diff options
| author | Aleksandr Nogikh <nogikh@google.com> | 2025-09-04 16:23:18 +0200 |
|---|---|---|
| committer | Aleksandr Nogikh <nogikh@google.com> | 2025-10-01 20:14:51 +0000 |
| commit | 17e67ed6bfc97990b3215df7fe40b5fba86eba62 (patch) | |
| tree | 8cd8ca14bd5e884d1edf670a513920ed597e209f /syz-cluster | |
| parent | a90d2b19fb0b8b7526a51b8bbeb9b887b84503e6 (diff) | |
syz-cluster: configure bug title filter
Instead of just checking whether the bug was observed on the base crash,
accept a regexp of accepted bug titles as well.
Diffstat (limited to 'syz-cluster')
| -rw-r--r-- | syz-cluster/pkg/api/api.go | 2 | ||||
| -rw-r--r-- | syz-cluster/workflow/fuzz-step/main.go | 18 | ||||
| -rw-r--r-- | syz-cluster/workflow/fuzz-step/main_test.go | 11 |
3 files changed, 30 insertions, 1 deletions
diff --git a/syz-cluster/pkg/api/api.go b/syz-cluster/pkg/api/api.go index 49a5a7f45..a634fe344 100644 --- a/syz-cluster/pkg/api/api.go +++ b/syz-cluster/pkg/api/api.go @@ -26,6 +26,8 @@ type FuzzConfig struct { CorpusURL string `json:"corpus_url"` // Don't expect kernel coverage for the patched area. SkipCoverCheck bool `json:"skip_cover_check"` + // Only report the bugs that match the regexp. + BugTitleRe string `json:"bug_title_re"` } // The triage step of the workflow will request these from controller. diff --git a/syz-cluster/workflow/fuzz-step/main.go b/syz-cluster/workflow/fuzz-step/main.go index fa690dc93..72b50c943 100644 --- a/syz-cluster/workflow/fuzz-step/main.go +++ b/syz-cluster/workflow/fuzz-step/main.go @@ -14,6 +14,7 @@ import ( "net/http" "os" "path/filepath" + "regexp" "time" "github.com/google/syzkaller/pkg/build" @@ -183,7 +184,11 @@ func run(baseCtx context.Context, config *api.FuzzConfig, client *api.Client, Store: store, MaxTriageTime: timeout / 2, FuzzToReachPatched: fuzzToReachPatched(config), - BaseCrashKnown: func(ctx context.Context, title string) (bool, error) { + IgnoreCrash: func(ctx context.Context, title string) (bool, error) { + if !titleMatchesFilter(config, title) { + log.Logf(1, "crash %q doesn't match the filter", title) + return true, nil + } ret, err := client.BaseFindingStatus(ctx, &api.BaseFindingInfo{ BuildID: *flagBaseBuild, Title: title, @@ -191,6 +196,9 @@ func run(baseCtx context.Context, config *api.FuzzConfig, client *api.Client, if err != nil { return false, err } + if ret.Observed { + log.Logf(1, "crash %q is already known", title) + } return ret.Observed, nil }, }) @@ -382,6 +390,14 @@ func shouldSkipFuzzing(base, patched build.SectionHashes) bool { return false } +func titleMatchesFilter(config *api.FuzzConfig, title string) bool { + matched, err := regexp.MatchString(config.BugTitleRe, title) + if err != nil { + app.Fatalf("invalid BugTitleRe regexp: %v", err) + } + return matched +} + func readSymbolHashes() (base, patched build.SectionHashes, err error) { // These are saved by the build step. base, err = readSectionHashes("/base/symbol_hashes.json") diff --git a/syz-cluster/workflow/fuzz-step/main_test.go b/syz-cluster/workflow/fuzz-step/main_test.go index 038690bd6..6f305a818 100644 --- a/syz-cluster/workflow/fuzz-step/main_test.go +++ b/syz-cluster/workflow/fuzz-step/main_test.go @@ -12,6 +12,7 @@ import ( "github.com/google/syzkaller/pkg/build" "github.com/google/syzkaller/pkg/osutil" + "github.com/google/syzkaller/syz-cluster/pkg/api" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -117,3 +118,13 @@ func TestShouldSkipFuzzing(t *testing.T) { )) }) } + +func TestBugTitleRe(t *testing.T) { + assert.True(t, titleMatchesFilter(&api.FuzzConfig{}, "any title must match")) + assert.True(t, titleMatchesFilter(&api.FuzzConfig{ + BugTitleRe: `^Prefix:`, + }, "Prefix: must pass")) + assert.False(t, titleMatchesFilter(&api.FuzzConfig{ + BugTitleRe: `^Prefix:`, + }, "Without prefix")) +} |