From 733560f97a3f420de1ca02202227b6b3a30c7fcd Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Fri, 5 Jan 2024 12:45:56 +0100 Subject: syz-fuzzer: change the exec gate size We used to have 2 * procs, but it actually should not depend on the number of procs -- the number of programs that fit in vm.beforeContextDefault is all that matters. Let's use 32, which seems reasonable judging by logs with large programs (e.g. that mount fs images). --- syz-fuzzer/fuzzer.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/syz-fuzzer/fuzzer.go b/syz-fuzzer/fuzzer.go index 16304e026..f6f3b415c 100644 --- a/syz-fuzzer/fuzzer.go +++ b/syz-fuzzer/fuzzer.go @@ -28,6 +28,7 @@ import ( "github.com/google/syzkaller/prog" _ "github.com/google/syzkaller/sys" "github.com/google/syzkaller/sys/targets" + "golang.org/x/sync/semaphore" ) type Fuzzer struct { @@ -66,6 +67,9 @@ type Fuzzer struct { checkResult *rpctype.CheckArgs logMu sync.Mutex + + // Let's limit the number of concurrent NewInput requests. + newInputSem *semaphore.Weighted } type FuzzerSnapshot struct { @@ -142,6 +146,13 @@ func createIPCConfig(features *host.Features, config *ipc.Config) { } } +// Gate size controls how deep in the log the last executed by every proc +// program may be. The intent is to make sure that, given the output log, +// we always understand what was happening. +// Judging by the logs collected on syzbot, 32 should be a reasonable figure. +// It coincides with prog.MaxPids. +const gateSize = prog.MaxPids + // nolint: funlen func main() { debug.SetGCPercent(50) @@ -280,9 +291,10 @@ func main() { fetchRawCover: *flagRawCover, noMutate: r.NoMutateCalls, stats: make([]uint64, StatCount), + newInputSem: semaphore.NewWeighted(int64(2 * *flagProcs)), } gateCallback := fuzzer.useBugFrames(r, *flagProcs) - fuzzer.gate = ipc.NewGate(2**flagProcs, gateCallback) + fuzzer.gate = ipc.NewGate(gateSize, gateCallback) for needCandidates, more := true, true; more; needCandidates = false { more = fuzzer.poll(needCandidates, nil) -- cgit mrf-deployment