| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
We have fallback coverage implmentation for freebsd.
1. It's broken after some recent changes.
2. We need it for fuchsia, windows, akaros, linux too.
3. It's painful to work with C code.
Move fallback coverage to ipc package,
fix it and provide for all OSes.
|
| |
|
|
| |
No AF_INET is somewhat crazy, but why not.
|
| |
|
|
| |
@evdenis
|
| |
|
|
|
|
|
| |
Add previously skipped SCSI_IOCTL_* ioctls in
the sg rule.
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| |
|
|
|
|
|
|
|
| |
Split sockaddr_xdp for bind.
Bind accepts another sock_xdp in addr.
Without the split getsockaddr "can" create sock_xdp's
because it returns generic sockaddr which contains
all addresses, including sockaddr_xdp, which in turn
contains sock_xdp.
|
| |
|
|
|
| |
Mark output resources as opt in preparation for more
precise constructor calculation.
|
| | |
|
| |
|
|
|
|
|
| |
For ext2/3/4 we have to have errors=continue because the image
can contain errors=panic flag and can legally crash kernel.
Fixes #599
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Update #533
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
We see some crashes that suggest corruption of the syscall number:
invalid command number 1296 (errno 11)
invalid command number 107 (errno 110)
Make the table and the number constant to prevent corruption.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Disable zx_task_kill until we figure out how to prevent executor from killing fuzzer.
Update #594
|
| |
|
|
|
| |
In several places we assume that -1 is failure and 0 is OK.
Use this convention for fuchsia as well.
|
| |
|
|
| |
The call signature has changed in zircon.
|
| |
|
|
| |
It's removed from latest zircon sources.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The id field in the v4l2_event_subscription structure
currently described as: id len[type, int32].
But all the documentation states is:
"id - ID of the event source. If there is no ID associated
with the event source, then set this to 0. Whether or not
an event needs an ID depends on the event type."
So, the documentation clearly states that:
1. id - is the source of an event
2. type - is the type of an event
3. for some types of events there is no source and id can be 0
According to this 'id int32' is more accurate description of
the field.
|
| |
|
|
|
| |
1. lazytime && nolazytime for xfs
2. nossd_spread for btrfs
|
| |
|
|
|
|
|
| |
1. Comment with clarification on how to run qemu added.
2. Fixed description of int type.
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| | |
|
| |
|
|
| |
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| |
|
|
| |
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Add separate options to minimize netdevices setup and net namespace reset.
Fixes #581
|
| | |
|
| | |
|
| |
|
|
|
| |
Turns out it's protection of kcov region that causes coverage drop.
Revert it and re-enable coverage filtering.
|
| |
|
|
|
| |
This causes very significant drop in corpus size. Needs additional debugging.
Revert for now.
|
| |
|
|
|
| |
We only write to the first page of kcov region.
Protect the rest from the fuzzer.
|
| |
|
|
|
|
| |
New measures still does not help against fuzzer producing
fake corrupted coverage.
Try to terminate instantly as we detect bad coverage.
|
| |
|
|
|
| |
Fuzzer manages to corrupt output region and write random coverage again and again.
Do a sanity range check on coverage PCs to filter out invalid ones.
|
| |
|
|
|
| |
Fuzzer manages to corrupt output region and write random coverage again and again.
Randomize output region addr to make it harder.
|
| |
|
|
|
|
|
|
|
| |
gcc8 is stricter when dealing with strings and strncpy and demands that
the size of the actual string to be copied to be explicitly smaller than
the size of the destination, just to make sure the NULL terminator is
taken into considerantion. This patch fixes the issue.
Signed-off-by: Ioana Ciornei <ciorneiioana@gmail.com>
|
| |
|
|
|
| |
Now generated on:
https://source.codeaurora.org/quic/la/kernel/msm-4.9 msm-4.9
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
For now other arches are regenerated on upstream tree.
It does not contain a bunch of consts, so we define them to 1 for now.
arm64 consts are left intact.
video4linux.txt is added to "android" files in syz-extract,
so that future make extract runs don't overwrite arm64 consts.
Also fix VIDIOC_G_FBUF argument direction, currently tests crash with:
panic: call ioctl$VIDIOC_G_FBUF: pointer arg 'buffer' has output direction [recovered]
panic: call ioctl$VIDIOC_G_FBUF: pointer arg 'buffer' has output direction
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update #533
As TC(net sched) is a large group, I separate it from socket_netlink_route.txt.
Currently I only implement the framework with two qdisc/tclass/filters.
I will add the others later.
v2: Fix tcm_handle major and minor order. Add tcm_handle_offsets.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
| |
|
|
| |
Update #538
|
| |
|
|
|
|
|
|
|
| |
Move generated files to gen subdir. This allows to:
1. Rebuild init.go without rebuilding generated code.
2. Excluding generated files from gometalinter checking.
This makes faster and consume less memory.
Update #538
|
| |
|
|
| |
Update #538
|
| |
|
|
| |
Update #538
|
| | |
|
| | |
|
