| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
We used the wrong name for the optional argument.
|
| |
|
|
| |
Reduce the number of arguments by using a csource.Option value directly.
|
| |
|
|
|
|
| |
This makes it possible to skip certain machine
checks depending on the VM type, as syz-manager
already does.
|
| |
|
|
|
|
|
|
|
|
|
| |
When we accept new kernels for fuzzing we need more extensive testing,
but syz-ci switched to using syz-manager for this purpose.
Now instance testing is used only for bisection and patch testing,
which does not need such extensive image testing (it may even harm).
So just run a simple program as a testing.
It also uses the same features as the target reproducer,
so e.g. if the reproducer does not use wifi, we won't test it,
which reduces changes of unrelated kernel bugs.
|
| |
|
|
| |
syz-manager: introduce a new setting 'sandbox_arg' (#3263)
|
| |
|
|
|
|
|
|
| |
Otherwise we get problems while testing patches for older syzkaller
versions, which didn't support optional arguments.
Adjust tests so that problems with how OldFuzzerCmd handles such
arguments could be seen.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the currently existing straightforward approach to race triggering
(that was almost entirely implemented inside syz-executor) with a more
flexible one.
The `async` call property instructs syz-executor not to block until the
call has completed execution and proceed immediately to the next call.
The decision on what calls to mark with `async` is made by syz-fuzzer.
Ultimately this should let us implement more intelligent race provoking
strategies as well as make more fine-grained reproducers.
|
| |
|
|
| |
environment for each program
|
| |
|
|
| |
These can be used to disable threaded execution and collision mode for program's system calls.
|
| |
|
|
| |
This function creates the command for starting a runner with the provided command line arguments.
|
| |
|
|
|
|
| |
Add sys/targets.Timeouts struct that parametrizes timeouts throughout the system.
The struct allows to control syscall/program/no output timeouts for OS/arch/VM/etc.
See comment on the struct for more details.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We use strings to identify OS/Arch.
These strings are duplicated throughout the code base massively.
golangci-lint points to possiblity of typos and duplication.
We already had to define these names in pkg/csource
and disable checking for prog package. A future change triggers
such warnings in another package.
Add OS/Arch name consts to sys/targets so that they can be used
to refer to OS/Arch. Use the consts everywhere.
|
| |
|
|
|
|
|
|
|
| |
Go support is not a priority for Fuchsia at the moment, so it's
preferable to use host fuzzing mode for Fuchsia like currently done
for Akaros.
This commit basically looks for all the places where there was special
logic for OS=="akaros" and extends the same logic for OS=="fuchsia".
|
| |
|
|
|
| |
To avoid conflicts with programs that import both syzkaller packages
and github.com/golang/glog which also defines -v flag.
|
| | |
|
|
|
New FuzzerCmd generates flags that can't be parsed by an old fuzzer.
Fix that and add a test.
|
