aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pkg/fuzzer/fuzzer.go8
-rw-r--r--pkg/fuzzer/job.go2
-rw-r--r--prog/rand.go4
-rw-r--r--syz-manager/manager.go1
4 files changed, 14 insertions, 1 deletions
diff --git a/pkg/fuzzer/fuzzer.go b/pkg/fuzzer/fuzzer.go
index 0c0119e71..fdfe95518 100644
--- a/pkg/fuzzer/fuzzer.go
+++ b/pkg/fuzzer/fuzzer.go
@@ -72,6 +72,13 @@ func NewFuzzer(ctx context.Context, cfg *Config, rnd *rand.Rand,
return f
}
+func (fuzzer *Fuzzer) RecommendedCalls() int {
+ if fuzzer.Config.ModeKFuzzTest {
+ return prog.RecommendedCallsKFuzzTest
+ }
+ return prog.RecommendedCalls
+}
+
type execQueues struct {
triageCandidateQueue *queue.DynamicOrderer
candidateQueue *queue.PlainQueue
@@ -214,6 +221,7 @@ type Config struct {
FetchRawCover bool
NewInputFilter func(call string) bool
PatchTest bool
+ ModeKFuzzTest bool
}
func (fuzzer *Fuzzer) triageProgCall(p *prog.Prog, info *flatrpc.CallInfo, call int, triage *map[int]*triageCall) {
diff --git a/pkg/fuzzer/job.go b/pkg/fuzzer/job.go
index 7f1e47bf6..bbac544f6 100644
--- a/pkg/fuzzer/job.go
+++ b/pkg/fuzzer/job.go
@@ -43,7 +43,7 @@ func (ji *JobInfo) ID() string {
func genProgRequest(fuzzer *Fuzzer, rnd *rand.Rand) *queue.Request {
p := fuzzer.target.Generate(rnd,
- prog.RecommendedCalls,
+ fuzzer.RecommendedCalls(),
fuzzer.ChoiceTable())
return &queue.Request{
Prog: p,
diff --git a/prog/rand.go b/prog/rand.go
index b06cc1a90..d54ef0dfe 100644
--- a/prog/rand.go
+++ b/prog/rand.go
@@ -21,6 +21,10 @@ const (
// "Recommended" max number of calls in programs.
// If we receive longer programs from hub/corpus we discard them.
MaxCalls = 40
+ // "Recommended" number of calls in KFuzzTest mode. These targets test the behavior
+ // of internal kernel functions rather than system behavior, and for this reason
+ // it is more sensible to generate a smaller number of calls instead of long chains.
+ RecommendedCallsKFuzzTest = 5
)
type randGen struct {
diff --git a/syz-manager/manager.go b/syz-manager/manager.go
index 4fa8b2658..67af3bb29 100644
--- a/syz-manager/manager.go
+++ b/syz-manager/manager.go
@@ -1186,6 +1186,7 @@ func (mgr *Manager) MachineChecked(features flatrpc.Feature,
defer mgr.mu.Unlock()
return !mgr.saturatedCalls[call]
},
+ ModeKFuzzTest: mgr.cfg.Experimental.EnableKFuzzTest,
}, rnd, mgr.target)
fuzzerObj.AddCandidates(candidates)
mgr.fuzzer.Store(fuzzerObj)
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 17:38:17 +0000