| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
Focus area assigns a fuzzing priority to a set of PCs.
When running ChooseProgram(), corpus will first select a focus area
proportionally to the specified weights, and only then continue with
selecting a program belonging to it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Occasionally, deflake() and minimize() fail and we end up with huge
programs in the syzkaller corpus. Huge programs in the corpus, in turn,
lead to slower corpus triage and slower exec/sec overall, since many of
the executed programs are based on the ones from the corpus.
A slightly bigger corpus with on average shorter and more focused
programs sounds like a more desirable outcome.
Give preference to smaller programs during minimization. It should
hopefully improve the situation over time.
|
| |
|
|
|
|
|
| |
There's still a risk of a race between the pointer overwriting and
accesses to the embedded object.
Let's use an internal replace() method instead.
|
| |
|
|
|
|
|
|
| |
The following two operations were in conflict:
1) Overwriting of corpus.ProgramsList in Minimize().
2) ProgramsList.ChooseProgram() that used its own mutex.
Instead of overwriting the object, let's create a new one.
|
|
|
pkg/fuzzer and syz-manager have a common corpus functionality that can
be well be unified.
Create a separate pkg/corpus package that would be used by both of them.
It will simplify further work of moving pkg/fuzzer to the host.
|
