reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-12-03 17:01:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,925 Commits 4 Branches 0 Tags 180 MiB
c9e7aeaef6
Commit Graph

239 Commits

Author SHA1 Message Date
Dmitry Vyukov
be566e352b prog: go fmt 2016-10-16 08:15:24 +02:00
Andrey Konovalov
e4edb0e20b Add tests for big-endian ints 2016-10-13 15:38:58 +02:00
Andrey Konovalov
7686d19aff Add big-endian ints 2016-10-13 15:38:53 +02:00
Andrey Konovalov
55cd443931 Fix validate, detect nil non-optional pointer 2016-10-11 20:54:28 +02:00
Andrey Konovalov
d7ba1b8f86 Add assign len fields tests 2016-10-11 20:09:25 +02:00
Andrey Konovalov
78f79fee93 Refactor & improve len type handling 2016-10-11 20:09:19 +02:00
Dmitry Vyukov
afb08bdd3c prog: fix serialized program in a test 
Also test at least deserialization of these programs in short mode.
 2016-10-07 13:43:43 +02:00
Andrey Konovalov
f2d77726c8 Add exec serialize tests for array[int8] 2016-10-04 18:50:02 +02:00
Andrey Konovalov
c99cbdbe58 Emit BufferBlob for array[int8] 2016-10-04 18:49:57 +02:00
Dmitry Vyukov
3ca39dfc4d sys: add padding to structs again 
Struct padding was accidentially lost after:
852e3d2eae
Restore it. Now with tests.

Fixes #78
 2016-09-29 13:30:08 +02:00
Dmitry Vyukov
bf21057e7c prog: add a test for union layout 
This is a retrospect tests for the union bug fixed in:
91eb1b922f
 2016-09-29 12:21:26 +02:00
Dmitry Vyukov
11a690d275 sys, prog: add tests for description parsing and serialization 
Add sys/test.txt file with description of syscalls for tests.
These descriptions can be used to ensure that we can parse everything we clain we can parse.
Use these descriptions to write several tests for exec serialization
(one test shows that alignment handling is currently incorrect).
These test descriptions can also be used to write e.g. mutation tests.

Update #78
 2016-09-28 20:06:42 +02:00
Dmitry Vyukov
8904ff96b5 prog: add a simple test for exec encoding 2016-09-24 11:46:43 +02:00
Dmitry Vyukov
8f1cbd29ba Merge pull request #71 from xairy/blob_mutation 
Better blob mutation
 2016-09-19 19:43:53 +02:00
Dmitry Vyukov
d18f8aa366 Merge pull request #73 from xairy/ranged_arrays 
Allow range sized arrays
 2016-09-19 19:42:00 +02:00
Andrey Konovalov
36d9371a19 prog: return struct size when generating args 2016-09-19 16:33:32 +02:00
Andrey Konovalov
91eb1b922f prog: skip union when calculating field offset 2016-09-19 16:27:40 +02:00
Andrey Konovalov
f41935d53f Allow range sized arrays 2016-09-19 16:16:24 +02:00
Andrey Konovalov
705a657fbe Better blob mutation 2016-09-19 15:55:28 +02:00
Dmitry Vyukov
77f435b4f7 prog: more checks during program validation 2016-09-05 12:49:47 +02:00
Dmitry Vyukov
852e3d2eae sys: support recursive structs 
A struct can have a pointer to itself directly or indirectly.
Currently it leads to inifinite recursion when generating descriptions.
Fix this.
 2016-09-05 12:49:47 +02:00
Dmitry Vyukov
27b03f4ba3 prog: generate shifted integers with some probability 
Useful for bitfield-like integers.
 2016-09-01 17:17:37 +02:00
Dmitry Vyukov
7690667267 sys: specify resources in text descriptions 
Currently to add a new resource one needs to modify multiple source files,
which complicates descirption of new system calls.
Move resource descriptions from source code to text desciptions.
 2016-08-27 18:27:50 +02:00
Dmitry Vyukov
0d0fbbe73f overhaul syscall description generation process 
This splits generation process into two phases:
1. Extract values of constants from linux kernel sources.
2. Generate Go code.

Constant values are checked in.
The advantage is that the second phase is now completely independent
from linux source files, kernel version, presence of headers for
particular drivers, etc. This allows to change what Go code we generate
any time without access to all kernel headers (which in future won't be
limited to only upstream headers).

