- 28 6月, 2023 2 次提交
-
-
由 Necip Fazil Yildiran 提交于
The arguments `objDir`and `srcDir` of cleanPath() are absolute paths, see osutil.Abs() calls in: * syz-cover: tools/syz-cover/syz-cover.go * syz-manager: pkg/mgrconfig/load.go However, when the `path` argument is not absolute, the first two checks of cleanPath (when file is built in path or when file was moved from builDir to srcDir) always evaluate to false. Instead use absolute path for those checks.
-
由 Aleksandr Nogikh 提交于
The `-accel tcg,thread=multi` option speeds up boot by ~25%. Execution speed shoud also increase.
-
- 26 6月, 2023 2 次提交
-
-
由 Liz Prucka 提交于
Updated ModuleObj documentation, as Syzkaller can now compare coverage of dynamically loaded modules.
-
由 Taras Madan 提交于
-
- 21 6月, 2023 1 次提交
-
-
由 Khem Raj 提交于
Its needed for FALLOC_FL_ZERO_RANGE which needs this header, it works with glibc because fcntl.h includes this header indirectly, however the failure comes to fore with musl C library where this header is not included indirectly by other system headers, therefore include it as required. Fixes In file included from executor/common.h:505: executor/common_linux.h:5604:16: error: use of undeclared identifier 'FALLOC_FL_ZERO_RANGE' fallocate(fd, FALLOC_FL_ZERO_RANGE, 0, SWAP_FILE_SIZE); ^
-
- 20 6月, 2023 1 次提交
-
-
由 Taras Madan 提交于
-
- 19 6月, 2023 4 次提交
-
-
由 Taras Madan 提交于
-
由 Taras Madan 提交于
-
由 Taras Madan 提交于
-
由 Taras Madan 提交于
-
- 16 6月, 2023 2 次提交
-
-
由 Liz Prucka 提交于
We are currently seeing errors that there are "untracked working tree files which would be overrwritten by checkout". This error occurs when files of the same path differ between branches, regardless of whether the repository is clean or not. Forcing FETCH_HEAD checkout, then moving repair() to after checkout to clean repository to the current checkout. Additionally, added a second "force" to git clean to clean directories with '.git' subdirectories.
-
由 Andrei Vagin 提交于
This can happen when c.cmd.Wait returns an error. Signed-off-by: NAndrei Vagin <avagin@google.com>
-
- 15 6月, 2023 8 次提交
-
-
由 zsm-oss 提交于
* syz-manager: endpoint to display canonical modules Add a "/modules" endpoint that displays canonical module information. * tools/syz-cover: accept module info Add support to syz-cover to generate coverage reports for drivers that are built as kernel modules. At the moment, ReportGenerator instances are created with no []host.KernelModule information. As a result, discoverModulesLinux() does not process kernel modules, only the vmlinux. Add a "-modules" flag that accepts module info. This info can be fetched from the web UI at "/modules". Usage: $ ./bin/syz-cover -arch arm64 -kernel_obj ${KOBJ} -kernel_src ${KSRC} \ -json ~/report.json -modules ~/modules \ ~/rawcover
-
由 Aleksandr Nogikh 提交于
If the feature is supported on the device, allocate a 128MB swap file after VM boot and activate it.
-
由 Aleksandr Nogikh 提交于
-
由 Space Meyer 提交于
We sometimes cherry-pick fixes to a bisected branch, for issues that make large parts of history untestable. Previously we cherry-picked if the fix commit hash isn't already present. This is incorrect, as forks / lts trees may already cherry-picked the fix. In this case the fix would be present, but not have the expected hash. Unfortunately git doesn't have Change-Ids like gerrit, so there is no great way to check if a fix is already present. Instead we now just check whether any commit with the expected title is present.
-
由 Aleksandr Nogikh 提交于
If there are only a few non-crashed results among many boot/test errors, we cannot really be sure that the commit is good. It might be that the reproducer is not 100% reliable and we just needed more runs. Require > 50% of runs to be successful in order to claim that the revision is good. Otherwise skip it.
-
由 Aleksandr Nogikh 提交于
It makes these extentions much more flexible as they can now also customize what other features set up.
