diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2020-05-03 16:53:36 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2020-05-05 14:01:52 +0200 |
| commit | 1905d7c090a13a8b94e5d19a5388104f2d7693fd (patch) | |
| tree | 35a501ee366d2d41b46da91af19a01485f9bae66 /pkg | |
| parent | 3dda7e67688077f3c6f91450d18dc14c776d3872 (diff) | |
prog: refactor ANY to not fabricate new types
Currently ANY implementation fabricates new types dynamically.
This is something we don't do anywhere else, generally types
come from compiler and all are static.
Dynamic types will conflict with use of Ref in Arg optimization.
Move ANY types creation into compiler.
Update #1580
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/compiler/types.go | 23 | ||||
| -rw-r--r-- | pkg/host/syscalls.go | 20 |
2 files changed, 34 insertions, 9 deletions
diff --git a/pkg/compiler/types.go b/pkg/compiler/types.go index 2fddb4917..fd021cefc 100644 --- a/pkg/compiler/types.go +++ b/pkg/compiler/types.go @@ -964,6 +964,29 @@ type optional[T] [ val T void void ] [varlen] + +# prog/any.go knows layout of these types. +ANYUNION [ + ANYBLOB array[int8] + ANYRES16 ANYRES16 + ANYRES32 ANYRES32 + ANYRES64 ANYRES64 + ANYRESDEC fmt[dec, ANYRES64] + ANYRESHEX fmt[hex, ANYRES64] + ANYRESOCT fmt[oct, ANYRES64] +] [varlen] + +ANYPTRS [ + ANYPTR ptr[in, array[ANYUNION]] + ANYPTR64 ptr64[in, array[ANYUNION]] +] + +resource ANYRES16[int16]: -1, 0 +resource ANYRES32[int32]: -1, 0 +resource ANYRES64[int64]: -1, 0 + +syz_builtin0(a ptr[in, ANYPTRS]) (disabled) +syz_builtin1(a ptr[out, ANYUNION]) (disabled) ` func init() { diff --git a/pkg/host/syscalls.go b/pkg/host/syscalls.go index d63c7ceef..e322fc3b1 100644 --- a/pkg/host/syscalls.go +++ b/pkg/host/syscalls.go @@ -16,16 +16,24 @@ func DetectSupportedSyscalls(target *prog.Target, sandbox string) ( log.Logf(1, "detecting supported syscalls") supported := make(map[*prog.Syscall]bool) unsupported := make(map[*prog.Syscall]string) + const disabledAttribute = "has disabled attribute in descriptions" // These do not have own host and parasitize on some other OS. if targets.Get(target.OS, target.Arch).HostFuzzer { for _, c := range target.Syscalls { - supported[c] = true + if c.Attrs.Disabled { + unsupported[c] = disabledAttribute + } else { + supported[c] = true + } } } else { for _, c := range target.Syscalls { ok, reason := false, "" - switch c.CallName { - case "syz_execute_func": + switch { + case c.Attrs.Disabled: + ok = false + reason = disabledAttribute + case c.CallName == "syz_execute_func": // syz_execute_func caused multiple problems: // 1. First it lead to corpus exploision. The program used existing values in registers // to pollute output area. We tried to zero registers (though, not reliably). @@ -55,12 +63,6 @@ func DetectSupportedSyscalls(target *prog.Target, sandbox string) ( } } } - for c := range supported { - if c.Attrs.Disabled { - delete(supported, c) - unsupported[c] = "has disabled attribute in descriptions" - } - } return supported, unsupported, nil } |