Constant extraction process does require proper kernel sources,
but this can be done only once by the person who added the driver
and has access to the required sources. Then the constant values
are checked in for others to use.
Consant extraction process is per-file/per-arch. That is,
if I am adding a driver that is not present upstream and that
works only on a single arch, I will check in constants only for
that driver and for that arch.
 2016-08-26 07:09:25 +02:00
Dmitry Vyukov
e7021ac638 prog: don't try to execute ioctl(FIFREEZE) and mknod 
ioctl(FIFREEZE) renders machine dead.
FIFREEZE is an interesting thing, and we could test it
in namespace (?) or on manually mounted file systems (?).
But that will require more complex handling.
Disable it until we have that logic.

mknod of char/block devices can do all kinds of nasty stuff
(read/write to IO ports, kernel memory, etc).
Disable it for now.
 2016-08-21 18:07:55 -07:00
Dmitry Vyukov
08e664c044 prog: generate SIGSEGVs with lower probability 
Addresses that trigger SIGSEGV does not seem to uncover any bugs.
But they crash executor preventing programs from being executed.
Lower probability of generating addresses that lead to SIGSEGVs.
 2016-08-13 15:28:07 -07:00
Dmitry Vyukov
7460de4a28 prog: generate ints outside of the specified range once in a while 2016-08-13 09:04:19 -07:00
Dmitry Vyukov
3b9fe41fe3 reformat sources 2016-08-13 09:02:44 -07:00
Dmitry Vyukov
ae9d77a96b sys: regenerate syscall descriptions with latest linux sources 2016-08-13 09:01:42 -07:00
Baozeng Ding
7db2edcb33 sys/sysgen/prog: support ranged int 
This commit supports inclusive ranged int, like foo int32[-10~10], which will
generate random integer between -10 and 10. In future we will support more than
one range, like int32[0, -5~10, 50, 100~200]
 2016-08-10 13:43:15 +08:00
Dmitry Vyukov
da7529ea51 sys: update generated files 2016-06-13 12:50:32 +02:00
Dmitry Vyukov
71d0faff8c prog: add more filesystem names 2016-02-05 22:12:15 +01:00
Dmitry Vyukov
5dfefdb158 sys: fix write$tun description 
Also remove \r in files.
 2016-01-26 17:48:13 +01:00
Dmitry Vyukov
66b440bd17 sys: regenerate after tun/random support 2016-01-26 16:53:23 +01:00
Dmitry Vyukov
f5311fac95 sys: add basic netlink support for real 2016-01-23 21:27:57 +01:00
Dmitry Vyukov
8bdf62d1b7 sys: implement array byte size arguments 2016-01-23 00:37:08 +01:00
Dmitry Vyukov
81438c4ddd sys: use kernel headers instead of host headers 
This solves several problems:
 - host usually have outdates headers, so previously we need to define missing consts
 - host may not have some headers at all
 - generation depends on linux distribution and version
 - some of the consts cannot be defined at all (e.g. ioctls that use struct arguments)
 2016-01-22 21:18:33 +01:00
Dmitry Vyukov
1d77072874 prog: don't cache static priorities 
This is not computed very frequently, but wastes memory.
 2016-01-19 12:26:27 +01:00
Dmitry Vyukov
9c277c7974 sys: describe more dri syscalls 2016-01-16 00:23:47 +01:00
Dmitry Vyukov
81dc7f8dc8 sys: support /dev/input/event ioctls 2016-01-15 20:16:02 +01:00
Dmitry Vyukov
f675d35c97 prog: add some magic integers 2016-01-13 17:23:41 +01:00
Dmitry Vyukov
91630fe39d sys: add support for /dev/snd/control 2016-01-13 16:54:29 +01:00
Dmitry Vyukov
bca57831a5 sys: add support for /dev/snd/timer 2016-01-12 20:14:56 +01:00
Dmitry Vyukov
15128d47bd sys: support /dev/snd/seq 2016-01-11 22:26:09 +01:00
Dmitry Vyukov
bb47c6540d sys: add kvm support 2016-01-08 22:41:36 +01:00
Dmitry Vyukov
4eb9d403e8 prog: implement mutation of union args 2015-12-31 16:03:01 +01:00
Dmitry Vyukov
92bcba4b0b sys: implement fixed-size arrays 2015-12-30 19:43:15 +01:00
Dmitry Vyukov
ddcd0929e3 prog: give more priority to generic socket syscalls 2015-12-30 18:24:26 +01:00
Dmitry Vyukov
28b3d1e1ab sys: add sctp support 2015-12-30 13:04:00 +01:00
Dmitry Vyukov
e6529b30ec sys: add union type 2015-12-29 15:00:57 +01:00
Dmitry Vyukov
b17c5726f6 sys: support for AF_UNIX sockets 2015-12-28 19:11:03 +01:00
Dmitry Vyukov
4eda9b07e5 prog: don't serialize paddings 
Paddings in serialized programs are unnecessary and confusing.
