aboutsummaryrefslogtreecommitdiffstats
path: root/pkg/csource
Commit message (Collapse)AuthorAgeFilesLines
...
* executor: simplify initialize_tunDmitry Vyukov2018-02-262-28/+33
| | | | Remove executor_pid, enable_tun and setup_tun.
* sys/linux: remove proc type from network descriptionsDmitry Vyukov2018-02-261-41/+23
| | | | | | | | | | We now always create net namespace for testing, so socket ports and other IDs do not overlap between different test processes. Proc types play badly with squashing packets to ANYBLOB. To squash into a block we need concrete value, but it depends on process id. Removing proc also makes tun setup and address descriptions simpler.
* executor, pkg/csource: make fd numbers consistentDmitry Vyukov2018-02-261-3/+11
| | | | | | | | | | | Currently when executor creates fd's it gets: 0, 3, 4. When tun is enabled: 3, 4, 5. For C programs: 3, 4, 5. When run is enabled: 4, 5, 6. Theoretically it should not matter, but these fd numbers are probably sometimes are used as data. So make them consistent in all these cases (3, 4, 5).
* executor: use proper default values for resourcesDmitry Vyukov2018-02-261-48/+46
| | | | | | | | | We currently use -1 as default value for resources when the actual value is not available. -1 is good for fd's, but is not the right default value for pointers/keys/etc. Pass from prog and use in executor proper default value for resources.
* executor: bring up bond and veth devicesDmitry Vyukov2018-02-221-2/+3
|
* prog: rework address allocationDmitry Vyukov2018-02-191-11/+36
| | | | | | | | | | | | 1. mmap all memory always, without explicit mmap calls in the program. This makes lots of things much easier and removes lots of code. Makes mmap not a special syscall and allows to fuzz without mmap enabled. 2. Change address assignment algorithm. Current algorithm allocates unmapped addresses too frequently and allows collisions between arguments of a single syscall. The new algorithm analyzes actual allocations in the program and places new arguments at unused locations.
* prog: combine RequiresBitmasks and RequiresChecksums into RequiredFeaturesDmitry Vyukov2018-02-191-2/+3
|
* executor: fix buildDmitry Vyukov2018-02-171-0/+1
| | | | Older versions of linux require an additional header.
* sys/linux: add bridge netfilter supportDmitry Vyukov2018-02-171-0/+96
|
* executor: compile with -O2Dmitry Vyukov2018-02-101-10/+11
| | | | | We don't frequently debug it and it does some intensive computations on coverage, so no reason to not compile with -O2.
* pkg/csource: fix debug callsDmitry Vyukov2018-02-091-5/+2
| | | | debug calls are only properly stripped if they are on a single line.
* sys/linux: improve netfilter descriptionsDmitry Vyukov2018-02-091-37/+193
| | | | | | | | | | | | | | | | Put the underflow entry at the end. Entries must end on an unconditional, non-goto entry, otherwise fallthrough from the last entry is invalid. Add arp tables support. Split unspec matches/targets to unspec and inet. Reset ipv6 and arp tables in executor. Fix number of counters in tables. Plus a bunch of assorted fixes for matches/targets.
* executor: fix 32-bit supportDmitry Vyukov2018-01-281-2/+1
| | | | | ipt_get_entries.entrytable must be pointer aligned, so in 32-bit build there is no padding before it.
* sys/linux: extend netfilter descriptionsDmitry Vyukov2018-01-273-0/+155
|
* executor: handle old and new selinux mount pointsDmitry Vyukov2018-01-231-2/+5
|
* sys/linux: add netfilter descriptionsDmitry Vyukov2018-01-221-7/+8
| | | | Lots of TODOs and only ipv4, but some start.
* sys/linux: more selinux descriptionsDmitry Vyukov2018-01-181-1/+6
|
* executor: fix tun/device setup for sandbox=namespaceDmitry Vyukov2018-01-151-8/+27
| | | | | | | | For sandbox=namespace we first create network devices and then do CLONE_NEWNS, which brings us into a new namespace which actually does not have any of these devices. Tun mostly worked, because we hold fd to the tun device. However, even for tun we could not see the "syz0" device.
