reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-11-24 03:49:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
188 Commits 4 Branches 0 Tags 180 MiB
c9b24b38c9
Commit Graph

188 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Vyukov
c9b24b38c9 Update README.md 2016-01-07 13:16:20 +01:00
Dmitry Vyukov
ad969c98f1 tools: add script that creates a Linux image suitable for syzkaller 2016-01-07 13:12:36 +01:00
Dmitry Vyukov
33950d306a executor: fix some bugs found by clang 2015-12-31 17:52:26 +01:00
Dmitry Vyukov
96e9dbd874 sys: update grammar description 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
aa82db2290 sys: implement sockaddr_storage 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
4eb9d403e8 prog: implement mutation of union args 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
62351e3ea5 fuzzer: allow to write programs to dmesg 
Mostly useful for local VM.
 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
84916f2fc6 manager: run leak checking only on one instance (it is slow) 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
2e5e7b6f6b Merge pull request #10 from ykram/master 
add missing comma in example.cfg
 2015-12-31 09:14:42 +01:00
marky
2ccb4f6f95
fix a syntax error in example.cfg 
Missing comma makes it so that syz-manager does not properly parse the example
config.

Signed-off-by: marky <mark@noffle.net>
 2015-12-30 21:29:34 -07:00
Dmitry Vyukov
02aa995eb1 vm/local: minor improvements 2015-12-30 19:53:39 +01:00
Dmitry Vyukov
92bcba4b0b sys: implement fixed-size arrays 2015-12-30 19:43:15 +01:00
Dmitry Vyukov
d54762d735 manager: don't filter out programs with disabled syscalls from corpus 
In two contexts I tested it only reduces total coverage.
If you want strict set of syscalls, reset corpus.
 2015-12-30 18:53:15 +01:00
Dmitry Vyukov
43815ce761 vm/local: revive local VM 2015-12-30 18:25:14 +01:00
Dmitry Vyukov
ddcd0929e3 prog: give more priority to generic socket syscalls 2015-12-30 18:24:26 +01:00
Dmitry Vyukov
3ccc84556b tools/stress: disable unsupported syscalls 2015-12-30 18:24:08 +01:00
Dmitry Vyukov
777beb5076 sys: add packed/aligned struct attributes 2015-12-30 13:53:09 +01:00
Dmitry Vyukov
28b3d1e1ab sys: add sctp support 2015-12-30 13:04:00 +01:00
Dmitry Vyukov
9c148d824a manager: fix printing of enabled syscalls 2015-12-29 15:18:50 +01:00
Dmitry Vyukov
e6529b30ec sys: add union type 2015-12-29 15:00:57 +01:00
Dmitry Vyukov
d40104b8a3 fileutil: fix race in ProcessTempDir 
One goroutine decides that it needs to clean up an instance,
but before it tries to delete pid file it is preempted.
Then another goroutine cleans up this instances and creates
a new instances in the same dir.
Then first goroutine removes already new pid file and removes
the used dir.

