reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2025-02-26 22:55:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
612 Commits 4 Branches 0 Tags
Commit Graph

612 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dmitry Vyukov
fa3280e0b4 gce: temporary add external IPs to instances 
There seems to be some issue with DHCP if instance does not have external IP.
Test if it will work with external IP.
 2016-12-16 16:46:07 +01:00
Dmitry Vyukov
a59452c4b2 vm/gce: handle graceful preemption 
In case of graceful preemption fuzzer should be terminated by SIGTERM.
Catch it and propagate to manager.
 2016-12-16 16:11:18 +01:00
Dmitry Vyukov
f83633edbe tools/syz-symbolize: add report symbolizer utility 2016-12-16 15:53:30 +01:00
Dmitry Vyukov
c0edd52ce1 report: whitelist WARNING printed by sshd 2016-12-16 15:48:14 +01:00
Dmitry Vyukov
81efdbb29c sys: describe new pkey_* syscalls 2016-12-16 15:42:11 +01:00
Dmitry Vyukov
739d40c1b8 report: support new stack trace format without PC values 2016-12-16 15:40:53 +01:00
Dmitry Vyukov
5d23ba9171 executor: don't fail on ENOMEM 2016-12-16 15:36:29 +01:00
Dmitry Vyukov
d1b6b5b9b1 syz-extract: don't fail if no flags to extract 2016-12-13 21:07:59 +01:00
Dmitry Vyukov
fb3b63b70e Merge pull request #103 from tjjh89017/patch-repro 
Fix make repro failed
 2016-12-12 14:44:00 +01:00
Date Huang
d536a20ed5 Fix make report failed 2016-12-12 19:19:09 +08:00
Dmitry Vyukov
df27b4deaf Merge pull request #102 from ste/url-fix 
Fix broken links for KASAN and KUBSAN
 2016-12-09 21:38:21 +01:00
Stephen Hildrey
611fbd7885 Fix broken links for KASAN and KUBSAN 2016-12-09 20:32:10 +00:00
Dmitry Vyukov
9c94dffdc5 executor: handle exit failures 
See the added comment for explanation.
 2016-12-08 17:38:31 +01:00
Dmitry Vyukov
ebfa6e169e ipc: produce more detailed error messages 
Always prepend executor PID to error messages,
so it is clear what program triggered a bug.
Extend coverage parsing error messages.
 2016-12-08 17:28:48 +01:00
Dmitry Vyukov
73b7be0e9c manager: print how long VMs running before restarting 
For a potential case VM unexpectedly exits too early.
 2016-12-08 17:28:42 +01:00
Dmitry Vyukov
6f9e42e9ba report: support "spinlock recursion" oops 2016-12-07 16:43:48 +01:00
Dmitry Vyukov
72a439b447 executor: add struct to cap structs 
Otherwise it does not compile as C.
Also regenerate csource/common.go (it misses the MAX_PIDS change).
 2016-12-07 16:00:20 +01:00
Dmitry Vyukov
60fd47e308 tools/create-image.sh: install sudo into the image 2016-12-07 15:58:51 +01:00
Dmitry Vyukov
2b1456887b tools/create-image.sh: use net.core.bpf_jit_enable = 1 
bpf_jit_enable = 2 causes printing of all programs to console.
Produces lots of output and is not very useful. Disable it.
 2016-12-07 10:17:46 +01:00
Dmitry Vyukov
99b473cb4b executor: use different address for our network card 
IP addresses like 192.168.0.1/192.168.1.1 are often used for routing between VM and the host.
Offset our IP addresses to start from 192.168.218.0 to reduce potential conflicts.
 2016-12-06 20:09:17 +01:00
Dmitry Vyukov
ad8354e9bd manager: fix potential nil deref crash 
res.res.CRepro crashes if res.res == nil.
Fix that.
 2016-12-06 20:08:04 +01:00
Dmitry Vyukov
d105629ea2 vm/qemu: use panic=86400 instead of panic=-1 
panic=-1 causes instant reboot, which is bad for crash logs.
panic=86400 makes it hang. Use panic=86400 as create-gce-image.sh does.
 2016-12-06 20:06:45 +01:00
Dmitry Vyukov
66700b2c86 executor: change the way we wait for children 
waitpid(pid) does not work if child invokes ptrace(PTRACE_TRACEME):
https://groups.google.com/forum/#!topic/syzkaller/SjWzOnNRRIU
Use waitpid(-1) instead.
 2016-12-05 21:07:26 +01:00
Dmitry Vyukov
ce1cd11efc Merge pull request #101 from xairy/tun-fix 
executor: don't try to open tun if it's not enabled
 2016-12-02 19:50:27 +01:00
Andrey Konovalov
346fb4e5e9 executor: don't try to open tun if it's not enabled 2016-12-02 19:21:33 +01:00
Dmitry Vyukov
3e53602346 vm/gce: use preemptible instances 
Preemptible instances are cheaper, try to use them.
Also try to enable vmx support.
 2016-12-02 16:58:09 +01:00
Andrey Konovalov
e4bf587846 Merge pull request #100 from xairy/remove-dir-fix 
csourse: emit remove_dir only when needed
 2016-11-29 19:07:50 +01:00
Andrey Konovalov
11e1b430a8 csourse: emit remove_dir only when needed 2016-11-29 19:02:58 +01:00
Andrey Konovalov
6d413cab8f Merge pull request #99 from xairy/csourse-fix 
csourse: fix emitting syz_* syscalls in c reproducer
 2016-11-29 18:57:06 +01:00
Andrey Konovalov
b13dc4bf50 csourse: fix emitting syz_* syscalls in c reproducer 2016-11-29 18:53:41 +01:00
Dmitry Vyukov
684beccb2a Merge pull request #98 from xairy/remove-inport 
prog: remove unused inport() and inaddr()
 2016-11-29 17:50:39 +01:00
Andrey Konovalov
55e1e51c1c prog: remove unused inport() and inaddr() 2016-11-29 17:46:02 +01:00
Andrey Konovalov
ca20a676a9 Merge pull request #92 from xairy/emit-ethernet 
Emit ethernet traffic
 2016-11-29 17:42:42 +01:00
Andrey Konovalov
c5707f5e57 executor: emit ethernet traffic 2016-11-29 17:39:38 +01:00
Dmitry Vyukov
72e9b239f4 Merge pull request #97 from xairy/inaddr-template 
Move inaddr and sockaddr descriptions to templates
 2016-11-29 16:51:56 +01:00
Andrey Konovalov
2429a7b034 sys: move sockaddr description to templates 2016-11-29 16:39:02 +01:00
Andrey Konovalov
86917cc3a7 sys: move in_addr description to templates 2016-11-29 16:39:02 +01:00
Dmitry Vyukov
4278c63e64 ipc: improve handling of executor failures 
1. Logical executor failures were not handled in waitServing.
2. Fuzzer did not distinguish temporal errors and logical errors
   and always waited for 10 errors before crashing.
Fix that.
 2016-11-29 15:19:29 +01:00
Dmitry Vyukov
eac6d72f0e manager: use only 1 proc in debug mode 
Parallel procs produce lots of intermixed output.
 2016-11-29 15:17:48 +01:00
Dmitry Vyukov
4dea52c066 sys: add new bpf descriptions 
These were just added to net-next.
 2016-11-28 18:29:10 +01:00
Dmitry Vyukov
ee3c2c3591 tools: enable bpg jit in create-image.sh 
JIT should be more interesting to fuzz.
 2016-11-28 18:26:56 +01:00
Dmitry Vyukov
ef040b21d2 tools: fix getty configuration in create-gce-image.sh 2016-11-28 18:25:49 +01:00
Dmitry Vyukov
2033db1d8a Merge pull request #96 from a13xp0p0v/vm-startup-fixes 
VM startup fixes
 2016-11-28 15:10:44 +01:00
Alexander Popov
3a5ae29218 vm/qemu: prevent eth0 renaming 
create-image.sh tries to enable eth0 network interface of the virtual machine,
but there is no eth0 in a fresh debian-wheezy, since biosdevname renames interfaces.
VM log quotation:
  e1000 0000:00:03.0 eth0: (PCI:33MHz:32-bit) 52:54:00:12:34:56
  e1000 0000:00:03.0 eth0: Intel(R) PRO/1000 Network Connection
  e1000 0000:00:03.0 ens3: renamed from eth0
  ...
  Cannot find device "eth0"
  Bind socket to interface: No such device
  Failed to bring up eth0.

