?Under some circumstances, /proc may transparently lie to us, or we may
have cgroups invisibly that prevent us from binding to certain CPUs but
not others. In particular this shows up when running inside containers
with resource limits applied to them. This patch makes AFL continue to
try other CPU cores if the kernel rejects our attempt to bind to an
apparently free one, since others may succeed.
At first I wasn't sure this patch belonged in AFL, but since AFL generally tries to be smart about its environment when it helps the user, and this is a realistic case that AFL can solve itself without much overhead, I think it's appropriate.
I put some more details on how/why this manifests here: https://gist.github.com/qlyoung/abd217f977399003ba0cc277feca2af9
Here's how it looks after this patch when running in a Docker container with
--cpuset-cpus 5,6
:AFL continues as normal after that. Prior to this patch it simply aborted on a failed
sched_setaffinity
.Signed-off-by: Quentin Young qlyoung@qlyoung.net