Taras Madan

This commit **updates the documentation** for the `reproduce-crash` tool located in the `pkg/aflow/tool/syzlang` package. A new sentence has been added to instruct users to verify any generated syz repro programs with this specific tool. This **documentation enhancement** aims to improve the reliability and correctness of automatically generated syzkaller programs by ensuring they undergo proper validation. The update guides users, and implicitly automated systems like LLMs, to leverage this critical verification step.

This commit provides a **bug fix** within the **`pkg/aflow/action/crash/reproduce.go`** module, specifically targeting the `RunTest` function. It addresses a critical issue where an empty `ReproOpts` structure could lead to "0 params found" errors during test execution. By ensuring `ReproOpts` are initialized with default values if not explicitly provided, this change prevents parameter-related failures and improves the reliability of the crash reproduction process. This **maintenance** update resolves issues introduced by earlier commits, enhancing the stability of the `aflow` tool.

This commit **enhances the user interface** of the **dashboard application** by making the **title column** within **list tables** more flexible. It specifically adjusts the CSS properties for the `.list_table .title` selector in `pkg/html/pages/style.css` to allow for dynamic width adjustments. This **UI/styling adjustment** improves the responsiveness and adaptability of table layouts, ensuring better presentation of titles across various display contexts within the dashboard.

This commit performs a **maintenance update** to the **GitHub Actions CI workflow**, specifically modifying the `.github/workflows/ci.yml` file. It configures the pipeline to utilize `ubuntu-22.04-16core` runners, aiming for improved performance and consistency in the build environment. Additionally, a specific container image is now enforced across the build, dashboard, race, and race_dashboard jobs, standardizing their execution context. This change ensures a more reliable and predictable continuous integration process by unifying the underlying infrastructure.

This commit performs **maintenance** by **fixing** an oversight in the **GitHub Actions workflows** configuration. It removes lingering references to a `triage` workflow that had previously been deleted, ensuring all workflow definitions are up-to-date. This **cleanup** prevents potential errors or warnings in the automated CI/CD system by eliminating calls to a non-existent workflow.

This commit **fixes** a configuration issue within the **CI/CD workflows** by resolving a problem caused by a previously removed workflow file. Specifically, the system was encountering confusion due to the absence of `.github/workflows/gemini-triage.yml`, which was no longer present. This **maintenance** change ensures that the remaining `gemini-cli` related workflows can execute correctly without encountering errors or inconsistencies from referencing a non-existent file.

This commit performs a **maintenance chore** by **adjusting the default configurations** for several **Gemini GitHub Actions workflows**. It adds **copyright headers** to `gemini-dispatch.yml`, `gemini-invoke.yml`, `gemini-plan-execute.yml`, and `gemini-review.yml`. Crucially, the `gemini-dispatch.yml` workflow has **most of its automated triggers disabled**, now primarily responding to comment-based events. This change streamlines the invocation of these **CI/CD processes** by reducing automatic executions and standardizing file headers.

This commit introduces a **new capability** by integrating **Gemini AI-driven automation** into the repository's GitHub Actions workflows. It adds several new TOML configuration files under `.github/commands/` that define the persona, principles, and execution steps for various Gemini commands, such as `invoke`, `plan-execute`, `review`, and `triage`. Concurrently, new GitHub Actions workflows are established under `.github/workflows/` to dispatch and execute these Gemini CLI commands in response to events like pull requests, issues, and scheduled triggers. This enables automated AI-powered code reviews, issue triage, and command execution, significantly enhancing the project's continuous integration and development processes. A minor update to `.gitignore` also ensures proper exclusion of Gemini-related local files.

This commit **removes an outdated GitHub Actions workflow**, `gemini-pr-review.yml`, from the `.github/workflows` directory. This **maintenance** task streamlines the **CI/CD pipeline** by eliminating a workflow previously used for automated pull request reviews. The deletion reduces unnecessary processing and simplifies the project's automation configuration, as the functionality it provided is no longer desired.

This commit **improves error reporting** within the **VM module's SSH utility**. The `WaitForSSH` function in `vm/vmimpl/util.go` has been updated to use `osutil.VerboseMessage` when an SSH connection fails. This **bug fix** provides **more detailed and user-friendly error messages**, making it easier to diagnose and resolve issues related to SSH connectivity to virtual machines.

