aboutsummaryrefslogtreecommitdiffstats
path: root/executor
Commit message (Collapse)AuthorAgeFilesLines
* prog: handle excessive args and fields during program parsingDmitry Vyukov2018-03-051-4/+10
| | | | | Tolerate excessive args and fields during program parsing. This is useful after description changes to not lose corpus.
* sys/linux: use size attributes on structsDmitry Vyukov2018-03-051-5/+5
| | | | | | | | | | | 1. Add size attribte on sockaddr. 2. Remove sockaddr's that are larger than 16 bytes from sockaddr. 3. Add size attribute on sockaddr_storage which wasn't actually 128 bytes. 4. Add size attribute to ifreq. 5. Fix ifmap field types as uncovered by the size attributes. 6. Fix sockaddr_storage_tcp from struct to union which is should be. 7. Make sockaddr_un_file fixed size as it should be. 8. Fix some explicit paddings that were only correct for 64 bits.
* pkg/compiler: allow specifying static size for filename'sDmitry Vyukov2018-03-051-4/+6
| | | | Sometimes filenames are embed into structs and need to take fixed space.
* pkg/compiler: support size attribute for unionsDmitry Vyukov2018-03-051-4/+6
|
* pkg/compiler: add size attribute for structsDmitry Vyukov2018-03-051-4/+6
| | | | The size attribute allows to pad a struct up to the specified size.
* sys/linux: a bunch of assorted improvements and fixesDmitry Vyukov2018-03-051-33/+13
|
* sys/linux: add remaining aux netfilter descriptionsDmitry Vyukov2018-03-011-10/+98
|
* sys/linux: few assorted additionsDmitry Vyukov2018-02-261-9/+17
|
* prog: properly squash bitfieldsDmitry Vyukov2018-02-261-2/+2
|
* executor: simplify initialize_tunDmitry Vyukov2018-02-262-27/+30
| | | | Remove executor_pid, enable_tun and setup_tun.
* sys/linux: remove proc type from network descriptionsDmitry Vyukov2018-02-262-46/+28
| | | | | | | | | | We now always create net namespace for testing, so socket ports and other IDs do not overlap between different test processes. Proc types play badly with squashing packets to ANYBLOB. To squash into a block we need concrete value, but it depends on process id. Removing proc also makes tun setup and address descriptions simpler.
* sys/linux: make tcp_seq_num asymmetricDmitry Vyukov2018-02-261-5/+5
| | | | | | Currently it's 0x42424242 so it's not possible to understand the value endianess in hints code. Make it assymmetric so that endinaness is clear.
* executor, pkg/csource: make fd numbers consistentDmitry Vyukov2018-02-262-23/+33
| | | | | | | | | | | Currently when executor creates fd's it gets: 0, 3, 4. When tun is enabled: 3, 4, 5. For C programs: 3, 4, 5. When run is enabled: 4, 5, 6. Theoretically it should not matter, but these fd numbers are probably sometimes are used as data. So make them consistent in all these cases (3, 4, 5).
* executor: use proper default values for resourcesDmitry Vyukov2018-02-261-21/+21
| | | | | | | | | We currently use -1 as default value for resources when the actual value is not available. -1 is good for fd's, but is not the right default value for pointers/keys/etc. Pass from prog and use in executor proper default value for resources.
* prog: add arbitrary mutation of complex structsDmitry Vyukov2018-02-253-11/+15
| | | | | | Squash complex structs into flat byte array and mutate this array with generic blob mutations. This allows to mutate what we currently consider as paddings and add/remove paddings from structs, etc.
* pkg/compiler: fix alignment corner caseDmitry Vyukov2018-02-252-9/+11
| | | | | Fix alignemnt calculation for packed structs with alignment and bitfields. Amusingly this affected only a single real struct -- ipv6_fragment_ext_header.
* pkg/compiler: don't assign call IDs staticallyDmitry Vyukov2018-02-257-13/+13
| | | | | | IDs change whenever a call is added or removed, this leads to large diffs unnecessarly. Assign IDs dynamically.
* pkg/compiler: allow unions as syscall argumentsDmitry Vyukov2018-02-231-4/+6
| | | | | If all union options can be syscall arguments, allow the union itself as syscall argument.
* sys: fix descriptions for strickter return type checksDmitry Vyukov2018-02-233-7/+7
| | | | | Mostly remove vma as return from some mm syscalls. This is unnecessary and we never used these.
* sys/linux: add AF_SMC socketsDmitry Vyukov2018-02-221-8/+16
|
* executor: bring up bond and veth devicesDmitry Vyukov2018-02-222-7/+8
|
* sys/linux: add few ip and tcp optionsDmitry Vyukov2018-02-221-5/+5
|
* sys/linux: minor fixes to bt descriptionsDmitry Vyukov2018-02-191-5/+5
|
* pkg/compiler: fix corner case in alignment calculationDmitry Vyukov2018-02-193-11/+13
|
* prog: rework address allocationDmitry Vyukov2018-02-1912-14/+73
| | | | | | | | | | | | 1. mmap all memory always, without explicit mmap calls in the program. This makes lots of things much easier and removes lots of code. Makes mmap not a special syscall and allows to fuzz without mmap enabled. 2. Change address assignment algorithm. Current algorithm allocates unmapped addresses too frequently and allows collisions between arguments of a single syscall. The new algorithm analyzes actual allocations in the program and places new arguments at unused locations.
