From 559fbe2dbe475b34b57819885b40a494ca4ba175 Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Tue, 16 Jun 2020 15:43:22 +0200 Subject: syz-fuzzer: don't include disabled syscall name in panics These checks still fire episodically [on gvisor instance only?]. I've done several attempts to debug this/extend checks. But so far I have no glue and we are still seeing them. They are rare enough to be directly debuggable and to be something trivial. This may be some memory corruption (kernel or our race), or some very episodic condition. They are rare enough to be a problem, so don't include syscall name so that they all go into a single bug bucket. --- prog/prio.go | 6 ++++-- syz-fuzzer/proc.go | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/prog/prio.go b/prog/prio.go index bda5df470..647af1cc6 100644 --- a/prog/prio.go +++ b/prog/prio.go @@ -246,7 +246,8 @@ func (target *Target) BuildChoiceTable(corpus []*Prog, enabled map[*Syscall]bool for _, p := range corpus { for _, call := range p.Calls { if !enabled[call.Meta] { - panic(fmt.Sprintf("corpus contains disabled syscall %v", call.Meta.Name)) + fmt.Printf("corpus contains disabled syscall %v", call.Meta.Name) + panic("disabled syscall") } } } @@ -277,7 +278,8 @@ func (ct *ChoiceTable) choose(r *rand.Rand, bias int) int { bias = ct.calls[r.Intn(len(ct.calls))].ID } if !ct.Enabled(bias) { - panic("bias to disabled syscall") + fmt.Printf("bias to disabled syscall %v", ct.target.Syscalls[bias].Name) + panic("disabled syscall") } run := ct.runs[bias] x := r.Intn(run[len(run)-1]) + 1 diff --git a/syz-fuzzer/proc.go b/syz-fuzzer/proc.go index 3c39879cc..ff0352141 100644 --- a/syz-fuzzer/proc.go +++ b/syz-fuzzer/proc.go @@ -279,7 +279,8 @@ func (proc *Proc) executeRaw(opts *ipc.ExecOpts, p *prog.Prog, stat Stat) *ipc.P } for _, call := range p.Calls { if !proc.fuzzer.choiceTable.Enabled(call.Meta.ID) { - panic(fmt.Sprintf("executing disabled syscall %v", call.Meta.Name)) + fmt.Printf("executing disabled syscall %v", call.Meta.Name) + panic("disabled syscall") } } -- cgit mrf-deployment