* executor: setup network devicesDmitry Vyukov2018-01-131-18/+48
| | | | | | We test in a new network namespace, which does not have any devices set up (even lo). Create/up as many devices as possible. Give them some addresses and use these addresses in descriptions.
* pkg/csource: fix build of generated filesDmitry Vyukov2018-01-061-1/+1
| | | | | | | | | On another machine both clang and gcc produce: test.c:163:32: error: invalid suffix "+procid" on integer constant *(uint32_t*)0x20001004 = 0x25dfdbfe+procid*4; Not sure why this wasn't caught on buildbot.
* pkg/csource: tidy up generated code a bitDmitry Vyukov2017-12-272-16/+26
| | | | | | | Remove dup newlines around includes. Makes int values shorter if not hurting readability. Increase line len to 80. Remove {} when not needed during copyout.
* executor: introduce uint64/32/16/8 typesDmitry Vyukov2017-12-275-165/+187
| | | | | | | | | | | | | | | The "define uint64_t unsigned long long" were too good to work. With a different toolchain I am getting: cstdint:69:11: error: expected unqualified-id using ::uint64_t; ^ executor/common.h:34:18: note: expanded from macro 'uint64_t' Do it the proper way: introduce uint64/32/16/8 types and use them. pkg/csource then does s/uint64/uint64_t/ to not clutter code with additional typedefs.
* executor: fix another format bugDmitry Vyukov2017-12-271-1/+1
| | | | Detected only by clang.
* pkg/csource: add top-level repeat loopDmitry Vyukov2017-12-271-16/+28
| | | | | | | | Even if all 3 levels of processes in executor exit, execprog will still recreate them. Model the same in csource. This matters when the inner process kills loop and then everything stops.
* pkg/csource: simplify generated codeDmitry Vyukov2017-12-271-5/+3
| | | | We already have procid variable, no need to introduce i.
* executor: check format stringsDmitry Vyukov2017-12-275-35/+40
| | | | | | | | | | | | | | | | | | | I see a crash which says: #0: too much cover 0 (errno 0) while the code is: uint64_t n = ...; if (n >= kCoverSize) fail("#%d: too much cover %u", th->id, n); It seems that the high part of n is set, but we don't see it. Add printf format attribute to fail and friends and fix all similar cases. Caught a bunch of similar cases and a missing argument in: exitf("opendir(%s) failed due to NOFILE, exiting");
* pkg/csource: mimic the way syscalls are scheduled in executorDmitry Vyukov2017-12-222-22/+70
| | | | | | | | Currently csource uses completely different, simpler way of scheduling syscalls onto threads (thread per call with random sleeps). Mimic the way calls are scheduled in executor. Fixes #312
* executor: remove dead codeDmitry Vyukov2017-12-221-2/+0
| | | | doexit already contains an infinite loop.
* pkg/csource: fix handling of proc typesDmitry Vyukov2017-12-222-18/+37
| | | | | | | | | | Generated program always uses pid=0 even when there are multiple processes. Make each process use own pid. Unfortunately required to do quite significant changes to prog, because the current format only supported fixed pid. Fixes #490
* pkg/csource: limit thread stacksDmitry Vyukov2017-12-221-2/+5
| | | | | | | | | We always set RLIMIT_AS to 128MB. I've debugged a program with 21 syscalls. With collide it creates 42 threads. With default stack size of 8MB this requires: 42*8 = 336MB. Thread creation fails and nothing works. Limit thread stacks the same way executor does. Fixes #488
* pkg/csource: fix string escaping bugDmitry Vyukov2017-12-221-0/+2
|
* pkg/csource: make strings more readableDmitry Vyukov2017-12-171-11/+56
| | | | | If string contains a file name or a crypto alg name, don't escape it all to hex.