* executor: fix buildDmitry Vyukov2018-02-171-0/+1
| | | | Older versions of linux require an additional header.
* sys/linux: add bridge netfilter supportDmitry Vyukov2018-02-172-10/+112
|
* pkg/compiler: allow len of var-len arraysDmitry Vyukov2018-02-171-4/+6
| | | | | All netfilter subsystems use this unfortunately, so demote this to a warning.
* sys/linux: fixes for network descriptionsDmitry Vyukov2018-02-171-5/+5
| | | | | | | 1. Fix connlimit netfilter match version. 2. Fix xt_time_info layout. 3. Introduce mac_addr_mask type. 4. Limit vlan id's for better matches between them.
* sys/linux: fix field names in netfilterDmitry Vyukov2018-02-101-5/+5
|
* executor: compile with -O2Dmitry Vyukov2018-02-101-10/+11
| | | | | We don't frequently debug it and it does some intensive computations on coverage, so no reason to not compile with -O2.
* pkg/csource: fix debug callsDmitry Vyukov2018-02-091-5/+2
| | | | debug calls are only properly stripped if they are on a single line.
* sys/linux: improve netfilter descriptionsDmitry Vyukov2018-02-092-47/+211
| | | | | | | | | | | | | | | | Put the underflow entry at the end. Entries must end on an unconditional, non-goto entry, otherwise fallthrough from the last entry is invalid. Add arp tables support. Split unspec matches/targets to unspec and inet. Reset ipv6 and arp tables in executor. Fix number of counters in tables. Plus a bunch of assorted fixes for matches/targets.
* sys/linux: describe some new 4.16 featuresDmitry Vyukov2018-02-011-10/+35
|
* sys/syz-extract: save unsupported consts to the const filesDmitry Vyukov2018-02-011-5/+5
| | | | | | | | | | | We currently print unsupported consts to console during make extract. But this is not very useful as there are too many output now. This also does not allow to understand what's unsupported in newly checked-in descriptions, or what's unsupported in all current decriptions. Save unsupported consts to the const files instead. This solves all of the above problems.
* executor: fix 32-bit supportDmitry Vyukov2018-01-281-2/+1
| | | | | ipt_get_entries.entrytable must be pointer aligned, so in 32-bit build there is no padding before it.
* sys/linux: extend netfilter descriptionsDmitry Vyukov2018-01-273-11/+172
|
* pkg/compiler: allow unions with only 1 fieldDmitry Vyukov2018-01-271-4/+6
| | | | | | | | | | | | | Unions with only 1 field are not actually unions, and can always be replaced with the option type. However, they are still useful when there will be more options in future but currently only 1 is described. Alternatives are: - not using union (but then all existing programs will be broken when union is finally introduced) - adding a fake field (ugly and reduces fuzzer efficiency) Allow unions with only 1 field.
* sys/linux: fix devname_mask alignmentDmitry Vyukov2018-01-241-5/+5
| | | | | | Since we use int64, it has 8-byte alignment. It's wrong, it must have 1-byte alignment. Use int8 instead.
* sys/linux: add IPPROTO_L2TP to vnet protosDmitry Vyukov2018-01-241-5/+5
|
* pkg/compiler, prog: fix template parent lensDmitry Vyukov2018-01-241-4/+6
| | | | | | | It's possible that a struct can have 2+ parents, which is the same template (differs only by arguments). See the new test case. Support such case.
* executor: handle old and new selinux mount pointsDmitry Vyukov2018-01-231-2/+6
|
* pkg/compiler: fix len of parent template structDmitry Vyukov2018-01-231-4/+6
| | | | | | | | | | | | | | | | | | | | | Consider the following example: type len_templ1[DATA1, DATA2] { data DATA1 inner len_temp2[DATA2] } type len_temp2[DATA] { data DATA len len[len_templ1, int8] } Here len refers to a parent struct, but the struct is a template, so it's actual name is something like "len_templ1[int8, int16]". Currently this does not work as compiler barks at incorrect len target. Make this work.
* sys/linux: add netfilter descriptionsDmitry Vyukov2018-01-221-10/+15
| | | | Lots of TODOs and only ipv4, but some start.
* executor: reshuffle namespace sandboxing sequence againDmitry Vyukov2018-01-221-11/+14
| | | | | | | | | | Now we create tun in the _outer_ net namespace, which is tied to init user namespace. Thus fuzzer does not have CAP_ADMIN in it. In the end it seems that there is no sandboxing sequence, which would give us everything we need. Reshuffle sequences so that we have corrent namespace hierarchy, but don't have IFF_NAPI_FRAGS.
* sys/linux: add AF_VSOCK/vhost descriptionsDmitry Vyukov2018-01-191-10/+180
|
* sys/linux: add AF_RDS descriptionsDmitry Vyukov2018-01-191-10/+70
|
* executor: harden a bit against fuzzer madnessDmitry Vyukov2018-01-191-8/+14
|
* sys/linux: make xattr prefix non-zero-terminatedDmitry Vyukov2018-01-181-5/+5
|
* sys/linux: more selinux descriptionsDmitry Vyukov2018-01-182-11/+46
|
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-30 22:20:03 +0000