Instead restore them implicitly.
Also use [,,,,] for arrays.
 2015-12-28 12:58:10 +01:00
Dmitry Vyukov
4d3db6d4c8 host: detect unsupported syscalls 
Also detect transitively unsupported syscalls,
that is, syscalls for which all syscalls that can create
input arguments are disabled.
 2015-12-27 12:20:00 +01:00
Dmitry Vyukov
af4e0c0b7a sysgen: pull in syscall numbers from kernel headers 
Syscall numbers for different architectures are now pulled in
from kernel headers. This solves 2 problems:
 - we don't need to hardcode numbers for new syscalls (that don't present in typical distro headers)
 - we have correct number for different archs (previously hardcoded numbers were for x86_64)
This also makes syscall numbers available for Go code, which can be useful.
 2015-12-24 19:13:08 +01:00
Dmitry Vyukov
58509c75a2 prog: remove padding checking 
So far it has found only false positives.
Let's leave this to KMSAN.
 2015-12-23 19:58:15 +01:00
Dmitry Vyukov
0785179903 prog: fix parse test 2015-12-23 19:47:20 +01:00
Dmitry Vyukov
1c801e8512 prog: factor out execution log parsing functionality 
It will be needed to reproduction tool.
 2015-12-23 19:18:13 +01:00
Dmitry Vyukov
47e55508d0 sys: sort new syscalls 2015-12-23 19:09:24 +01:00
Dmitry Vyukov
b4e2d91732 sys: expose new syscall numbers programmatically 
This will be required for reproduction tool.
 2015-12-23 19:05:15 +01:00
Dmitry Vyukov
28571fdc32 prog: glue mmap's together during minimization 2015-12-23 13:47:45 +01:00
Dmitry Vyukov
e253cbc79f csource: new package 
Move C source generation into a separate package.
Prog is too bloated already.
 2015-12-23 13:38:31 +01:00
Dmitry Vyukov
071ad4e91f sys: fix AT_FDCWD handling 
AT_FDCWD is not a flag, it is an fd.
 2015-12-23 13:36:13 +01:00
Dmitry Vyukov
72742865dd sys: add bluetooth support 2015-12-17 14:38:46 +01:00
Dmitry Vyukov
6f71e5dce1 sys: add PF_NFC support 2015-12-17 14:38:46 +01:00
Dmitry Vyukov
9980a72713 sys: automatically add padding to structs 2015-12-17 14:38:46 +01:00
Dmitry Vyukov
c4b809f85f sys: add support for PF_ALG 2015-12-17 14:38:46 +01:00
Dmitry Vyukov
b7800fb0a2 sys: describe some additional syscalls 2015-12-03 20:03:50 +01:00
Dmitry Vyukov
a63ac433ab sys: add userfaultfd syscall 2015-11-30 16:31:45 +01:00
Dmitry Vyukov
81de33fab1 add perf ioctl's 2015-11-29 13:19:10 +01:00
Dmitry Vyukov
b94cd3038a add support for perf events 2015-11-29 12:19:58 +01:00
Dmitry Vyukov
9d1895c1bd add support for bpf syscall 2015-11-29 11:05:08 +01:00
Dmitry Vyukov
11b28f5166 prog: allow comments in programs 
Useful for manual program minimization.
 2015-11-20 15:40:59 +01:00
Dmitry Vyukov
4784f4f6f5 add fuse support 2015-11-19 17:16:36 +01:00
Dmitry Vyukov
495113290e basic support for dri/drm drivers 2015-11-18 21:22:17 +01:00
Dmitry Vyukov
6892001bbc add tty-related ioctl's 2015-11-16 19:14:05 +01:00
Dmitry Vyukov
1334407ba4 reduce number of indirections in syscall description by using consts 2015-11-06 21:51:19 +01:00
Dmitry Vyukov
e9cf3f5aa1 minor tweaks to program generation heuristics 2015-10-20 15:46:04 +02:00
Dmitry Vyukov
b0a24e2466 don't generate pthread(PTRACE_TRACEME) due to a known issue 2015-10-20 15:46:04 +02:00
Dmitry Vyukov
cd51d417c6 allow to not specify enabled syscalls in prog.BuildChoiceTable 2015-10-16 22:10:51 +02:00
Dmitry Vyukov
f8f416fb8f preliminary description of kdbus syscalls 2015-10-16 18:16:10 +02:00
Dmitry Vyukov
7f031e85ef add common ioctl commands 2015-10-15 20:07:28 +02:00
Dmitry Vyukov
8d0aa4f7c0 improvements for kdbus 2015-10-15 17:59:01 +02:00
Dmitry Vyukov
c9b915608d initial support for call priorities 2015-10-14 16:55:09 +02:00
Dmitry Vyukov
9f8e5038cf teach prog about in6_addr 2015-10-13 21:24:22 +02:00
Dmitry Vyukov
2c6f92b113 describe setsockopt... more or less 2015-10-13 20:13:40 +02:00
Dmitry Vyukov
8b78c985ab support iocb pointers as resources 2015-10-13 20:13:40 +02:00
Dmitry Vyukov
685592a508 remove debugging leftover 2015-10-13 20:13:40 +02:00
Dmitry Vyukov
f6b48b1774 describe arguments of prctl syscall 2015-10-13 20:13:40 +02:00
Dmitry Vyukov
874c5754bb initial commit 2015-10-12 10:16:57 +02:00