* prog: use dense indexes for copyout instructionsDmitry Vyukov2017-12-171-13/+42
| | | | Fixes #174
* prog: add DeserializeExecDmitry Vyukov2017-12-171-124/+77
| | | | | | | | | Factor out program parsing from pkg/csource. csource code that parses program and at the same time formats output is very messy and complex. New aproach also allows to understand e.g. when a call has copyout instructions which is useful for better C source output.
* pkg/csource: refactorDmitry Vyukov2017-12-174-179/+230
| | | | | | | csource.go is too large and messy. Move Build/Format into buid.go. Move generation of common header into common.go. Split generation of common header into smaller managable functions.
* sys: move test syscalls to a separate targetDmitry Vyukov2017-12-172-7/+3
| | | | | | We have them in linux solely for historical reasons. Fixes #462
* executor: fix macros in common.hAndrey Konovalov2017-12-144-12/+16
|
* executor: fix buildDmitry Vyukov2017-12-064-16/+34
| | | | | | exitf function was not defined with some combinations of options in csource. Fix defines and switch exitf back to fail, fail already checks ENOMEM/EAGAIN, so there is no reason to use exitf in this particular case.
* sys/linux: open files from /procDmitry Vyukov2017-11-271-8/+28
|
* sys/syz-extract: fix mmap on armDmitry Vyukov2017-11-231-1/+1
| | | | | | | __NR_mmap is missing on arm entirely, so we disable mmap during generate. Patch mmap to mmap2 right in syz-extract, so that mmap is never missing.
* pkg/csource: add function to parse serialized optionsDmitry Vyukov2017-11-174-105/+215
| | | | | Also move options and options tests into a separate file, add serialization function.
* pkg/osutil: don't leace runaway processesDmitry Vyukov2017-11-161-4/+5
| | | | | | When manager is stopped there are sometimes runaway qemu processes still running. Set PDEATHSIG for all subprocesses. We never need child processes outliving parents.
* executor: proceed even if /dev/net/tun is not availableAndrey Konovalov2017-11-081-2/+12
| | | | | | | | | For some racy bugs syzkaller can generate a C reproducer with tun enabled, when it's not actuallly required to trigger the bug. Some kernel developers (that don't have CONFIG_TUN=y on their setups) complain about such C repros. When tun is not available, instead of exiting, print a message that tun initialization failed and proceed.
* csource: Fix sed(1) invocationzoulasc2017-11-061-4/+4
| | | | | | | | There is no need to specify '-' as the filename for sed(1): - The default behavior is to read stdin - It was not done in all places - It breaks on NetBSD sed(1) (although I am tempted to fix it now :-) and it does not work
* pkg/csource: add freebsd/netbsd supportDmitry Vyukov2017-10-264-0/+652
|
* executor: fix build breakages due to doexitDmitry Vyukov2017-10-192-6/+21
| | | | | Some standard libraries contain "using ::exit;", which breaks with the current redefinition of exit.
* executor: fix akaros nonfailing modeDmitry Vyukov2017-10-161-1/+9
|
* executor, pkg/ipc: unify ipc protocol between linux and other OSesDmitry Vyukov2017-10-163-12/+17
| | | | | | | | | | | | | | | | | We currently use more complex and functional protocol on linux, and a simple ad-hoc protocol on other OSes. This leads to code duplication in both ipc and executor. Linux supports coverage, shared memory communication and fork server, which would also be useful for most other OSes. Unify communication protocol and parametrize it by (1) use of shmem or only pipes, (2) use of fork server. This reduces duplication in ipc and executor and will allow to support the useful features for other OSes easily. Finally, this fixes akaros support as it currently uses syz-stress running on host (linux) and executor running on akaros.
* pkg/csource: support akarosDmitry Vyukov2017-10-164-123/+548
|
* executor: write debug output to stderrDmitry Vyukov2017-10-161-2/+2
| | | | | | We print all other output to stderr, write debug output to stderr as well. This does not matter for the main use case of running syz-execprog -debug, but can is helpful if we want to communicate with syz-executor via stdin/stdout.
generated by ggit (джигит) mrf-deployment (git 2.46.0) at 2026-03-18 20:25:35 +0000