| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Checking in the generated descriptions files makes few things simpler,
but causes pain for pull requests: (1) PRs that touch descriptions
_always_ conflict, (2) PRs are large and harder to review,
(3) people sometimes forget to add auto-generated files.
The proposed way does not require us to hardcode lots of dependencies
in the Makefile (which is nice) and seem to work.
Let's see how it works.
The main contributor-visible consequence is that the auto-generated
files do not need to be checked-in now.
Credit for figuring the Makefile magic goes to @melver.
Fixes #1291
|
| |
|
|
| |
Use special values for hop limit to increase likelihood of triggering certain paths.
|
| |
|
|
| |
Additionally fix a type for ipv6_hopopts_ext_header
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add prog.Ref Type that serves as a proxy for real types
and allows to deduplicate Types in generated descriptions.
The Ref type is effectively an index in an array of types.
Just before serialization pkg/compiler replaces real types
with the Ref types and prepares corresponding array of real types.
When a Target is registered in prog package, we do the opposite
operation and replace Ref's with the corresponding real types.
This brings improvements across the board:
compiler memory consumption is reduced by 15%,
test building time by 25%, descriptions size by 33%.
Before:
$ du -h sys/linux/gen
54M sys/linux/gen
$ time GOMAXPROCS=1 go test -p=1 -c ./prog
real 0m54.200s
real 0m53.883s
$ time GOMAXPROCS=1 go install -p=1 ./tools/syz-execprog
real 0m27.911s
real 0m27.767s
$ TIME="%e %P %M" GOMAXPROCS=1 time go tool compile ./sys/linux/gen
20.59 100% 3200016
20.97 100% 3445976
20.25 100% 3209684
After:
$ du -h sys/linux/gen
36M sys/linux/gen
$ time GOMAXPROCS=1 go test -p=1 -c ./prog
real 0m42.290s
real 0m43.230s
$ time GOMAXPROCS=1 go install -p=1 ./tools/syz-execprog
real 0m24.337s
real 0m24.727s
$ TIME="%e %P %M" GOMAXPROCS=1 time go tool compile ./sys/linux/gen
19.11 100% 2764952
19.66 100% 2787624
19.35 100% 2749376
Update #1580
|
| |
|
|
|
|
|
|
| |
* started with freebsd/vnet.txt
* pruned unsupported items
* gmake extract
* gmake generate_sys
* gmake fomat
|
| | |
|
| |
|
|
|
| |
We had these hard-coded for fuchsia and linux accordingly.
Replace with call attributes.
|
| |
|
|
|
|
|
| |
Move additional call/prog timeouts to descriptions.
Due to this logic duplication executor used 50ms
for syz_mount_image, while pkg/csource used 100ms.
|
| |
|
|
|
|
| |
Add common infrastructure for syscall attributes.
Add few attributes we want, but they are not implemented for now
(don't affect behavior, this will follow).
|
| | |
|
| |
|
|
| |
Add few private ipv4/6 addresses that may affect kernel behavior.
|
| |
|
|
|
|
|
|
|
|
|
| |
On the current linux-next:
f19bb13a0eaf0034a603e3b54a7c3a50faf6821e (next-20200414)
EXT4_EOFBLOCKS_FL was removed by 4337ecd1fe997d2b2135b4434caaccdb47c10c06
ARM does not support KVM anymore, removed by 541ad0150ca4 ("arm: Remove 32bit KVM host support").
Fixes #1676
|
| | |
|
| |
|
|
| |
Signed-off-by: Paul Chaignon <paul@cilium.io>
|
| |
|
|
| |
Signed-off-by: Paul Chaignon <paul@cilium.io>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
We do similar truncation for values in the prog package (truncateToBitSize).
Truncating them in the generated descriptions makes it possible
to directly compare values (otherwise -1 and truncated -1 don't match).
|
| |
|
|
|
|
|
|
| |
flags[foo, int8]
foo = 0x12345678
is always an error, detect these cases.
Found some bugs in mptcp, packet sockets, kvm.
|
| |
|
|
|
| |
const[0x12345678, int8] is always an error, detect these cases.
Found some bugs in mptcp, socket proto and fuchsia fidl descriptions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we have:
ioctl(fd fd, cmd int32)
ioctl$FOO(fd fd, cmd const[FOO])
Currently we assume that cmd size in ioctl$FOO is sizeof(void*).
However, we know that in ioctl it's specified as int32,
so we can infer that the actual syscall size is 4.
This massively reduces sizes of socket/setsockopt/getsockopt/ioctl
and some other syscalls, which is good because we now use physical
size in mutation/hints and some other places.
This will also enable not morphing ioctl's into other ioctl's.
Update #477
Update #502
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure that we don't have conflicting sizes for the same argument
of the same syscall, e.g.:
foo$1(a int16)
foo$2(a int32)
This is useful for several reasons:
- we will be able avoid morphing syscalls into other syscalls
- we will be able to figure out more precise sizes for args
(lots of them are implicitly intptr, which is the largest
type on most important arches)
- found few bugs in linux descriptions
Update #477
Update #502
|
| |
|
|
| |
This is just tedious. Fabricate them on the fly.
|
| |
|
|
|
|
|
| |
Among other things this changes timeout for USB programs from 2 to 3 seconds.
ath9k fuzzing also requires ath9k firmware to be present, so system images
need to be regenerated with the updated script.
|
| |
|
|
|
|
|
|
|
|
| |
This is one of the root causes of the 'no output from test machine'
panic. Issuing a DIOCKILLSTATES ioctl on a /dev/pf file descriptor will
cause state associated with ongoing connections to be purged;
effectively killing the ssh connection to the VM.
Including net/pfvar.h is necessary in order to make use of the
DIOCKILLSTATES define.
|
| |
|
|
| |
Incomplete, but something.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
These are not present in linux-next.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Code in net/ethernet/eth.c does this:
__be16 eth_type_trans(struct sk_buff *skb, struct net_device *dev)
{
...
if (unlikely(!ether_addr_equal_64bits(eth->h_dest,
dev->dev_addr))) {
if (unlikely(is_multicast_ether_addr_64bits(eth->h_dest))) {
if (ether_addr_equal_64bits(eth->h_dest, dev->broadcast))
skb->pkt_type = PACKET_BROADCAST;
else
skb->pkt_type = PACKET_MULTICAST;
} else {
skb->pkt_type = PACKET_OTHERHOST;
}
}
Multicast and broadcast are distinct and dev->broadcast seems to be ffffffffffff
by default, so add another multicast mac address that will serve as PACKET_MULTICAST.
|
| |
|
|
|
|
| |
Create individual file for futex syscall and add description for the new
operation FUTEX_WAIT_MULTIPLE.
Signed-off-by: André Almeida <andrealmeid@collabora.com>
|
| |
|
|
| |
Signed-off-by: Paul Chaignon <paul.chaignon@gmail.com>
|
