From 52c8379f77b5f292e2d527c66dfe17a899381d20 Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Thu, 7 Oct 2021 10:52:29 +0000
Subject: docs: update docs to reflect the new `async` flag

---
 docs/executing_syzkaller_programs.md | 31 +++++++++++++++++++++++--------
 1 file changed, 23 insertions(+), 8 deletions(-)

(limited to 'docs/executing_syzkaller_programs.md')

diff --git a/docs/executing_syzkaller_programs.md b/docs/executing_syzkaller_programs.md
index 215abcde7..f06f01c86 100644
--- a/docs/executing_syzkaller_programs.md
+++ b/docs/executing_syzkaller_programs.md
@@ -16,6 +16,9 @@ export GOPATH=$HOME/gopath
 GO111MODULE=off go get -u -d github.com/google/syzkaller/prog
 ```
 
+Note that your syzkaller revision must be the same as the one that generated the
+program you're trying to execute.
+
 3. Build necessary syzkaller binaries:
 ``` bash
 cd $GOPATH/src/github.com/google/syzkaller
@@ -35,8 +38,6 @@ scp -P 10022 -i stretch.img.key bin/linux_amd64/syz-execprog bin/linux_amd64/syz
 
 Several useful `syz-execprog` flags:
 ```
-  -collide
-    	collide syscalls to provoke data races (default true)
   -procs int
     	number of parallel processes to execute programs (default 1)
   -repeat int
@@ -47,12 +48,26 @@ Several useful `syz-execprog` flags:
     	use threaded mode in executor (default true)
 ```
 
-If you pass `-threaded=0 -collide=0`, programs will be executed as a simple single-threaded sequence of syscalls. `-threaded=1` forces execution of each syscall in a separate thread, so that execution can proceed over blocking syscalls. `-collide=1` forces second round of execution of syscalls when pairs of syscalls are executed concurrently.
+If you pass `-threaded=0`, programs will be executed as a simple single-threaded
+sequence of syscalls. `-threaded=1` forces execution of each syscall in a
+separate thread, so that execution can proceed over blocking syscalls.
+
+Older syzkaller versions also had the following flag:
+```
+  -collide
+    	collide syscalls to provoke data races (default true)
+```
+`-collide=1` forced second round of execution of syscalls when pairs of syscalls
+are executed concurrently. You might need to use this flag if you're running an
+old reproducer.
+
 
-If you are replaying a reproducer program that contains a header along the following lines:
+If you are replaying a reproducer program that contains a header along the
+following lines:
 ```
-#{Threaded:true Collide:true Repeat:true Procs:8 Sandbox:namespace
-  Fault:false FaultCall:-1 FaultNth:0 EnableTun:true UseTmpDir:true
-  HandleSegv:true WaitRepeat:true Debug:false Repro:false}
+# {Threaded:true Repeat:true RepeatTimes:0 Procs:8 Slowdown:1 Sandbox:none Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true UseTmpDir:true HandleSegv:true Repro:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}
 ```
-then you need to adjust `syz-execprog` flags based on the values in the header. Namely, `Threaded`/`Collide`/`Procs`/`Sandbox` directly relate to `-threaded`/`-collide`/`-procs`/`-sandbox` flags. If `Repeat` is set to `true`, add `-repeat=0` flag to `syz-execprog`.
+then you need to adjust `syz-execprog` flags based on the values in the
+header. Namely, `Threaded`/`Procs`/`Sandbox` directly relate to
+`-threaded`/`-procs`/`-sandbox` flags. If `Repeat` is set to `true`, add
+`-repeat=0` flag to `syz-execprog`.
-- 
cgit mrf-deployment