Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Linux ci - Compile KVM with goto-cc #5916

Merged
merged 2 commits into from
Apr 26, 2021
Merged

Linux ci - Compile KVM with goto-cc #5916

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
4b46a0a
linux: add compilation script
nmanthey Mar 18, 2021
1fbfd5e
linuxci: test compiling linux
nmanthey Mar 4, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 53 additions & 0 deletions .github/workflows/build-and-test-Linux.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Build Linux partially with CPROVER tools

on:
pull_request:
branches:
- '**'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm a little hesitant about (another) CI job that runs on all PRs, specially one that we expect to report failures.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feel free to suggest another branch pattern. I can also target the develop and production branch only. That might result in late surprises.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@TGWDB Why would you expect failures here?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@nmanthey I'm no git expert and don't have a better suggestion. I agree that late failures are not a good idea.

@tautschnig Based on the original PR text:

"This change adds a github workflow that compiles parts of the Linux kernel with goto-cc, and fails in case compilation fails. Furthermore, the input fails that lead to the failure are archived, to allow easy consumption and investigation."

I'm happy if this works without failures, but was (mis?)reading that we expect this to fail more often due to the target and perhaps related aspects of cbmc.

If we expect goto-cc to never fail this except for when we break something then I have no objection.


jobs:
CompileLinux:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Install Packages
env:
# This is needed in addition to -yq to prevent apt-get from asking for
# user input
DEBIAN_FRONTEND: noninteractive
run: |
sudo apt-get update
sudo apt-get install --no-install-recommends -y g++ flex bison cmake ninja-build maven jq libxml2-utils dpkg-dev ccache
sudo apt-get install --no-install-recommends -y libssl-dev libelf-dev libudev-dev libpci-dev libiberty-dev autoconf
sudo apt-get install --no-install-recommends -y gawk jq

- name: Prepare ccache
uses: actions/cache@v2
with:
path: .ccache
key: ${{ runner.os }}-20.04-make-${{ github.ref }}-${{ github.sha }}-KERNEL
restore-keys: |
${{ runner.os }}-20.04-make-${{ github.ref }}
${{ runner.os }}-20.04-make
- name: ccache environment
run: |
echo "CCACHE_BASEDIR=$PWD" >> $GITHUB_ENV
echo "CCACHE_DIR=$PWD/.ccache" >> $GITHUB_ENV
- name: Zero ccache stats and limit in size
run: ccache -z --max-size=500M
- name: Build CBMC tools
run: |
make -C src minisat2-download
make -C src CXX='ccache /usr/bin/g++' cbmc.dir goto-cc.dir goto-diff.dir -j2
- name: Print ccache stats
run: ccache -s

- name: Run (Docker Based) Linux Build test
run: integration/linux/compile_linux.sh

- uses: actions/upload-artifact@v2
with:
name: CPROVER-faultyInput
path: CPROVER/faultyInput/*
Comment on lines +50 to +53
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How does one actually download these? GitHub keeps telling me that I need to have the "actions" scope, perhaps the repository permissions are set up in a way that doesn't permit non-members to do this?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How about doing tail -n +1 CPROVER/faultyInput/* instead? Really simple and avoids any permissions problems.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On the checks page (here, e.g.: https://github.com/diffblue/cbmc/pull/5916/checks there is an "artifacts" button on the top left, which allows (me) to download, I did not see any permission restrictions in the description of the action). Yes, I could also dump the content of the files, but that likely floods the output, as those are preprocessed already.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Err, thank you, that was too easy. A first fix is in #5928.

86 changes: 86 additions & 0 deletions integration/linux/compile_linux.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
#!/bin/bash

# Fail on errors
# set -e # not for now

# Show steps we execute
set -x

# This script needs to operate in the root directory of the CBMC repository
SCRIPT=$(readlink -e "$0")
readonly SCRIPT
SCRIPTDIR=$(dirname "$SCRIPT")
readonly SCRIPTDIR
cd "$SCRIPTDIR/../.."

# Build CBMC tools
make -C src minisat2-download
make -C src CXX='ccache /usr/bin/g++' cbmc.dir goto-cc.dir goto-diff.dir -j$(nproc)

# Get one-line-scan, if we do not have it already
[ -d one-line-scan ] || git clone https://github.com/awslabs/one-line-scan.git one-line-scan

# Get Linux v5.10, if we do not have it already
[ -d linux_5_10 ] || git clone -b v5.10 --depth=1 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux_5_10

# Prepare compile a part of the kernel with CBMC via one-line-scan
ln -s goto-cc src/goto-cc/goto-ld
ln -s goto-cc src/goto-cc/goto-as
ln -s goto-cc src/goto-cc/goto-g++


configure_linux ()
{
pushd linux_5_10

cat > kvm-config <<EOF
CONFIG_64BIT=y
CONFIG_X86_64=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_MULTIUSER=y
CONFIG_NET=y
CONFIG_VIRTUALIZATION=y
CONFIG_HYPERVISOR_GUEST=y
CONFIG_PARAVIRT=y
CONFIG_KVM_GUEST=y
CONFIG_KVM=y
CONFIG_KVM_INTEL=y
CONFIG_KVM_AMD=y
EOF
# use the configuration from the generated file
export KCONFIG_ALLCONFIG=kvm-config

# ... and use it during configuration
make allnoconfig
popd
}

# Configure kernel, and compile all of it
configure_linux
make -C linux_5_10 bzImage -j $(nproc)

# Clean files we want to be able to re-compile
find linux_5_10/arch/x86/kvm/ -name "*.o" -delete

# Compile Linux with CBMC via one-line-scan, and check for goto-cc section
# Re-Compile with goto-cc, and measure disk space
declare -i STATUS=0
du -h --max-depth=1
one-line-scan/one-line-scan \
--add-to-path $(pwd)/src/cbmc --add-to-path $(pwd)/src/goto-diff --add-to-path $(pwd)/src/goto-cc \
--cbmc \
--no-analysis \
--trunc-existing \
--extra-cflags -Wno-error \
-o CPROVER -j 5 -- \
make -C linux_5_10 bzImage -j $(nproc) || STATUS=$?
du -h --max-depth=1

# Check for faulty input
ls CPROVER/faultyInput/* || true

# Check for produced output in the files we deleted above
objdump -h linux_5_10/arch/x86/kvm/x86.o | grep "goto-cc" || STATUS=$?

# Propagate failures
exit "$STATUS"