syzkaller
syzkaller copied to clipboard
google
pkg/repro: limit repro time
Some bugs take way too long to reproduce (days), as the result they are never reproduced because the process is aborted mid-way for update. The worst case is if we already identified a reproducer, but the process is aborted during reproducer minimization. I think we need to limit overall repro time, esp for minimization and produce at least some repro in a reasonable timeframe (even if not completely minimized).
No, I don't have any concrete examples. I just remember that several times I saw that my local instances is reproducing something for 1+ days and eventually I had to abort it without even known what was the progress. The idea is that it's never the right thing to reproduce something for days. E.g. on syzbot such repro will almost always be aborted for updates.
I think repro count should also be there along with repro time in the config file and there should be an option to stop syzkaller from trying to repro a bug from the UI. e.g. often times I see syzkaller trying to repro "lost connection/no repro" type of bugs with no end in sight.
syzkaller cannot fuzz a VM and use it for bug reproduction at the same time, so it reserves min(3, VMs count) VMs for each reproduction attempt.
You can somewhat affect this by the fuzzing_vms config: https://github.com/google/syzkaller/blob/master/pkg/mgrconfig/config.go#L154
syzkaller cannot fuzz a VM and use it for bug reproduction at the same time, so it reserves min(3, VMs count) VMs for each reproduction attempt.
You can somewhat affect this by the
fuzzing_vmsconfig: https://github.com/google/syzkaller/blob/master/pkg/mgrconfig/config.go#L154
Thanks, it helps. During the testing process, I discovered some bugs of the type 'loss connection to test machine' that would take up a lot of time and ultimately cannot be reproduced. Can I specify certain types to reproduce or not reproduce through a configuration file?