Skip to content
Tree: 81fe66b42a
Commits on Dec 21, 2017
  1. Makefile: fix git "modified tree" test

    emaste authored and dvyukov committed Dec 20, 2017
    Makefile falsely detected a modified git tree when the first ifeq
    argument was unquoted. Also switch to the $(shell ... style for
    As requested, add myself to AUTHORS and CONTRIBUTORS.
  2. syz-manager: enable sending group emails

    timtianyang authored and dvyukov committed Dec 20, 2017
    Email_Addr variable has been changed to Email_Addrs that contains
    a list of recipient.
    Signed-off-by: Tim Tianyang Chen <>
  3. syz-manager: remove duplicated emails on restart

    timtianyang authored and dvyukov committed Dec 19, 2017
    With commit: syz-manager: add simple email support, it will send
    emails when a bug is hit for the first time during that particular
    run of syz-manager. In other words, if you restart syz-manager and
    the same bug is hit, a new email will be sent again. This is due to
    the fact that mgr.crashTypes[crash.Title] doesn't keep track of logs
    already written to the disk.
    Fixed by moving emailCrash() to logic handling log writing.
    Fixes #484
    Signed-off-by: Tim Tianyang Chen <>
Commits on Dec 20, 2017
  1. Makefile: fix Android builds

    dvyukov committed Dec 19, 2017
    There are 2 known problems with current Android support:
    1. It does not work with newer NDK
    (happens on every NDK update).
    2. Dynamic Go binaries do not start on Android emulator.
    Drop special Android support and just build static linux binaries.
    For context see:!msg/syzkaller/etg1ZJmTMzg/NYE-yjxxAQAJ
    Fixes #478
Commits on Dec 19, 2017
  1. dashboard/app: add default maintainers to email config

    dvyukov committed Dec 19, 2017
    Crashes without maintainers are nasty. There is no way to do
    anything with them without altering the datastore (they are not mailed).
    Add DefaultMaintainers to email config.
    These addresses are added to all reported bugs as maintainers (e.g. LKML).
    One the report is mailed it's possible to CC more people on it.
  2. pkg/report: add test where we fail to detect guilty function

    dvyukov committed Dec 19, 2017
  3. pkg/email: improve parsing of splitted lines

    dvyukov committed Dec 19, 2017
    This allows commit titles between 70 and 80 cols with gmail.
    Also be more permissive wrt spaces and tabs.
  4. dashboard/app: add API for polling for closed bugs

    dvyukov committed Dec 8, 2017
    External reporting may need to know when dashboard
    is not interested in bugs anymore.
    Add API that returns list of bugs dashboard considers closed.
  5. syz-fuzzer: wipe all global state

    dvyukov committed Dec 19, 2017
Commits on Dec 18, 2017
  1. syz-fuzzer: encapsulate signal

    dvyukov committed Dec 18, 2017
  2. syz-manager, syz-fuzzer: allow re-minimizing/re-smashing inputs

    dvyukov committed Dec 18, 2017
    By default we don't re-minimize/re-smash programs from corpus,
    it takes lots of time on start and is unnecessary.
    However, when we improve/fix minimization/smashing,
    we may want to.
    Introduce corpus database versions and allow to re-minimize/re-smash
    on version bumps.
  3. syz-fuzzer: improve deflaking during minimization

    dvyukov committed Dec 18, 2017
    Currently we run an input 3 times to get minimal new coverage,
    and then during minimization trying only 1 time to get the same coverage.
    This plays poorly with flaky kernel coverage.
    Require at least 1 out of 3 runs during minimization to get the same new coverage.
    Experimental results suggest that this leads to higher quality corpus
    (though, systematic tuning proved to be very hard due to flakes
    and hard to explain effects on corpus size, program size, coverage and signal).
  4. syz-fuzzer: encapsulate corpus in fuzzer

    dvyukov committed Dec 18, 2017
    Make corpus a fuzzer member rather than global var.
    This resolves existing races on corpus.
  5. syz-fuzzer: refactor

    dvyukov committed Dec 17, 2017
    syz-fuzzer organically grew from a small nice main function
    into a huge single-file monster with tons of global state.
    Start refactoring it into something more managable.
    This change separates 2 things:
    1. Proc: a single fuzzing process (ipc.Env wrapper).
    2. WorkQueue: holds global non-fuzzing work items.
    More work needed, but this is good first step.
Commits on Dec 17, 2017
  1. pkg/csource: make strings more readable

    dvyukov committed Dec 17, 2017
    If string contains a file name or a crypto alg name,
    don't escape it all to hex.
  2. vm/qemu: respect cpu config parameter

    dvyukov committed Dec 17, 2017
    Fixes #42
  3. prog: add DeserializeExec

    dvyukov committed Dec 15, 2017
    Factor out program parsing from pkg/csource.
    csource code that parses program and at the same time
    formats output is very messy and complex.
    New aproach also allows to understand e.g.
    when a call has copyout instructions which is
    useful for better C source output.
  4. pkg/csource: refactor

    dvyukov committed Dec 15, 2017
    csource.go is too large and messy.
    Move Build/Format into buid.go.
    Move generation of common header into common.go.
    Split generation of common header into smaller managable functions.
  5. prog: minor refactoring around arguments

    dvyukov committed Dec 14, 2017
    Introduce isUsed(arg) helper, use it in several places.
    Move method definitions closer to their types.
    Simplify presence check for ArgUsed.Used() in several places.
  6. executor: remove unneeded NONFAILING

    dvyukov committed Dec 14, 2017
    copyin is already NONFAILING.
  7. syz-manager: speed up main page rendering

    dvyukov committed Dec 14, 2017
    Remove unused calculation of total coverage.
    Reduce critical section duration.
  8. pkg/ipc: make threaded/collide per-program options

    dvyukov committed Dec 14, 2017
    Currently threaded/collide are global environment flags.
    It can be useful to turn off collider during some executions
    (minimization, triage, etc).
    Make them per-program options.
  9. prog: don't serialize output data args

    dvyukov committed Dec 13, 2017
    Fixes #188
    We now will write just ""/1000 to denote a 1000-byte output buffer.
    Also we now don't store 1000-byte buffer in memory just to denote size.
    Old format is still parsed.
  10. pkg/report: add another test

    dvyukov committed Dec 14, 2017
  11. prog: introduce more readable format for data args

    dvyukov committed Dec 13, 2017
    Fixes #460
    File names, crypto algorithm names, etc in programs are completely unreadable:
    bind$alg(r0, &(0x7f0000408000)={0x26, "6861736800000000000000000000",
    0x0, 0x0, "6d6435000000000000000000000000000000000000000000000000
    00000000000"}, 0x58)
    Introduce another format for printable strings.
    New args are denoted by '' ("" for old args).
    New format is enabled for printable chars, \x00
    and \t, \r, \n.
    `serialize(&(0x7f0000408000)={"6861736800000000000000000000", "4849000000"})`,
    `serialize(&(0x7f0000408000)={'hash\x00', 'HI\x00'})`,
  12. prog: fix TestMutateTable

    dvyukov committed Dec 13, 2017
    Now works fast enough even for short mode.
    Fixes #208
  13. prog: fix an unfortunate case of non-determinism

    dvyukov committed Dec 13, 2017
    We used the math/rand global prng in biasedRand historically.
    Fix that.
You can’t perform that action at this time.