-
由 Aleksandr Nogikh 提交于
-
由 Andrei Vagin 提交于
We have a long history of executor managing to corrupt itself in various interesting ways (e.g. using read with a pointer pointing to some global/stack variable and then kernel overwrites it). Or rt_sigreturn can corrupt other registers which won't cause immediate SIGSEGV, but rather some random behavior later. This is the race we can't win. We can't rely on memory consistency when the test already started, so we should use exitf instead of fail outside of setup sequence (and relying more on unit testing to ensure that executor works as expected for sane programs). Suggested-by: NDmitry Vyukov <dvyukov@google.com> Signed-off-by: NAndrei Vagin <avagin@google.com>
-
- 14 6月, 2023 2 次提交
-
-
由 Aleksandr Nogikh 提交于
Given that we must chose only one version, fuzzing v1 of itseems to be of higher value at the moment. Later we might make it a configurable option and do both version.
-
由 b10tt0 提交于
Add syzkaller recognition of android emulator ID.
-
- 13 6月, 2023 2 次提交
-
-
-
由 Aleksandr Nogikh 提交于
Sample bug: https://syzkaller.appspot.com/bug?extid=fae676d3cf469331fc89
-
- 12 6月, 2023 3 次提交
-
-
由 Space Meyer 提交于
The dropdown is the only UI element that lets users exit the admin page, so removing it from the admin page is not advisable. However since the admin page is not a real namespace, the dropdown will display the name of the first namespace, when visiting the admin page. This confuses new users.
-
由 Space Meyer 提交于
Changes to our rootfs, compilers or bisection logic regularly cause regressions in our bisection accuracy. Retrying them currently entails fiddling with the GCP datastore directly or mass deleting all failed bisections. This change will allow us to retry specific bisections with a single click.
-
由 Liz Prucka 提交于
Adjust signal creation in syz-executor so hash is independent of module offsets. This allows for canonicalization of the signal between VMs. Added signals to canonicalization/decanonicalization between instances. Coverts serialized Signal values as they have already been serialized in rpc.go. Added a function in signal.go to update serial signal elements.
-
- 09 6月, 2023 3 次提交
-
-
由 Florent Revest 提交于
This annotates syscall arguments so they are easier to read without having to pull out the syscall's man page. E.g: syscall(__NR_mmap, /*addr=*/0x21000000ul, /*len=*/0x1000ul, /*prot=*/0ul, ... Signed-off-by: NFlorent Revest <revest@chromium.org>
-
由 Florent Revest 提交于
Signed-off-by: NFlorent Revest <revest@chromium.org>
-
由 Aleksandr Nogikh 提交于
Otherwise we're getting "repro failed: all VMs failed to boot" pkg/repro errors if a sykaller instance is shutting down.
-
- 07 6月, 2023 6 次提交
-
-
由 Christian Brauner 提交于
This is currently in linux-next make sure it gets tested. Signed-off-by: NChristian Brauner <brauner@kernel.org>
-
由 Christian Brauner 提交于
This has been supported for a while but apparently was never added. Signed-off-by: NChristian Brauner <brauner@kernel.org>
-
由 Davidlohr Bueso 提交于
Fix various typos within the documentation directory.
-
由 Lin Ma 提交于
The current syz-query-subsystems raise below error: failed to query subsystems: failed to set names: failed to extract a name from kernel-tls-handshake@lists.linux.dev This patch adds this email to exception list to fix that. Signed-off-by: NLin Ma <linma@zju.edu.cn>
-
由 Aleksandr Nogikh 提交于
We don't always need a consistent view of data when we're inside a transaction. Moreover, querying less can help us avoid "too much contention on these datastore entities". Let's see how it all behaves if pass both a transaction context and a global context to the tree.go machinery.
-
由 Necip Fazil Yildiran 提交于
-
- 01 6月, 2023 1 次提交
-
-
由 Aleksandr Nogikh 提交于
-
- 31 5月, 2023 3 次提交
-
-
由 Congyu Liu 提交于
-
由 Aleksandr Nogikh 提交于
Subsystems are now part of labels. Fix the forgotten piece of code.
-
由 Aleksandr Nogikh 提交于
Query bugs for all related syz-managers, but deduplicate the results after that. It should lead to fewer examined bugs and, hopefully, to fewer CONCURRENT_TRANSACTION errors.
-