This commit provides a **bug fix** for the **`dashboard/app` module** by correcting how the application identifies its runtime environment. Specifically, within the `runInTransaction` function in `entities_datastore.go`, the incorrect `appengine.IsDevAppServer()` check has been replaced. The new implementation now uses `testing.Testing()` to accurately determine if the code is executing within a **test environment**. This ensures that **data storage transactions** are handled appropriately during testing, preventing erroneous behavior or misconfigurations.

This commit implements a **retry mechanism** within the **dashboard application's data access layer** to enhance test stability when interacting with the **Datastore emulator**. Specifically, it modifies the `runInTransaction` function in `dashboard/app/entities_datastore.go` to automatically retry operations upon encountering a "'Transaction not found'" error. This **bug fix** addresses a known emulator-specific flakiness, preventing intermittent test failures. The change significantly **stabilizes integration tests** that rely on the Datastore emulator, improving the reliability of the CI/CD pipeline.

This commit performs a **maintenance chore** by **updating the Google Cloud SDK** within the **`tools/docker/env`** Docker image. The primary motivation for this upgrade, from version 519.0.0 to 560.0.0, is to ensure the **datastore emulator** is running a more current version. This update helps keep the local development and testing environments aligned with newer Cloud SDK features and fixes, while also adjusting permissions for the SDK directory.

This commit **refactors** the `updateSingleBug` function within the **dashboard application's data store** (`entities_datastore.go`). It modifies the transaction handling to consistently pass the `XG: true` option to `runInTransaction`. This change ensures that updates to single bug entities are always processed within **explicitly grouped transactions**, standardizing behavior and potentially improving the atomicity and performance of these operations.

This commit **refactors the Docker build process** by changing the installation method for the `bindgen` tool within the `tools/docker/env` and `tools/docker/syzbot` environments. Instead of using `cargo install`, `bindgen` is now acquired via `apt-get`. This **build system improvement** streamlines dependency management, potentially leading to **faster and more reliable Docker image builds** for these specific development and testing environments. The change primarily impacts the **Docker build infrastructure**, ensuring a more consistent and efficient setup for Rust-related tooling.

This commit introduces a **performance optimization** to the **Docker build environment** by modifying the `tools/docker/env/Dockerfile`. It **refactors** the `cargo install bindgen-cli` command to explicitly utilize all available CPU cores during compilation. This change significantly **speeds up the installation** of the `bindgen-cli` dependency, which was identified as a bottleneck in the Docker image build process. The **maintenance** effort directly improves the efficiency of development and CI/CD workflows by reducing overall build times.

This commit performs a **dependency update** by upgrading the **Google Cloud Spanner emulator** from version 1.5.28 to 1.5.51. This **maintenance** task specifically modifies the `Dockerfile` located in the `tools/docker/env/` directory. The update ensures that all local development and testing environments utilizing the Dockerized Spanner emulator benefit from the **latest features, bug fixes, and performance enhancements**, thereby improving the reliability and compatibility of Spanner-dependent components.

This commit **enhances the bug reproduction flow** within the `pkg/aflow` system by integrating the `crash.Reproduce` action into the `pkg/aflow/flow/repro` module. It introduces new input parameters and passes specific reproduction options (`ReproSyz`, `ReproOpts`) to the underlying test environment, allowing for more precise and configurable reproduction attempts. The `ReproOutputs` struct in `pkg/aflow/ai` is extended to store the outcome and crash report of these attempts, and a critical new comparison step is added to **verify the bug title** against the reproduction results. This **new capability** significantly improves the system's ability to automatically reproduce and validate reported bugs with greater accuracy.

This commit introduces a **new capability** to the **`pkg/aflow/tool/syzlang`** module, enabling its `reproduce` function to execute syzlang programs directly on a virtual machine. This is achieved by integrating with the refactored `crash.ReproduceFunc` from **`pkg/aflow/action/crash`**, which now includes better error handling and crash description updates. The change significantly enhances the realism and isolation of syzlang program reproduction, moving from local execution to a more robust VM-based testing environment. Additionally, a minor **maintenance** update adds an `Unwrap` method to `flowError` in `pkg/aflow/execute.go` for improved error handling.

This commit introduces a **new capability** by integrating a `crash-reproducer` tool into the `pkg/aflow` module, specifically within `pkg/aflow/tool/syzlang`. This tool is designed to **verify and execute syz programs** to detect kernel crashes, thereby incorporating the `syzlang.Reproduce` functionality into the formal reasoning instruction flow. The addition includes comprehensive unit tests for the `reproduce` tool, covering various valid and invalid syz program inputs. This enhancement significantly aids in the **reproduction and analysis of kernel vulnerabilities** by providing a dedicated mechanism to confirm crash scenarios.