The simplest fix is disabling biosdevname by adding "net.ifnames=0 biosdevname=0"
to the kernel command line.

Signed-off-by: Alexander Popov <alex.popov@linux.com>
 2016-11-28 16:11:24 +03:00
Alexander Popov
1e56aff95f tools: fix getty configuration in create-image.sh 
create-image.sh adds the string "V0:23:respawn:/sbin/getty 115200 hvc0" to inittab
of a virtual machine, but a fresh debian-wheezy doesn't have a hvc0 device.
So getty fails to start and respawns over and over again:
  INIT: Id "V0" respawning too fast: disabled for 5 minutes

Let's fix create-image.sh to have a working VM terminal.

Signed-off-by: Alexander Popov <alex.popov@linux.com>
 2016-11-28 16:10:09 +03:00
Dmitry Vyukov
23fd96806d ipc: append pid to binary name 
E.g. if binary is 'syz-executor' and pid=15,
we create a link from 'syz-executor15' to 'syz-executor' and use 'syz-executor15' as binary.
This allows to easily identify program that lead to a crash in the log.
Log contains pid in "executing program 15" and crashes usually contain "Comm: syz-executor15".
 2016-11-26 17:04:23 +01:00
Dmitry Vyukov
c732a41acb csource: don't emit syz_ syscalls is they are not used 2016-11-26 16:41:40 +01:00
Dmitry Vyukov
5d94283455 ipc, prog, sysgen: format code 2016-11-25 20:17:32 +01:00
Dmitry Vyukov
52f73100ee Merge pull request #94 from xairy/proc-type 
Add proc type
 2016-11-25 20:16:07 +01:00
Dmitry Vyukov
5c8b703fa2 report: don't print size in KASAN reports 
I see a bunch of reports of the form:
KASAN: use-after-free Read of size 4059 in copy_from_iter
but size is different in all reports.
This hampers deduplication.
Don't print size.
 2016-11-25 20:12:16 +01:00