| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
They are shorter, more readable, and don't require temp vars.
|
| |
|
|
|
| |
Fix checking of Logf, it has string in 0-th arg.
Add checking of t.Errorf/Fatalf.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It duplicates random calls in a program and makes the duplicated copies
async.
E.g. it could transform
r0 = test()
test2(r0)
to
r0 = test()
test2(r0) (async)
test2(r0)
or
test() (async)
r0 = test()
test2(r0)
|
| |
|
|
|
|
|
|
|
|
| |
Add a strategy that resembles the previous collide mode, but detaches not
every other call, rather all calls during the second execution (or at least
as much as possible). Follow the strategy for 33% of all collide
executions.
It was shown during the experiments that this strategy has a positive
effect on the number of discovered crashes and bugs.
|
|
|
Replace the currently existing straightforward approach to race triggering
(that was almost entirely implemented inside syz-executor) with a more
flexible one.
The `async` call property instructs syz-executor not to block until the
call has completed execution and proceed immediately to the next call.
The decision on what calls to mark with `async` is made by syz-fuzzer.
Ultimately this should let us implement more intelligent race provoking
strategies as well as make more fine-grained reproducers.
|
