Re: syzkaller use
107 views
Skip to first unread message
Aleksandr Nogikh
May 30, 2022, 6:18:28 AM5/30/22
to xin zhang, syzkaller
Hi,
On Mon, May 30, 2022 at 9:08 AM xin zhang <zhangx...@gmail.com> wrote:
>
> Hi,
> 1.I want know syzkaller operation mechanism and stop strategy, How long time can I stop it?
> With what kind of result can it be judged that it can be stopped?
I don't think there can be any strict guidelines re. this.
After syzkaller is started, it will first go through some predefined
tests (for Linux they are e.g. here
https://github.com/google/syzkaller/tree/master/sys/linux/test) and
then it will triage the corpus. The latter can take quite a while,
especially if it was able to accumulate a big corpus during previous
executions. So it certainly doesn't make much sense to stop it until
it's done with that triage, because real fuzzing and discovery of new
coverage only begins afterwards. Whether a syzkaller istance is still
triaging the corpus or already doing normal fuzzing you can determine
by looking at the "triage queue" value on the syz-manager's web page.
Once it reaches 0, triage is done.
On syzbot we restart our instances ~ every 12 hours (corpus triaging
takes ~2 hours for us). But it's not a carefully chosen number. The
process is anyway highly probabilistic, so there's in any case no
guarantee that "run for X hours and be certain that all bugs are
discovered".
>
> 2.My kernel is constantly updated. Should I stop the syzkaller being tested and start syzkaller with a new kernel, or directly start a new syzkaller with a new kernel? Is there a good solution?
>
It looks reasonable to fuzz the latest version -- it may contain new
bugs and bug fixes for old bugs.
We use syz-ci for this purpose
(https://github.com/google/syzkaller/tree/master/syz-ci), but it's
unfortunately not well documented.
>
> tks!
On Mon, May 30, 2022 at 9:08 AM xin zhang <zhangx...@gmail.com> wrote:
>
> Hi,
> 1.I want know syzkaller operation mechanism and stop strategy, How long time can I stop it?
> With what kind of result can it be judged that it can be stopped?
I don't think there can be any strict guidelines re. this.
After syzkaller is started, it will first go through some predefined
tests (for Linux they are e.g. here
https://github.com/google/syzkaller/tree/master/sys/linux/test) and
then it will triage the corpus. The latter can take quite a while,
especially if it was able to accumulate a big corpus during previous
executions. So it certainly doesn't make much sense to stop it until
it's done with that triage, because real fuzzing and discovery of new
coverage only begins afterwards. Whether a syzkaller istance is still
triaging the corpus or already doing normal fuzzing you can determine
by looking at the "triage queue" value on the syz-manager's web page.
Once it reaches 0, triage is done.
On syzbot we restart our instances ~ every 12 hours (corpus triaging
takes ~2 hours for us). But it's not a carefully chosen number. The
process is anyway highly probabilistic, so there's in any case no
guarantee that "run for X hours and be certain that all bugs are
discovered".
>
> 2.My kernel is constantly updated. Should I stop the syzkaller being tested and start syzkaller with a new kernel, or directly start a new syzkaller with a new kernel? Is there a good solution?
>
It looks reasonable to fuzz the latest version -- it may contain new
bugs and bug fixes for old bugs.
We use syz-ci for this purpose
(https://github.com/google/syzkaller/tree/master/syz-ci), but it's
unfortunately not well documented.
>
> tks!
xin zhang
May 30, 2022, 11:24:32 PM5/30/22
to Aleksandr Nogikh, syzkaller
周婧瑜
Nov 19, 2024, 5:31:23 AM11/19/24
to syzkaller
after triage the corpus,will syzkaller mutate based on the courpus or generate new input
Taras Madan
Nov 21, 2024, 12:00:01 PM11/21/24
to 周婧瑜, syzkaller
> after triage the corpus,will syzkaller mutate based on the courpus or generate new input
Both.
--
You received this message because you are subscribed to the Google Groups "syzkaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/syzkaller/140cc337-cdff-44ad-a9d6-a1c00d6eee88n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages