aboutsummaryrefslogtreecommitdiffstats
path: root/pkg/mgrconfig
Commit message (Collapse)AuthorAgeFilesLines
* prog: support snapshot-only callsDmitry Vyukov2026-01-021-17/+19
| | | | Update #5308
* all: use any instead of interface{}Dmitry Vyukov2025-12-221-1/+1
| | | | Any is the preferred over interface{} now in Go.
* pkg/mgrconfig: export defaultValues functionDmitry Vyukov2025-12-181-3/+3
| | | | It may be useful if the config value is synthesised programmatically.
* pkg/mgrconfig: export SplitTarget functionDmitry Vyukov2025-11-241-22/+20
| | | | It will be useful for new syz-agent binary in the future.
* pkg/mgrconfig: ensure reproduce is set to false when type is set to nonePimyn Girgis2025-11-041-0/+5
|
* pkg/mgrconfig: add experimental enable_kfuzztest boolean flagEthan Graham2025-09-221-0/+3
|
* doc: remove stray double quote character from commentMoritz Buhl2025-07-241-1/+1
|
* tools: repair syz-testbuildAleksandr Nogikh2025-04-221-7/+13
| | | | | | 1. Properly set up a manager config. 2. Use clang/ld.lld by default. 3. Set the right boot partition for qemu VMs.
* pkg: use kernelDir instead of 3 parametersTaras Madan2025-03-271-0/+14
| | | | It allows to reduce parameters count for some functions.
* pkg/mgrconfig: add a sample syzkaller configAleksandr Nogikh2025-03-201-0/+27
| | | | | Add a sample syzkaller config with comments so that we could refer to it in the tutorials.
* pkg/cover: allow paths to be excluded from statsKevin Ding2025-03-111-2/+2
| | | | | | | | | | | | | | | Some sub paths may not be covered due to hardware configuration, or lack of interest. This patch allows them to be excluded from the stats. This can be convenient if the excluded paths are deep in the hierarchy: { "name": "sound", "path": [ "techpack/audio", "-techpack/audio/asoc/aaa/bbb" "-techpack/audio/asoc/aaa/ccc" ] }
* all: enable run_fsck by defaultAleksandr Nogikh2025-02-062-0/+2
| | | | | Check for the existence of fsck binaries and report their absence only once.
* all: support empty HTTP configAleksandr Nogikh2025-01-141-1/+0
| | | | | | | | We don't really need an HTTP server when running syz-manager during kernel image testing and when running syz-diff automatically. Don't require the config to be set and don't start the HTTP server in this case.
* all: add support for binaries shipped with targetStefan Wiehler2024-12-172-3/+26
| | | | | | | | | | | In some build environments (notably Yocto), syzkaller host and target binaries end up in separate packages for each built architecture, which are then shipped with the respective image/SDK. Add the "Execprog/ExecutorBinOnTarget" and "StraceBinOnTarget" options to the manager config, which when set expects the respective binaries to be shipped with the target image and does not attempt to copy them from the host.
* prog: annotate image assets with fsck logsFlorent Revest2024-12-091-0/+7
| | | | | | | | | | | | | | | | | | Syscall attributes are extended with a fsck command field which lets file system mount definitions specify a fsck-like command to run. This is required because all file systems have a custom fsck command invokation style. When uploading a compressed image asset to the dashboard, syz-manager also runs the fsck command and logs its output over the dashapi. The dashboard logs these fsck logs into the database. This has been requested by fs maintainer Ted Tso who would like to quickly understand whether a filesystem is corrupted or not before looking at a reproducer in more details. Ultimately, this could be used as an early triage sign to determine whether a bug is obviously critical.
* pkg/mgrconfig: properly convert cover_filterAleksandr Nogikh2024-10-281-0/+1
| | | | | | | | | If we have converted one way of configuration into another, we should reset the old one. Otherwise after the processing in syz-ci both will be set and the instance no longer starts due to "you cannot use both cov_filter and focus_areas".
* pkg/mgrconfig, syz-manager: support focus areasAleksandr Nogikh2024-10-252-8/+69
| | | | | Switch from the CoverageFilter to the more flexible mechanism of focus areas.
* pkg/mgrconfig: increase the timeouts if running on QEMU with TCGAlexander Potapenko2024-10-221-0/+6
| | | | | | Previously we were assuming that QEMU with matching host/guest architectures was using -enable-kvm, but for arm64 that's not always the case.
