| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
Result of running gofmt -s.
|
| |
|
|
|
|
| |
ResultArg might have const value.
Also add a test.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right now Arg is a huge struct (160 bytes), which has many different fields
used for different arg kinds. Since most of the args we see in a typical
corpus are ArgConst, this results in a significant memory overuse.
This change:
- makes Arg an interface instead of a struct
- adds a SomethingArg struct for each arg kind we have
- converts all *Arg pointers into just Arg, since interface variable by
itself contains a pointer to the actual data
- removes ArgPageSize, now ConstArg is used instead
- consolidates correspondence between arg kinds and types, see comments
before each SomethingArg struct definition
- now LenType args that denote the length of VmaType args are serialized as
"0x1000" instead of "(0x1000)"; to preserve backwards compatibility
syzkaller is able to parse the old format for now
- multiple small changes all over to make the above work
After this change syzkaller uses twice less memory after deserializing a
typical corpus.
|
| |
|
|
|
| |
This commit moves checksum computation to executor. This will allow to embed
dynamically generated values (like TCP sequence numbers) into packets.
|
| |
|
|
|
|
|
| |
This change adds a `csum[kind, type]` type.
The only available kind right now is `ipv4`.
Using `csum[ipv4, int16be]` in `ipv4_header` makes syzkaller calculate
and embed correct checksums into ipv4 packets.
|
| |
|
|
|
|
|
| |
The optimization change removed validation too aggressively.
We do need program validation during deserialization,
because we can get bad programs from corpus or hub.
Restore program validation after deserialization.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A bunch of spot optmizations after cpu/memory profiling:
1. Optimize hot-path coverage comparison in fuzzer.
2. Don't allocate and copy serialized program, serialize directly into shmem.
3. Reduce allocations during parsing of output shmem (encoding/binary sucks).
4. Don't allocate and copy coverage arrays, refer directly to the shmem region
(we are not going to mutate them).
5. Don't validate programs outside of tests, validation allocates tons of memory.
6. Replace the choose primitive with simpler switches.
Choose allocates fullload of memory (for int, func, and everything the func refers).
7. Other minor optimizations.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Now it's possible to use `int32:18` to denote a bitfield of size 18 as a struct field.
This fixes #72.
|
| | |
|
| |
|
|
|
| |
They are not necessary since we now always have types attached to args.
Also remove sys.Type.InnerType as it is not necessary now as well.
|
| |
|
|
|
|
| |
Dir is a static info, so we don't need to compute, propagate and
attach it in prog whenever we generate/change programs.
Attach Dir to all types.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Paddings in serialized programs are unnecessary and confusing.
Instead restore them implicitly.
Also use [,,,,] for arrays.
|
| |
|
|
|
| |
So far it has found only false positives.
Let's leave this to KMSAN.
|
| |
|
|
|
| |
Move C source generation into a separate package.
Prog is too bloated already.
|
| | |
|
| |
|