Fix this by using flock on a lock file.
Add a test.
 2015-12-29 13:29:00 +01:00
Dmitry Vyukov
b17c5726f6 sys: support for AF_UNIX sockets 2015-12-28 19:11:03 +01:00
Dmitry Vyukov
bd768c8f40 sys: move more subsystems into separate files 2015-12-28 16:11:15 +01:00
Dmitry Vyukov
0451ffa50a qemu/kvm: improve output buffering 
There seems to be some missed pieces in output.
 2015-12-28 15:53:51 +01:00
Dmitry Vyukov
eef80b3d76 sys: split syscall description into several files 2015-12-28 15:53:32 +01:00
Dmitry Vyukov
3dc36baa69 config: update suppression for new binary name 2015-12-28 15:42:06 +01:00
Dmitry Vyukov
c7f10835eb manager: give kernel more time to print crash message 2015-12-28 14:35:00 +01:00
Dmitry Vyukov
27d5b3f0ec fuzzer: don't print keep-alive 
It is not necessary and prevents hang detection.
Programs provide output keep-alive for manager.
 2015-12-28 14:11:43 +01:00
Dmitry Vyukov
b4a59f4ee6 ipc: increase timeout in tests 
IPC timeout must be larger than executor timeout.
Otherwise IPC kills parent executor but does not
kill child executor.
 2015-12-28 13:04:05 +01:00
Dmitry Vyukov
4eda9b07e5 prog: don't serialize paddings 
Paddings in serialized programs are unnecessary and confusing.
Instead restore them implicitly.
Also use [,,,,] for arrays.
 2015-12-28 12:58:10 +01:00
Dmitry Vyukov
9f9ae3fcc3 tools/syz-upgrade: helper tool for corpus format upgrades 2015-12-28 12:49:19 +01:00
Dmitry Vyukov
7aee64145f host: detect more unsupported syscalls 2015-12-28 10:45:30 +01:00
Dmitry Vyukov
4d3db6d4c8 host: detect unsupported syscalls 
Also detect transitively unsupported syscalls,
that is, syscalls for which all syscalls that can create
input arguments are disabled.
 2015-12-27 12:20:00 +01:00
Dmitry Vyukov
524a2ae38f sysgen: fix syscall number assignment for syzkalls 2015-12-24 21:27:21 +01:00
Dmitry Vyukov
a9a7744776 executor: get rid of sigtimedwait 
Wait with spin loop instead.
See the comment for explanation.
 2015-12-24 20:29:48 +01:00
Dmitry Vyukov
293e915415 vm: fix crash message extraction regexp 
First, "cut here" is not interesting as it always follows
by a more descriptive message.
Unreferenced object is interesting.
Also, strip \r at the end.
Add a test.
 2015-12-24 19:55:19 +01:00
Dmitry Vyukov
d9b493f203 executor: don't use WUNTRACED in wait 
WUNTRACED wait returns when child has stopped.
That's not what we want to wait for.
If it's stopped we need to timeout wait and kill
the stopped child.
 2015-12-24 19:14:15 +01:00
Dmitry Vyukov
af4e0c0b7a sysgen: pull in syscall numbers from kernel headers 
Syscall numbers for different architectures are now pulled in
from kernel headers. This solves 2 problems:
 - we don't need to hardcode numbers for new syscalls (that don't present in typical distro headers)
 - we have correct number for different archs (previously hardcoded numbers were for x86_64)
This also makes syscall numbers available for Go code, which can be useful.
 2015-12-24 19:13:08 +01:00
Dmitry Vyukov
4961230857 syz-manager: filter out programs with disabled syscalls from corpus 
Fixes #9
 2015-12-24 12:21:01 +01:00
Dmitry Vyukov
80d60f7305 tools/syz-repro: fix repeat multiplier 
For loop already increases multiplier on exit,
so additional incrase is not necessary.
 2015-12-24 12:06:15 +01:00
Dmitry Vyukov
05b38edce2 vm/qemu: fix output reading bug 
If qemu boot retries several times due to busy tcp port,
it ends up with several output reading goroutines.
That completely messes output.
 2015-12-24 12:06:04 +01:00
Dmitry Vyukov
58509c75a2 prog: remove padding checking 
So far it has found only false positives.
Let's leave this to KMSAN.
 2015-12-23 19:58:15 +01:00
Dmitry Vyukov
0785179903 prog: fix parse test 2015-12-23 19:47:20 +01:00
Dmitry Vyukov
8922bd4029 update documentation 2015-12-23 19:33:12 +01:00
Dmitry Vyukov
d4180ca5c7 tools/syz-repro: add reproduction tool 2015-12-23 19:19:45 +01:00
Dmitry Vyukov
546347d931 all: reformat 2015-12-23 19:18:58 +01:00
Dmitry Vyukov
1c801e8512 prog: factor out execution log parsing functionality 
It will be needed to reproduction tool.
 2015-12-23 19:18:13 +01:00
Dmitry Vyukov
2eb388c0f8 vm: improve VM interface 
Current interface is suitable only for running syz-fuzzer.
Make the interface more generic (boot, copy file, run an arbitrary command).
This allows to build other tools on top of vm package
(e.g. reproducer creation).
 2015-12-23 19:12:45 +01:00
Dmitry Vyukov
5c0a662198 sys: fix padding insertion 
Padding was not inserted into indirect structs.
 2015-12-23 19:10:41 +01:00
Dmitry Vyukov
7f3186abbb execprog: detect executor-detected bugs 2015-12-23 19:09:48 +01:00