* pkg/mgrconfig, prog, sys/linux: add automatic_helper attributePimyn Girgis2024-09-091-1/+2
| | | | | Add automatic_helper attribute and enable it for system calls that are required to properly run automatically generated descriptions. Enable these system calls when descriptions_mode = `Auto`.
* pkg/manager: move coverage filter code out of syz-managerAleksandr Nogikh2024-09-062-4/+4
| | | | This will enable the reuse of the functionality elsewhere.
* syz-manager: switch snapshots to dispatcher.PoolAleksandr Nogikh2024-08-131-3/+0
| | | | It lets us get bug reproductions out of box.
* pkg/mgrconfig, prog, tools: allow automatically generated or manually ↵Pimyn Girgis2024-08-122-5/+37
| | | | | | written descriptions or both Add "Auto" type and allow to choose descriptions mode in configurations. Defaults to using manual only.
* all: add qemu snapshotting modeDmitry Vyukov2024-07-251-17/+27
|
* vm: add snapshot interfaceDmitry Vyukov2024-07-251-0/+5
|
* pkg/report: support to symbolize line with module+offsetJoey Jiao2024-07-231-0/+3
|
* pkg/mgrconfig: add user agent config optionKonstantinos Andrikopoulos2024-07-081-3/+4
|
* syz-manager: allow manager to only consult dashboard if it needs reproducersDmitry Vyukov2024-07-031-0/+3
| | | | | | | This mode allows to run local manager that only "helps" main instances by uncovering more coverage and extracting useful reproducers. Otherwise it spends too much time reproducing all bugs that already have reproducers.
* pkg/mgrconfig: allow to disable remote coverage and coverage edgesDmitry Vyukov2024-07-022-0/+10
|
* executor: add runner modeDmitry Vyukov2024-06-241-6/+1
| | | | | | | Move all syz-fuzzer logic into syz-executor and remove syz-fuzzer. Also restore syz-runtest functionality in the manager. Update #4917 (sets most signal handlers to SIG_IGN)
* sys/targets: add consts for gvisor/starnixDmitry Vyukov2024-05-271-1/+1
| | | | | Lint started warning about duplicate "gvisor" const in pkg/cover. Add gvisor/starnix consts to sys/targets package to avoid duplication.
* syz-manager: repair VM-less modeDmitry Vyukov2024-05-271-0/+6
| | | | | VM-less mode stopped working after addition of RPCServer.createInstance. Repair it.
* pkg/ipc: remove ExecOptsDmitry Vyukov2024-05-211-1/+1
| | | | Switch to flatrpc.ExecOpts.
* pkg/mgrconfig: add HasCovFilter helperDmitry Vyukov2024-04-291-0/+4
| | | | To reduce diff in the next change.
* pkg/mgrconfig, pkg/cover: introduce the android_split_build flagAlexander Potapenko2024-02-011-0/+2
| | | | | | | | | | | | | | | | | | | | | Source files for Pixel devices are split between the common AOSP kernel (path/to/kernel/aosp) and the device-specific drivers residing in a separate dir (path/to/kernel/private/google-modules for Android 14 and path/to/kernel/gs/google-modules for older Android versions). See https://source.android.com/docs/setup/build/building-pixel-kernels for details. Android build system may reference these dirs in various ways, for which syzkaller cannot always understand where it should look for the source. The newly introduced android_split_build flags handles the problem by adding a list of "delimiters" used when normalizing the kernel source paths. If the path contains any of such delimiters, then everything preceding the last delimiter in the path is replaced with the contents of "kernel_src" from the manager config. By default we only support "/aosp/" and "/private/" corresponding to modern Android systems as delimiters.
* all: experiment with an option to reset accumulated stateAleksandr Nogikh2024-01-231-0/+11
| | | | | | | | | | | | | | | | | In the cases where we do not / cannot sandbox individual prog executions well enough, some share of progs end up being dependent on the previously accumulated state of the whole VM. As the result, * We lose 5-10% of coverage/signal on every instance restart. * A share of our corpus programs do not actually trigger the coverage they were thought to reliably trigger. This significantly affects fuzzing efficiency and prevents syzkaller from accumulating bigger and better corpus over multiple runs. Let's see if the situation becomes better if we restart syz-executor before most of prog executions.
* pkg/mgrconfig: fix a typoAleksandr Nogikh2023-08-161-1/+1
|
* all: use special placeholder for errorsTaras Madan2023-07-241-1/+1
|
* pkg/mgrconfig: update ModuleObj documentationLiz Prucka2023-06-261-2/+1
| | | | | Updated ModuleObj documentation, as Syzkaller can now compare coverage of dynamically loaded modules.
* all: ioutil is deprecated in go1.19 (#3718)Taras Madan2023-02-231-2/+1
|
* all: introduce asset storage config to syz-managerAleksandr Nogikh2022-10-042-0/+21
| | | | | | | | Let users set the asset storage config in the syz-manager config. When running under syz-ci, pass the asset storage config from the syz-ci. Create an asset storage instance on the start of syz-manager. Refactor some of syz-manager code to make it less complex.
* pkg/config: fix comments strippingMarco Elver2022-09-271-0/+3
| | | | | | | | | | The comment-stripping regex doesn't work for multi-line comments, because the regex looks for a substring that both starts _and_ ends with a newline character. Since a single newline cannot be used into multiple matches, only the first comment line is found and later lines are not removed resulting in a parsing error. Fix it by looking for substrings _until_ a newline.
* vm: add the proxyapp support (#3269)Taras Madan2022-09-262-0/+21
| | | | | | | * vm: add pool.Close() support * vm: add proxyapp client implementation * vm/proxyapp: autogenerate mocks * vm/proxyapp: add proxyapp tests * pkg/mgrconfig: add proxyapp type tests
* pkg/mgrconfig, prog, syz-fuzzer: manager-configurable syscall mutationHrutvik Kanabar2022-09-222-2/+28
| | | | | | | | | | | | | | | | | | Allow manager configuration to specify that certain syscalls should not be mutated. This is expected to be useful when mutating certain syscalls is unlikely to produce interesting executions. For example, mutating a `syz_mount_image` call will likely produce a corrupt image. Some implementation details: - Add a `no_mutate_syscalls` manager config entry, with the same format as `enable_syscalls`. Ensure this is parsed and stored in the config as a set of syscall IDs. - Send this set to fuzzers when they connect to their managers via RPC. Ensure each fuzzer stores a copy of the set. - When mutating arguments of a syscall, check first whether it has been specified as non-mutatable. - For all mutations not managed by a `syz-manager`, retain previous behaviour by ensuring that no syscalls are considered non-mutable.
* pkg/csource, pkg/instance, pkg/ipc, pkg/mgrconfig, tools/syz-prog2c, ↵Andrey Artemiev2022-08-061-0/+5
| | | | syz-manager: introduce a new setting 'sandbox_arg' (#3263)
* pkg/mgrconfig: extend sandbox docsDmitry Vyukov2022-07-181-6/+11
| | | | Slightly clarify what exactly each sandbox means.
* all: run strace on each found reproducerAleksandr Nogikh2022-04-292-0/+11
| | | | | | | | If `strace_bin` is specified, syzkaller will invoke a reproducer with it and save the output. This should help in debugging. If syz-manager is attached to a dashboard, upload the strace-powered output and report.
* all: collect raw coverageAleksandr Nogikh2022-03-281-0/+5
| | | | | | | | | Raw coverage might be important when e.g. analysing the origins of out-of-place coverage in coverage reports or understanding why the fuzzer could not reach deeper code. If "raw_cover" is set to true, syzkaller will remember unsorted and unduplicated coverage (PCs) for each its corpus program.
* syz-manager: add preserve_progs configAleksandr Nogikh2022-02-042-7/+13
| | | | | Introduce a presere_progs parameter, which, if set to false, forces syz-manager to purge unneeded programs from the corpus.
* pkg/mgrconfig: add "interests"Dmitry Vyukov2021-12-161-0/+4
| | | | | | | We have "suppressions" parameter to suppress non-interesting reports. Add "interests" parameter which is an opposite of "suppressions" -- everything that's not in "interests" is suppressed. It's matched against bug title, guilty file and maintainer emails.
* syz-manager: add the "fuzzing_vms" flagAleksandr Nogikh2021-10-092-0/+10
| | | | | | | | Currenly there are no means to limit the total number of reproducing instances and syzkaller can de facto suspend fuzzing when there are many new bug types. Introduce the option to control this behavior.
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-11 19:37:05 +0000