| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
rep.Output and rep.Report offsets are different because rep.Report is symbolized
Fix converts offsets from symbolized version back to the raw version.
|
| | |
|
| |
|
|
| |
It allows to reduce parameters count for some functions.
|
| |
|
|
| |
To simplify interface Read*Symbols were moved out from symbolizer.Symbolizer.
|
| |
|
|
|
|
|
| |
Move all syz-fuzzer logic into syz-executor and remove syz-fuzzer.
Also restore syz-runtest functionality in the manager.
Update #4917 (sets most signal handlers to SIG_IGN)
|
| |
|
|
|
| |
Also updates the title template for starnix kernel panics
to use dashboard space a little more efficiently.
|
| |
|
|
|
| |
These are susceptible to potentially very long lines in the input.
Direct splitting by \n is more reliable.
|
| |
|
|
|
|
|
|
|
|
| |
Forms a reasonable title for reports of starnix crashes
caused by rust panics in the starnix kernel, and takes a
first pass at capturing function / pointer details from the
backtrace while discarding most of the unrelated log lines.
Also splits the fuchsia reporter data inputs into two parts,
one for zircon and one for starnix.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a "fatal error:" bug is reported, this usually means that syzkaller
itself had a memory corruption (except in the gVisor fuzzing case where
this could be an actual bug in gVisor)
Most likely, this is due to a kernel that went wild and corrupted the
syzkaller address space, but in that case the exact details of what part
of the runtime failed are rarely relevant.
This gathers all these go runtime errors under one umbrella so they are
easier to track. Except for gVisor on which the logic is kept the same
as existing.
Add three test cases to the linux reporting:
- 705 (equivalent to the current all/report/7) to make sure Go OOO are
suppressed (they have a different title now but still get suppressed)
- 706 (equivalent to the current all/report/8) to make sure that ALSA
"fatal errors" are not handled as Go fatal errors
- 707 (new) to make sure that reports like
https://syzkaller.appspot.com/bug?extid=3f00d7083c52713ba3b0 are
re-named to "go runtime error"
|
| |
|
|
|
| |
This will help avoid a circular dependency pkg/vcs -> pkg/report ->
pkg/vcs.
|
| |
|
|
| |
Amend oops and oopsFormat to contain report type.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Currently a number of report post-processing activities are implemented as a
decorator over the interface that defines OS-specific implementations.
Following exactly the same interface is too restrictive in this case as adding
extra parameters to the post-processing forces the developer to adjust all
implementations thay may not need these parameters at all.
Untie the wrapper from the Reporter interface. Use a package-private
reporterImpl interface for the OS-specific implementations, while having an
exported Reporter structure. Make sure that Reporter is stored and
passed as a pointer.
|
| |
|
|
|
|
|
| |
Fix capitalization, dots at the end
and two spaces after a period.
Update #1876
|
| |
|
|
|
|
|
| |
Turns out ast.Inspect does not visit most comments.
Walk file.Comments manually.
Update #1876
|
| |
|
|
| |
In preparation to support big-endian architectures.
|
| |
|
|
|
|
|
|
|
| |
Some syzkaller panics happen due to memory corruptions,
but it still would be useful at least to get some visibility into these crashes.
On some OSes we actualy already detect them as they have "panic:" oops pattern,
but not e.g. on linux.
Fixes #318
|
| |
|
|
|
|
| |
We now pass 5 arguments through a bunch of functions,
this is quite inconvinient when the set of arguments changes.
Incapsulate all arguments in a struct and pass/store it as a whole.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* pkg/cover: Modify parsing logic
1. Remove prefix computation
2. Add a mgrconfig for kernel build directory
* pkg/report: shorten reports with kernelBuildSrc instead of kernelSrc
* pkg/report: Fix failing tests
* pkg/report: fix formating issues
* tools/syz-cover: Fix unintended redefinition
* make changes to fix failing ci build
* pkg/report: fix issues
|
| |
|
|
|
|
| |
In several places we do special handling for some crash types.
Currently we compare report title with magic strings,
which is error-prone. Add explicit Type to reports.
|
| |
|
|
|
|
| |
We computed Start/EndPos after trimming line prefix,
this resulted in offsetted values which are not correct.
Fix that. Add more tests and checks for Start/EndPos.
|
| |
|
|
| |
The current code is linux specific, generalize it to other OSes.
|
| |
|
|
|
| |
In order to use the already defined kernel name in sys/targets to reduce
duplications.
|
| | |
|
| |
|
|
|
|
|
| |
Improve go-fuzz fuzzer function and fix few new bugs it finds:
1. Panic in linux parser (bad).
2. Akaros can report empty rep.Report.
3. Fuchsia can return empty rep.Report.
|
| |
|
|
| |
C++ function names can contain '~'.
|
| |
|
|
|
|
|
|
|
| |
Switch to the existing oops-based infrastructure.
Extending existing code is nearly impossible.
Detect service crashes on fuchsia.
Add more tests.
|
| | |
|
| |
|
|
|
|
|
|
| |
demangle package does not minimize lambda symbols properly
(does not strip parameters and template paratemeter).
Do it manually.
See: https://github.com/ianlancetaylor/demangle/issues/5
|
| |
|
|
| |
Symbolizer is not meant to be invoked with an empty binary.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Currently all (linux-specific) suppressions are hardcoded in mgrconfig.
This is very wrong. Move them to pkg/report and allow to specify per OS.
Add gvisor-specific suppressions.
This required a bit of refactoring. Introduce mgrconfig.KernelObj finally.
Make report.NewReporter and vm.Create accept mgrconfig directly
instead of passing it as multiple scattered args.
Remove tools/syz-parse and it always did the same as tools/syz-symbolize.
Simplify global vars in syz-manager/cover.go.
Create reporter eagerly in manager. Use sort.Slice more.
Overall -90 lines removed.
|
| | |
|
| |
|
|
| |
Update #538
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently getting a complete report requires a complex,
multi-step dance (including getting information that
external users are not interested in -- guilty file).
Simplify interface down to 2 functions: Parse and Symbolize.
Parse does what it did before, Symbolize symbolizes report
and fills in maintainers. This simplifies both implementations
of Reporter interface and all users of the interface.
Potentially we could get this down to 1 function Parse
that does everything. However, (1) Symbolize can fail,
while Parse cannot, (2) usually we want to ignore (log)
Symbolize errors, but otherwise proceed with the report,
(3) repro does not need symbolization for all but the
last report.
|
| |
|
|
|
| |
Parse returns 5 variables now. Later we may want to add crash "priority".
Introduce Report struct that holds all report data.
|
| |
|
|
|
| |
This change makes pkg/report try to detect corrupted reports by
using some heuristics.
|
|
|
Introduce report.Reporter interface.
Add an implementation per-OS.
Make users be explicit about OS they are testing.
|
