As asked by Peter Zijlstra: "the lack of whitespace between "repro:"
and the URL makes it hard to copy paste".
We keep lines below 78 colons because otherwise some email clients will reflow them.
And also we want it all properly aligned as asked by Ted Ts'o.
So shorten "syzkaller repro" to "syz repro".
To make it possible to provide URLs that jump to a specific BugNamespace,
this adds clickable anchors for each of the BugNamespaces without changing
the current appearance of the h2 tag.
If we build fuchsia with asan, syz-executor binary fails to run with:
$ /tmp/syz-executor
[00041.656] 01128.01275> dlsvc: could not open 'libc++.so.2'
[00041.656] 06074.06088> Error loading shared library libc++.so.2: ZX_ERR_NOT_FOUND (needed by
[00041.656] 06074.06088> /tmp/syz-executor
[00041.656] 06074.06088> )
[00041.656] 01128.01275> dlsvc: could not open 'libc++abi.so.1'
[00041.656] 06074.06088> Error loading shared library libc++abi.so.1: ZX_ERR_NOT_FOUND (needed by
[00041.656] 06074.06088> /tmp/syz-executor
[00041.656] 06074.06088> )
[00041.663] 01128.01275> dlsvc: could not open 'libunwind.so.1'
[00041.663] 06074.06088> Error loading shared library libunwind.so.1: ZX_ERR_NOT_FOUND (needed by
[00041.663] 06074.06088> /tmp/syz-executor
[00041.663] 06074.06088> )
Disable asan until we figure out how to fix this.
Topaz contains end user applications that are not interesting for us
and only increase build time. The applications also consume lots of memory,
so switching to garnet should leave more memory for the fuzzer
(maybe eliminate some OOMs).
syscall accepts args as ellipsis, resources are uint64
and take 2 slots without the cast, which is wrong.
Cast resources to long when passing to syscall.
We forgot to mount binfmt_misc. Mount it. Add a test.
Increase per-call timeout, otherwise last execve timesout.
Fix csource waiting for call completion at the end of program.
It should be in <linux/fs.h> but is not there on some distros/arches as expected.
Travis build fails with:
<stdin>: In function ‘remove_dir’:
<stdin>:152:13: error: variable ‘attr’ has initializer but incomplete type
<stdin>:152:13: error: excess elements in struct initializer [-Werror]
<stdin>:152:13: error: (near initialization for ‘attr’) [-Werror]
<stdin>:152:21: error: storage size of ‘attr’ isn’t known
<stdin>:153:20: error: ‘FS_IOC_FSSETXATTR’ undeclared (first use in this function)
<stdin>:153:20: note: each undeclared identifier is reported only once for each function it appears in
<stdin>:152:21: error: unused variable ‘attr’ [-Werror=unused-variable]
cc1: all warnings being treated as errors
https://travis-ci.org/google/syzkaller/jobs/413574080
Support checking "blocked"/"unfinished" flags for calls.
Support test constanints, e.g. "requires: threaded" or "requires: -sandbox=setuid".
Some improvements in tools/syz-runtest.
Update #603
With checkpoint_net_namespace moved to setup_common,
and Android fuzzing session terminates prematurely due to
ipv4_tables not being initialized at this time.
Moving the call back to loop fixes this behavior.
