units

package

v0.0.0-...-581658c Latest Latest Go to latest Published: Oct 27, 2025 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/buzzer

Links

Open Source Insights

Documentation ¶

Overview ¶

Package units implements the business logic to make the fuzzer work

Index ¶

Variables
type Control
type CoverageInfo
type CoverageManager
- func NewCoverageManager(processingFunction func(string) (string, error)) *CoverageManager
type FFI
type Metrics
- func NewMetricsUnit(threshold int, vmLinuxPath, sourceFilesPath, metricsServerAddr string, ...) *Metrics
- func (mu *Metrics) RecordVerificationResults(vr *fpb.ValidationResult)
type MetricsCollection
type MetricsServer
type Strategy

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	NilStrategyError = errors.New("Strategy cannot be nil")
)

Functions ¶

This section is empty.

Types ¶

type Control ¶

type Control struct {
	// contains filtered or unexported fields
}

Control directs the execution of the fuzzer.

func (*Control) Init ¶

func (cu *Control) Init(ffi *FFI, coverageManager *CoverageManager, strat Strategy) error

Init prepares the control unit to be used.

func (*Control) IsReady ¶

func (cu *Control) IsReady() bool

IsReady indicates to the caller if the Control is initialized successully.

func (*Control) RunFuzzer ¶

func (cu *Control) RunFuzzer() error

RunFuzzer kickstars the fuzzer in the mode that was specified at Init time.

type CoverageInfo ¶

type CoverageInfo struct {
	// contains filtered or unexported fields
}

type CoverageManager ¶

type CoverageManager struct {
	// contains filtered or unexported fields
}

CoverageManager deals with everything coverage related.

func NewCoverageManager ¶

func NewCoverageManager(processingFunction func(string) (string, error)) *CoverageManager

func (*CoverageManager) GetCoverageHistory ¶

func (cm *CoverageManager) GetCoverageHistory() map[time.Time]int

GetCoverageHistory returns the record of how many lines of coverage have we got with buzzer.

func (*CoverageManager) GetCoverageInfoMap ¶

func (cm *CoverageManager) GetCoverageInfoMap() *map[string][]int

GetCoverageInfoMap returns the coverage info cache.

func (*CoverageManager) ProcessCoverageAddresses ¶

func (cm *CoverageManager) ProcessCoverageAddresses(cov []uint64) (map[uint64]string, error)

ProcessCoverageAddresses converts raw coverage hex addresses into line numbers and files, it also caches the results.

type FFI ¶

type FFI struct {
	MetricsUnit *Metrics
}

FFI is the unit that will talk to ebpf and run/validate programs.

func (*FFI) CleanFdArray ¶

func (e *FFI) CleanFdArray(fd_array uint64, size int)

SetMapElement sets the elemnt specified by `key` to `value` in the map described by `fd`

func (*FFI) CleanupKcov ¶

func (e *FFI) CleanupKcov()

CleanupKcov destroys all the resources created for kcov.

func (*FFI) CloseFD ¶

func (e *FFI) CloseFD(fd int)

CloseFD closes the provided file descriptor.

func (*FFI) CreateMapArray ¶

func (e *FFI) CreateMapArray(size uint64) int

CreateMapArray creates an ebpf map of type array and returns its fd. -1 means error.

func (*FFI) GetMapElements ¶

func (e *FFI) GetMapElements(fd int, mapSize uint64) (*fpb.MapElements, error)

GetMapElements fetches the map elements of the given fd.

func (*FFI) GetMapElementsFdArray ¶

func (e *FFI) GetMapElementsFdArray(fd_array uint64, idx uint32, mapSize uint32) (*fpb.MapElements, error)

GetMapElements fetches the map elements of the given fd_array position.

func (*FFI) InitKcov ¶

func (e *FFI) InitKcov()

InitKcov sets up all the required kcov structures.

func (*FFI) RunCbpfProgram ¶

func (e *FFI) RunCbpfProgram(executionRequest *fpb.CbpfExecutionRequest) (*fpb.ExecutionResult, error)

RunProgram Runs the cbpf program and returns the execution results.

func (*FFI) RunEbpfProgram ¶

func (e *FFI) RunEbpfProgram(executionRequest *fpb.ExecutionRequest) (*fpb.ExecutionResult, error)

RunProgram Runs the ebpf program and returns the execution results.

func (*FFI) SetMapElement ¶

func (e *FFI) SetMapElement(fd int, key uint32, value uint64) int

SetMapElement sets the elemnt specified by `key` to `value` in the map described by `fd`

func (*FFI) ValidateCbpfProgram ¶

func (e *FFI) ValidateCbpfProgram(prog []cbpf.Filter) (*fpb.ValidationResult, error)

---------- cBPF -------------- ValidateProgram passes the program through the bpf verifier without executing it. Returns feedback to the generator so it can adjust the generation settings.

func (*FFI) ValidateEbpfProgram ¶

func (e *FFI) ValidateEbpfProgram(encodedProgram *fpb.EncodedProgram) (*fpb.ValidationResult, error)

----------- eBPF -------------- ValidateProgram passes the program through the bpf verifier without executing it. Returns feedback to the generator so it can adjust the generation settings.

type Metrics ¶

type Metrics struct {
	// SamplingThreshold represents the number of samples that will be
	// skipped before detailed info is collected.
	//
	// e.g. if SamplingThreshol = 100; then every 100th sample passed through
	// the Metrics will collect detailed info (coverage, and verifier logs).
	SamplingThreshold int
	// contains filtered or unexported fields
}

Metrics is the central place where the fuzzer can report any metrics or statistics. It is also responsible for refining coverage in an async way. (Coverage refine is an expensive operation, so we do it async).

func NewMetricsUnit ¶

func NewMetricsUnit(threshold int, vmLinuxPath, sourceFilesPath, metricsServerAddr string, metricsServerPort uint16, cm *CoverageManager) *Metrics

NewMetricsUnit Creates a new Central Metrics Unit.

func (*Metrics) RecordVerificationResults ¶

func (mu *Metrics) RecordVerificationResults(vr *fpb.ValidationResult)

RecordVerificationResults collects metrics from the provided verification result proto.

type MetricsCollection ¶

type MetricsCollection struct {
	// contains filtered or unexported fields
}

MetricsCollection Holds the actual metrics that have been collected so far and provides a way to access them in a thread safe manner.

type MetricsServer ¶

type MetricsServer struct {
	// contains filtered or unexported fields
}

MetricsServer exposes an http server where information about coverage/metrics can be visualized.

type Strategy ¶

type Strategy interface {
	// GenerateProgram should return the instructions to feed the verifier.
	GenerateProgram(ffi *FFI) (*pb.Program, error)

	// OnVerifyDone process the results from the verifier. Here the strategy
	// can also tell the fuzzer to continue with execution by returning true
	// or start over and generate a new program.
	OnVerifyDone(ffi *FFI, verificationResult *fpb.ValidationResult) bool

	// OnExecuteDone should validate if the program behaved like the
	// verifier expected, if that was not the case it should return false.
	OnExecuteDone(ffi *FFI, executionResult *fpb.ExecutionResult) bool

	// OnError is used to determine if the fuzzer should continue on errors.
	// true represents continue, false represents halt.
	OnError(e error) bool

	// IsFuzzingDone if true, buzzer will break out of the main fuzzing loop
	// and return normally.
	IsFuzzingDone() bool

	// Name returns the name of the current strategy to be able
	// to select it with the command line flag.
	Name() string
}

StrategyInterface contains all the methods that a fuzzing strategy should implement.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL