aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pkg/instance/instance.go12
-rw-r--r--syz-fuzzer/fuzzer.go38
-rw-r--r--syz-fuzzer/testing.go121
-rw-r--r--syz-manager/manager.go1
4 files changed, 30 insertions, 142 deletions
diff --git a/pkg/instance/instance.go b/pkg/instance/instance.go
index 6f018422b..f65311db0 100644
--- a/pkg/instance/instance.go
+++ b/pkg/instance/instance.go
@@ -358,7 +358,7 @@ func (inst *inst) testInstance() error {
return err
}
// Note: we create the test program on a newer syzkaller revision and pass it to the old execprog.
- // We rely on the non-strict program parsing to parse it successfuly.
+ // We rely on the non-strict program parsing to parse it successfully.
testProg := inst.cfg.Target.DataMmapProg().Serialize()
// Use the same options as the target reproducer.
// E.g. if it does not use wifi, we won't test it, which reduces changes of unrelated kernel bugs.
@@ -403,8 +403,11 @@ func (inst *inst) testRepro() ([]byte, error) {
}
out, err = transformError(execProg.RunSyzProg(inst.reproSyz,
inst.cfg.Timeouts.NoOutputRunningTime, opts, SyzExitConditions))
+ if err != nil {
+ return out, err
+ }
}
- if err == nil && len(inst.reproC) > 0 {
+ if len(inst.reproC) > 0 {
// We should test for more than full "no output" timeout, but the problem is that C reproducers
// don't print anything, so we will get a false "no output" crash.
out, err = transformError(execProg.RunCProgRaw(inst.reproC, inst.cfg.Target,
@@ -453,7 +456,6 @@ type FuzzerCmdArgs struct {
Verbosity int
Cover bool
Debug bool
- Test bool
Optional *OptionalFuzzerArgs
}
@@ -479,9 +481,9 @@ func FuzzerCmd(args *FuzzerCmdArgs) string {
optionalArg = " " + tool.OptionalFlags(flags)
}
return fmt.Sprintf("%v -executor=%v -name=%v -arch=%v%v -manager=%v -sandbox=%v"+
- " -procs=%v -cover=%v -debug=%v -test=%v%v%v",
+ " -procs=%v -cover=%v -debug=%v %v%v",
args.Fuzzer, args.Executor, args.Name, args.Arch, osArg, args.FwdAddr, args.Sandbox,
- args.Procs, args.Cover, args.Debug, args.Test, verbosityArg, optionalArg)
+ args.Procs, args.Cover, args.Debug, verbosityArg, optionalArg)
}
func ExecprogCmd(execprog, executor, OS, arch, sandbox string, sandboxArg int, repeat, threaded, collide bool,
diff --git a/syz-fuzzer/fuzzer.go b/syz-fuzzer/fuzzer.go
index fbc00feeb..8e6537616 100644
--- a/syz-fuzzer/fuzzer.go
+++ b/syz-fuzzer/fuzzer.go
@@ -6,6 +6,7 @@ package main
import (
"flag"
"fmt"
+ "io"
"net/http"
_ "net/http/pprof"
"os"
@@ -13,6 +14,7 @@ import (
"runtime"
"runtime/debug"
"slices"
+ "strings"
"sync"
"sync/atomic"
"time"
@@ -62,7 +64,6 @@ func main() {
flagArch = flag.String("arch", runtime.GOARCH, "target arch")
flagManager = flag.String("manager", "", "manager rpc address")
flagProcs = flag.Int("procs", 1, "number of parallel test processes")
- flagTest = flag.Bool("test", false, "enable image testing mode") // used by syz-ci
flagPprofPort = flag.Int("pprof_port", 0, "HTTP port for the pprof endpoint (disabled if 0)")
)
defer tool.Init()()
@@ -73,7 +74,7 @@ func main() {
log.SyzFatal(err)
}
- config, execOpts, err := ipcconfig.Default(target)
+ config, _, err := ipcconfig.Default(target)
if err != nil {
log.SyzFatalf("failed to create default ipc config: %v", err)
}
@@ -92,19 +93,6 @@ func main() {
setupPprofHandler(*flagPprofPort)
}
- if *flagTest {
- checkArgs := &checkArgs{
- target: target,
- sandbox: ipc.FlagsToSandbox(execOpts.EnvFlags),
- ipcConfig: config,
- ipcExecOpts: execOpts,
- gitRevision: prog.GitRevision,
- targetRevision: target.Revision,
- }
- testImage(*flagManager, checkArgs)
- return
- }
-
executorArch, executorSyzRevision, executorGitRevision, err := executorVersion(executor)
if err != nil {
log.SyzFatalf("failed to run executor version: %v ", err)
@@ -299,3 +287,23 @@ func setupPprofHandler(port int) {
}
}()
}
+
+func executorVersion(bin string) (string, string, string, error) {
+ args := strings.Split(bin, " ")
+ args = append(args, "version")
+ cmd := osutil.Command(args[0], args[1:]...)
+ cmd.Stderr = io.Discard
+ if _, err := cmd.StdinPipe(); err != nil { // for the case executor is wrapped with ssh
+ return "", "", "", err
+ }
+ out, err := osutil.Run(time.Minute, cmd)
+ if err != nil {
+ return "", "", "", fmt.Errorf("failed to run executor version: %w", err)
+ }
+ // Executor returns OS, arch, descriptions hash, git revision.
