diff options
| author | Aleksandr Nogikh <nogikh@google.com> | 2021-09-23 16:15:41 +0000 |
|---|---|---|
| committer | Aleksandr Nogikh <wp32pw@gmail.com> | 2021-12-10 12:30:07 +0100 |
| commit | fd8caa5462e64f37cb9eebd75ffca1737dde447d (patch) | |
| tree | bfa900ebf41099b21476e72acdf063ee630178c9 /pkg/ipc | |
| parent | 4d4ce9bc2a12073dcc8b917f9fc2a4ecba26c4c5 (diff) | |
all: replace collide mode by `async` call property
Replace the currently existing straightforward approach to race triggering
(that was almost entirely implemented inside syz-executor) with a more
flexible one.
The `async` call property instructs syz-executor not to block until the
call has completed execution and proceed immediately to the next call.
The decision on what calls to mark with `async` is made by syz-fuzzer.
Ultimately this should let us implement more intelligent race provoking
strategies as well as make more fine-grained reproducers.
Diffstat (limited to 'pkg/ipc')
| -rw-r--r-- | pkg/ipc/ipc.go | 4 | ||||
| -rw-r--r-- | pkg/ipc/ipc_test.go | 2 | ||||
| -rw-r--r-- | pkg/ipc/ipcconfig/ipcconfig.go | 5 |
3 files changed, 5 insertions, 6 deletions
diff --git a/pkg/ipc/ipc.go b/pkg/ipc/ipc.go index 03b28e4ce..5bf4738ca 100644 --- a/pkg/ipc/ipc.go +++ b/pkg/ipc/ipc.go @@ -49,11 +49,11 @@ const ( type ExecFlags uint64 const ( - FlagCollectCover ExecFlags = 1 << iota // collect coverage + FlagCollectSignal ExecFlags = 1 << iota // collect feedback signals + FlagCollectCover // collect coverage FlagDedupCover // deduplicate coverage in executor FlagCollectComps // collect KCOV comparisons FlagThreaded // use multiple threads to mitigate blocked syscalls - FlagCollide // collide syscalls to provoke data races FlagEnableCoverageFilter // setup and use bitmap to do coverage filter ) diff --git a/pkg/ipc/ipc_test.go b/pkg/ipc/ipc_test.go index 44fdb67bd..bb110e388 100644 --- a/pkg/ipc/ipc_test.go +++ b/pkg/ipc/ipc_test.go @@ -87,7 +87,7 @@ func TestExecute(t *testing.T) { bin := buildExecutor(t, target) defer os.Remove(bin) - flags := []ExecFlags{0, FlagThreaded, FlagThreaded | FlagCollide} + flags := []ExecFlags{0, FlagThreaded} for _, flag := range flags { t.Logf("testing flags 0x%x\n", flag) cfg := &Config{ diff --git a/pkg/ipc/ipcconfig/ipcconfig.go b/pkg/ipc/ipcconfig/ipcconfig.go index 3791322f2..5be4d4b39 100644 --- a/pkg/ipc/ipcconfig/ipcconfig.go +++ b/pkg/ipc/ipcconfig/ipcconfig.go @@ -14,7 +14,6 @@ import ( var ( flagExecutor = flag.String("executor", "./syz-executor", "path to executor binary") flagThreaded = flag.Bool("threaded", true, "use threaded mode in executor") - flagCollide = flag.Bool("collide", true, "collide syscalls to provoke data races") flagSignal = flag.Bool("cover", false, "collect feedback signals (coverage)") flagSandbox = flag.String("sandbox", "none", "sandbox for fuzzing (none/setuid/namespace/android)") flagDebug = flag.Bool("debug", false, "debug output from executor") @@ -46,8 +45,8 @@ func Default(target *prog.Target) (*ipc.Config, *ipc.ExecOpts, error) { if *flagThreaded { opts.Flags |= ipc.FlagThreaded } - if *flagCollide { - opts.Flags |= ipc.FlagCollide + if *flagSignal { + opts.Flags |= ipc.FlagCollectSignal } return c, opts, nil |