| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Enable external abortion of the instance creation process. This is
especially useful for the qemu case where we retry the creation/boot up
to 1000 times, which can take significant time (e.g. it timeouts
syz-cluster pods on unstable kernels).
The context can be further propagated to WaitForSSH, but that requires
another quite significant vm/ refactoring.
|
| |
|
|
|
|
|
|
| |
Instead of:
ffx --target <target> target get-ssh-address
Use:
ffx --target <target> target list --format addresses
|
| |
|
|
|
| |
ffx log is now built separately from the main
ffx binary.
|
| |
|
|
|
|
|
| |
ffx emu now needs to know the locations of some host
tools. Copy these paths from the default ffx config
into the configuration for the isolated ffx instance
that syzkaller uses for most tasks.
|
| |
|
|
| |
It allows to use context as a single termination signal source.
|
| |
|
|
| |
Co-authored-by: eep@google.com
|
| |
|
|
|
| |
They are very noisy and can cause important crash information to run off
the end of the buffer; this is a temporary fix to avoid that.
|
| |
|
|
|
|
|
|
|
| |
- Extraneous references to the `ffx log` pipe are closed, allowing the
EOF from the subprocess to be propagated properly.
- The SSH bridge into the Starnix sshd is now properly shut down when
the instance is closed, avoiding a zombie process.
- Some of the starnix code has been updated to be in line with a
refactor that took place in other VM types.
|
| |
|
|
|
| |
This allows for multiple starnix VM pools to exist simultaneously
without conflict, and avoids any unintential global state.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Pass Type struct directly during registration.
This allows to add additional optional parameters to VM types
without changing all VM implementations.
We we will need to add SupportsSnapshots flag and one flag to resolve #5028.
With this change it will be possible to add "SupportsSnapshots: true"
to just one VM type implemenetation.
|
| |
|
|
| |
It's better to follow standard interfaces.
|
| |
|
|
|
| |
Now these logs go to stdout when syz-manager runs with the `-debug`
flag.
|
| |
|
|
|
|
|
| |
Removes the SYZ_STARNIX_HACK envvar and runs syz-fuzzer
on the VM.
Co-authored-by: mvanotti@google.com
|
| |
|
|
|
|
|
|
|
|
|
| |
fuchsia build instructions:
fx set workbench_eng.x64 --with-base \
//src/testing/fuzzing/syzkaller/starnix:syzkaller_starnix \
&& fx build
Co-authored-by: eep@google.com
Co-authored-by: mvanotti@google.com
|
| |
|
|
|
| |
Lint started warning about duplicate "gvisor" const in pkg/cover.
Add gvisor/starnix consts to sys/targets package to avoid duplication.
|
| |
|
|
|
|
| |
Remove things that are only needed for target VM communication:
conditional compression, timeout scaling, traffic stats.
To minimize diffs when we switch target VM communication to flatrpc.
|
| |
|
|
|
| |
The x bit seems to get dropped now, at least when adbd is
running as root. Thanks @eepeep for investigating!
|
| |
|
|
|
| |
Since /data is not always mounted by default, push
the executor binary to /tmp instead.
|
| |
|
|
|
|
|
|
| |
RPC compression take up to 10% of CPU time in profiles,
but it's unlikely to be beneficial for local VM runs
(we are mostly copying memory in this case).
Enable RPC compression based on the VM type
(local VM don't use it, remove machines use it).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Adds 3 flags to ffx log:
--no-color skips colorizing logs, making them easier
to parse
--show-metadata includes pids and thread ids in logs
--show-full-moniker adds full component monikers
instead of abbreviated monikers
|
| |
|
|
|
|
|
|
|
|
| |
adb commands often fail on the first try due to connection
problems, but succeed within a few retries. Rather than
restarting the vm boot process on every failure, retry each
command up to a timeout.
Also adjusts some log levels so that individual retries are
logged at level 1 instead of 0.
|
| |
|
|
|
|
|
| |
eepeep@ notes that ffx emu currently doesn't support multiple
vms with tun/tap networking, so the second+ instance will
fall back to userspace networking. For consistency across
instances, make this the standard.
|
| |
|
|
|
| |
This is the simplest way to push binaries and scripts
to /data on target, now that permissions are implemented.
|
| |
|
|
|
|
|
| |
Two fixes for issues that were causing hangs during Close():
- Close our copy of the pipe end we pass to `ffx log`.
- Call `ffx` directly, not through the bash script trampoline that
doesn't propagate kill signals to its children.
|
| |
|
|
|
|
|
|
|
|
| |
After this change, the instance's `MonitorExecution` method runs
concurrently with test program execution, as intended. Basic
crash detection is working.
TODOs for follow-ups include:
- testing that crashes are repro'd and reports are generated
- restarting the vm after a crash
|
| | |
|
|
|
This commit adds a new VM for fuzzing starnix.
The VM will boot a fuchsia image using the `ffx` tool and will connect to an adb server inside it. Fuzzing will be done using HostFuzzer mode due to some features not being implemented yet in starnix. Once this is possible, fuzzing will be performed without HostFuzzer mode.
Co-authored-by: Juampi Miceli <jpmiceli@google.com>
|
