| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Any is the preferred over interface{} now in Go.
|
| |
|
|
|
|
|
|
|
| |
In the presence of numerous program seeds that mount fs images, our html
coverage reports end up being as big as 1GB, which makes it problematic
to render/manipulate them in the web browser.
Adjust coverage report generation: once the total size of program seeds
exceeds 100MB, switch to the compact seed serialization mode.
|
| | |
|
| |
|
|
| |
This reduces the redundancy a bit.
|
| |
|
|
|
|
| |
On the syz-manager's html dashboard, dispay the number of repro attempts
per each bug. It will help distinguish the bugs where reproduction
was attempted and failed from those that have never been reproduced yet.
|
| |
|
|
| |
If the manager name is set, display it in the header.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We used to generate a choice table and do its normalization for all
present syscalls, also it was not considered during the /prio page
generation.
Enabled/disabled syscalls were accounted for in the choice table
construction, but there's a chance that the resulting table was still
somewhat skewed.
The situation must have become worse after several thousands of auto
syscalls were added.
|
| |
|
|
|
| |
The export is quite big but is generated fast.
Every line is a valid json object representing the single program coverage.
|
| | |
|
| |
|
|
|
| |
It enables stopping the server.
Also, replace some log.Fatalf calls by returning errors.
|
| |
|
|
|
| |
This allows to understand if a bug is new
(found in the current run) or old.
|
| |
|
|
|
|
|
|
| |
We don't really need an HTTP server when running syz-manager during kernel
image testing and when running syz-diff automatically.
Don't require the config to be set and don't start the HTTP server in
this case.
|
| |
|
|
|
| |
ex to upload prog to syzkaller:
curl -s --noproxy 0.0.0.0 -F "file=@prog" http://0.0.0.0:8888/addcandidate
|
| |
|
|
|
| |
If the overflows happen often, it's bad.
Add visibility into this.
|
| |
|
|
|
|
|
| |
Currently we show number of programs that are added to the corpus
b/c of a particular syscall. Also show total number of programs
in the corpus that contain each syscall. This is different from
the first thing.
|
| | |
|
| | |
|
| |
|
|
| |
Add common manager HTML header to the stats page as well.
|
| |
|
|
|
|
|
|
|
| |
The pause function is useful to make manager stop consuming CPU
for some time, e.g. when it runs on a shared machine,
and a user wants to use CPU for something else.
Previously one would need to kill the manager process and
restart later to achieve this, but the restart is costly,
and aborts all bug reproductions.
|
| |
|
|
|
| |
Add common HTML page header to every page.
The header contains common tabs, and expert mode switch.
|
| |
|
|
|
|
| |
Add common page header to every page.
This is similar to how we do in the dashboard app,
and it will allow to have a common HTML page header.
|
| |
|
|
|
|
|
|
|
| |
Pools and ReproLoop and always created on start,
so there is no need to support lazy set for them.
It only complicates code and makes it harder to reason about.
Also introduce vm.Dispatcher as an alias to dispatcher.Pool,
as it's the only specialization we use in the project.
|
| |
|
|
|
|
|
|
|
| |
It's easy to make mistakes in templates that lead to runtime panics.
Catch them during testing.
This required to convert some pointers to values for things
that must not be nil. Otherwise the randomized test can
pass nil for the objects and templates fail.
|
| |
|
|
|
|
| |
Add a common function that is used to create all HTML pages.
This removes some duplication, and allows to prevent more
duplication in future, and to keep things consistent.
|
| |
|
|
|
|
| |
Move style from the template to the CSS file.
This is how it's done in all other cases,
and it will allow to unify more things in subsequent changes.
|
| |
|
|
|
| |
Set Corpus in HTTPServer dynamically.
Refactor syz-manager and syz-diff accordingly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the prototype version of the patch series fuzzing functionality
based on the syzkaller fuzzing engine.
The tool takes two syzkaller configs -- one for the base kernel, one for
the patched kernel. Optionally the patch itself can be also provided.
syz-diff will consider a bug patched-only if:
1) It happened while fuzzing the patched kernel.
2) It was never observed on the base kernel.
3) The tool found a repro on the patched kernel.
4) The repro did not crash the base kernel.
|
| | |
|
|
|
Decouple it from syz-manager.
Remove a lot of no longer necessary mutex calls.
|
