When manager is stopped there are sometimes runaway qemu
processes still running. Set PDEATHSIG for all subprocesses.
We never need child processes outliving parents.
We currently have several names for crash attributes, which is disturbing.
E.g. crash title is called "Title" or "Desc". Name them consistently.
Title - single line bug identity.
Report - whole crash text.
Log - whole fuzzer/kernel output.
For some racy bugs syzkaller can generate a C reproducer with tun
enabled, when it's not actuallly required to trigger the bug.
Some kernel developers (that don't have CONFIG_TUN=y on their setups)
complain about such C repros.
When tun is not available, instead of exiting, print a message that tun
initialization failed and proceed.
syz-execprog doesn't utilize info about fault injections from a prog log.
Since syz-execprog is used by the repro package to reproduce crashes,
crashes caused by fault injections might not reproduce.
1. Fetch last 200K commits instead of commits for past year.
For merged commits both author date and commit date can be
arbitrary long in past (e.g. we got a commit dated by 2014).
2. Strip some commit prefixes from commits.
We have some trees where backports are prefixed with "BACKPORT:".
Previously we could no match such commits.
There is no need to specify '-' as the filename for sed(1):
- The default behavior is to read stdin
- It was not done in all places
- It breaks on NetBSD sed(1) (although I am tempted to fix it now :-)
and it does not work
1. Allows sending emails upstream.
2. Filter out duplicate emails coming from our mailing lists.
3. Increase retry attempts for email commands
(don't want them to fail due to concurrent crash reports from managers).
Including access size potentially leads to failure to deduplicate
reports when size comes from user or for racy bugs (bug is detected
on different accesses depending on timings).
We already drop size from UAF and OOB, drop it for other bug types.
We currently use more complex and functional protocol on linux,
and a simple ad-hoc protocol on other OSes.
This leads to code duplication in both ipc and executor.
Linux supports coverage, shared memory communication and fork server,
which would also be useful for most other OSes.
Unify communication protocol and parametrize it by
(1) use of shmem or only pipes, (2) use of fork server.
This reduces duplication in ipc and executor and will
allow to support the useful features for other OSes easily.
Finally, this fixes akaros support as it currently uses
syz-stress running on host (linux) and executor running on akaros.
We print all other output to stderr, write debug output to stderr as well.
This does not matter for the main use case of running syz-execprog -debug,
but can is helpful if we want to communicate with syz-executor via stdin/stdout.
Currently we always send 2MB of data to executor in ipc_simple.go.
Send only what's consumed by the program, and don't send the trailing zeros.
Serialized programs usually take only few KBs.
We currently return raw error, so sometimes it's hard to tell
even what call produced the error (e.g. just "invalid argument").
Extend the error so that it's clear that it comes from cmd.Start.
The call index check episodically fails:
2017/10/02 22:07:32 bad call index 1, calls 1, program:
under unknown circumstances. I've looked at the code again
and don't see where/how we can mess CallIndex.
Added a new test for minimization that especially checks resulting
CallIndex.
It would be good to understand what happens, but we don't have
any reproducers. CallIndex is actually unused at this point.
Manager only needs call name. So remove CallIndex entirely.
