From fd8caa5462e64f37cb9eebd75ffca1737dde447d Mon Sep 17 00:00:00 2001 From: Aleksandr Nogikh Date: Thu, 23 Sep 2021 16:15:41 +0000 Subject: all: replace collide mode by `async` call property Replace the currently existing straightforward approach to race triggering (that was almost entirely implemented inside syz-executor) with a more flexible one. The `async` call property instructs syz-executor not to block until the call has completed execution and proceed immediately to the next call. The decision on what calls to mark with `async` is made by syz-fuzzer. Ultimately this should let us implement more intelligent race provoking strategies as well as make more fine-grained reproducers. --- prog/analysis.go | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) (limited to 'prog/analysis.go') diff --git a/prog/analysis.go b/prog/analysis.go index 6643941ff..697e1eab5 100644 --- a/prog/analysis.go +++ b/prog/analysis.go @@ -160,29 +160,34 @@ func foreachArgImpl(arg Arg, ctx *ArgCtx, f func(Arg, *ArgCtx)) { } } -func RequiredFeatures(p *Prog) (bitmasks, csums bool) { +type RequiredFeatures struct { + Bitmasks bool + Csums bool + FaultInjection bool + Async bool +} + +func (p *Prog) RequiredFeatures() RequiredFeatures { + features := RequiredFeatures{} for _, c := range p.Calls { ForeachArg(c, func(arg Arg, _ *ArgCtx) { if a, ok := arg.(*ConstArg); ok { if a.Type().BitfieldOffset() != 0 || a.Type().BitfieldLength() != 0 { - bitmasks = true + features.Bitmasks = true } } if _, ok := arg.Type().(*CsumType); ok { - csums = true + features.Csums = true } }) - } - return -} - -func (p *Prog) HasFaultInjection() bool { - for _, call := range p.Calls { - if call.Props.FailNth > 0 { - return true + if c.Props.FailNth > 0 { + features.FaultInjection = true + } + if c.Props.Async { + features.Async = true } } - return false + return features } type CallFlags int -- cgit mrf-deployment