+ vers := strings.Split(strings.TrimSpace(string(out)), " ")
+ if len(vers) != 4 {
+ return "", "", "", fmt.Errorf("executor version returned bad result: %q", string(out))
+ }
+ return vers[1], vers[2], vers[3], nil
+}
diff --git a/syz-fuzzer/testing.go b/syz-fuzzer/testing.go
deleted file mode 100644
index dbf0e9b70..000000000
--- a/syz-fuzzer/testing.go
+++ /dev/null
@@ -1,121 +0,0 @@
-// Copyright 2017 syzkaller project authors. All rights reserved.
-// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
-
-package main
-
-import (
- "fmt"
- "io"
- "net"
- "strings"
- "time"
-
- "github.com/google/syzkaller/pkg/flatrpc"
- "github.com/google/syzkaller/pkg/ipc"
- "github.com/google/syzkaller/pkg/log"
- "github.com/google/syzkaller/pkg/osutil"
- "github.com/google/syzkaller/prog"
-)
-
-type checkArgs struct {
- target *prog.Target
- sandbox string
- gitRevision string
- targetRevision string
- ipcConfig *ipc.Config
- ipcExecOpts *flatrpc.ExecOpts
-}
-
-func testImage(hostAddr string, args *checkArgs) {
- // gVisor uses "stdin" for communication, which is not a real tcp address.
- if hostAddr != "stdin" {
- log.Logf(0, "connecting to host at %v", hostAddr)
- timeout := time.Minute * args.ipcConfig.Timeouts.Scale
- conn, err := net.DialTimeout("tcp", hostAddr, timeout)
- if err != nil {
- log.SyzFatalf("failed to connect to host: %v", err)
- }
- conn.Close()
- }
- if err := checkRevisions(args); err != nil {
- log.SyzFatal(err)
- }
- if err := checkSimpleProgram(args); err != nil {
- log.SyzFatal(err)
- }
-}
-
-func checkRevisions(args *checkArgs) error {
- log.Logf(0, "checking revisions...")
- arch, syzRev, gitRev, err := executorVersion(args.ipcConfig.Executor)
- if err != nil {
- return err
- }
- if args.target.Arch != arch {
- return fmt.Errorf("mismatching target/executor arches: %v vs %v", args.target.Arch, arch)
- }
- if prog.GitRevision != gitRev {
- return fmt.Errorf("mismatching fuzzer/executor git revisions: %v vs %v",
- prog.GitRevision, gitRev)
- }
- if args.gitRevision != prog.GitRevision {
- return fmt.Errorf("mismatching manager/fuzzer git revisions: %v vs %v",
- args.gitRevision, prog.GitRevision)
- }
- if args.target.Revision != syzRev {
- return fmt.Errorf("mismatching fuzzer/executor system call descriptions: %v vs %v",
- args.target.Revision, syzRev)
- }
- if args.target.Revision != args.targetRevision {
- return fmt.Errorf("mismatching fuzzer/manager system call descriptions: %v vs %v",
- args.target.Revision, args.targetRevision)
- }
- return nil
-}
-
-func executorVersion(bin string) (string, string, string, error) {
- args := strings.Split(bin, " ")
- args = append(args, "version")
- cmd := osutil.Command(args[0], args[1:]...)
- cmd.Stderr = io.Discard
- if _, err := cmd.StdinPipe(); err != nil { // for the case executor is wrapped with ssh
- return "", "", "", err
- }
- out, err := osutil.Run(time.Minute, cmd)
- if err != nil {
- return "", "", "", fmt.Errorf("failed to run executor version: %w", err)
- }
- // Executor returns OS, arch, descriptions hash, git revision.
- vers := strings.Split(strings.TrimSpace(string(out)), " ")
- if len(vers) != 4 {
- return "", "", "", fmt.Errorf("executor version returned bad result: %q", string(out))
- }
- return vers[1], vers[2], vers[3], nil
-}
-
-func checkSimpleProgram(args *checkArgs) error {
- log.Logf(0, "testing simple program...")
- env, err := ipc.MakeEnv(args.ipcConfig, 0)
- if err != nil {
- return fmt.Errorf("failed to create ipc env: %w", err)
- }
- defer env.Close()
- p := args.target.DataMmapProg()
- output, info, hanged, err := env.Exec(args.ipcExecOpts, p)
- if err != nil {
- return fmt.Errorf("program execution failed: %w\n%s", err, output)
- }
- if hanged {
- return fmt.Errorf("program hanged:\n%s", output)
- }
- if len(info.Calls) == 0 {
- return fmt.Errorf("no calls executed:\n%s", output)
- }
- if info.Calls[0].Error != 0 {
- return fmt.Errorf("simple call failed: %+v\n%s", info.Calls[0], output)
- }
- if args.ipcExecOpts.EnvFlags&flatrpc.ExecEnvSignal != 0 && len(info.Calls[0].Signal) < 2 {
- return fmt.Errorf("got no coverage:\n%s", output)
- }
- return nil
-}
diff --git a/syz-manager/manager.go b/syz-manager/manager.go
index ff29ed73b..0d984de2d 100644
--- a/syz-manager/manager.go
+++ b/syz-manager/manager.go
@@ -854,7 +854,6 @@ func (mgr *Manager) runInstanceInner(index int, instanceName string, injectLog <
Verbosity: fuzzerV,
Cover: mgr.cfg.Cover,
Debug: *flagDebug,
- Test: false,
Optional: &instance.OptionalFuzzerArgs{
Slowdown: mgr.cfg.Timeouts.Slowdown,
SandboxArg: mgr.cfg.SandboxArg,
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 20:00:17 +0000