diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2019-12-09 07:42:48 +0100 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2019-12-17 19:03:39 +0100 |
| commit | 64ca0a371100fc7dfdb20de9263763e46c88a436 (patch) | |
| tree | 0e417568271dbbcc5817034a624a31d62bf20633 /sys/linux/dev_binder.txt.warn | |
| parent | f950e82d47572b79581fd6b8355504cddb06a7f4 (diff) | |
tools/syz-check: add description checking utility
syz-check parses vmlinux dwarf, extracts struct descriptions,
compares them with what we have (size, fields, alignment, etc)
and produces .warn files.
This is first raw version, it can be improved in a number of ways.
But it already helped to identify a critical issue #1542
and shows some wrong struct descriptions.
Update #590
Diffstat (limited to 'sys/linux/dev_binder.txt.warn')
| -rw-r--r-- | sys/linux/dev_binder.txt.warn | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/sys/linux/dev_binder.txt.warn b/sys/linux/dev_binder.txt.warn new file mode 100644 index 000000000..d474ce500 --- /dev/null +++ b/sys/linux/dev_binder.txt.warn @@ -0,0 +1,48 @@ +0085: struct binder_cmd_transaction: no corresponding struct in kernel +0090: struct binder_cmd_reply: no corresponding struct in kernel +0095: struct binder_cmd_transaction_sg: no corresponding struct in kernel +0101: struct binder_cmd_reply_sg: no corresponding struct in kernel +0110: struct binder_transaction_data: bad number of fields: syz=11 kernel=9 +0111: field binder_transaction_data.handle/target: bad size: syz=4 kernel=8 +0113: field binder_transaction_data.pad/cookie: bad offset: syz=4 kernel=8 +0113: field binder_transaction_data.pad/cookie: bad size: syz=4 kernel=8 +0114: field binder_transaction_data.cookie/code: bad offset: syz=8 kernel=16 +0114: field binder_transaction_data.cookie/code: bad size: syz=8 kernel=4 +0115: field binder_transaction_data.code/flags: bad offset: syz=16 kernel=20 +0116: field binder_transaction_data.flags/sender_pid: bad offset: syz=20 kernel=24 +0117: field binder_transaction_data.sender_pid/sender_euid: bad offset: syz=24 kernel=28 +0118: field binder_transaction_data.sender_euid/data_size: bad offset: syz=28 kernel=32 +0118: field binder_transaction_data.sender_euid/data_size: bad size: syz=4 kernel=8 +0119: field binder_transaction_data.data_size/offsets_size: bad offset: syz=32 kernel=40 +0120: field binder_transaction_data.offsets_size/data: bad offset: syz=40 kernel=48 +0120: field binder_transaction_data.offsets_size/data: bad size: syz=8 kernel=16 +0131: struct binder_offsets: no corresponding struct in kernel +0147: field flat_binder_object.binder/hdr: bad size: syz=24 kernel=4 +0148: field flat_binder_object.weak_binder/flags: bad offset: syz=24 kernel=4 +0148: field flat_binder_object.weak_binder/flags: bad size: syz=24 kernel=4 +0149: field flat_binder_object.handle/: bad offset: syz=48 kernel=8 +0149: field flat_binder_object.handle/: bad size: syz=24 kernel=8 +0150: field flat_binder_object.weak_handle/cookie: bad offset: syz=72 kernel=16 +0150: field flat_binder_object.weak_handle/cookie: bad size: syz=24 kernel=8 +0162: struct binder_fd_object: bad number of fields: syz=5 kernel=4 +0165: field binder_fd_object.fd/: bad size: syz=4 kernel=8 +0166: field binder_fd_object.pad2/cookie: bad offset: syz=12 kernel=16 +0166: field binder_fd_object.pad2/cookie: bad size: syz=4 kernel=8 +0170: struct binder_fd_array_object: bad number of fields: syz=4 kernel=5 +0172: field binder_fd_array_object.num_fds/pad: bad offset: syz=8 kernel=4 +0172: field binder_fd_array_object.num_fds/pad: bad size: syz=8 kernel=4 +0173: field binder_fd_array_object.parnt/num_fds: bad offset: syz=16 kernel=8 +0174: field binder_fd_array_object.parent_offset/parent: bad offset: syz=24 kernel=16 +0189: struct binder_cmd_free_buffer: no corresponding struct in kernel +0194: struct binder_cmd_increfs: no corresponding struct in kernel +0199: struct binder_cmd_acquire: no corresponding struct in kernel +0204: struct binder_cmd_release: no corresponding struct in kernel +0209: struct binder_cmd_decrefs: no corresponding struct in kernel +0214: struct binder_cmd_increfs_done: no corresponding struct in kernel +0220: struct binder_cmd_acquire_done: no corresponding struct in kernel +0226: struct binder_cmd_register_looper: no corresponding struct in kernel +0230: struct binder_cmd_enter_looper: no corresponding struct in kernel +0234: struct binder_cmd_exit_looper: no corresponding struct in kernel +0238: struct binder_cmd_request_death: no corresponding struct in kernel +0244: struct binder_cmd_clear_death: no corresponding struct in kernel +0250: struct binder_cmd_dead_binder_done: no corresponding struct in kernel |