| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Transform the hard-coded list of feature combinations in to individual
groups of features.
|
| |
|
|
|
|
|
|
|
| |
Introduce a new Filesystem parameter - the maximum number of resulting
seeds.
If the total number of flag combinations exceeds this number, switch to
generating a covering array (that is, make sure that all flag value
pairs are covered, or at least as many of them as possible).
|
| |
|
|
|
|
|
|
|
| |
Don't generate just the hard-coded list of filesystems, but also
generate seeds for the externally supplied json description of a
filesystem.
Add a special syscall attribute to help syz-imagegen guess the actual
filesystem name from the syz_mount_image variant name.
|
| |
|
|
| |
Use the parameters as discussed in https://groups.google.com/g/syzkaller/c/h002HJplxP0/m/ypISQYYpAwAJ
|
| | |
|
| |
|
|
|
|
| |
If we send exec encoding to the fuzzer, it's not necessary to serialize
exec encoding into existing buffer (currnetly we serialize directly into shmem).
So simplify code by serializing into a new slice.
|
| | |
|
| | |
|
| |
|
|
|
| |
Fill fake images with unique 4-byte values.
This allows hints mutation to easily guess magic numbers and checksums.
|
| |
|
|
|
|
|
| |
Move image compression-related function to a separate package.
In preperation for subsequent changes that make decompression
more complex. Prog package is already large and complex.
Also makes running compression tests/benchmarks much faster.
|
| |
|
|
| |
In preparation for subsequent changes that introduce image package.
|
| | |
|
| |
|
|
|
| |
Since syz_mount_image calls are no_generate we need to add at least some
empty seeds for all for filesystems.
|
| | |
|
| | |
|
| |
|
|
| |
Fixes #3529
|
| |
|
|
|
|
| |
This will allow us to mutate the image size.
Fixes #3527
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`compressed_image`
Rather than accepting "segments", `syz_mount_image` now accepts a
compressed image. Since this is already a corpus-breaking change, also
rearrange the arguments so that the image is at the end. This makes it
easier to inspect what the other arguments are set to.
We need to increase the timeout associated with `syz_mount_image`, as
decompression and execution take a little longer. 5000ms should be very
generous.
This commit updates the descriptions and the `syz-imagegen` tool.
The executor, seed images, and asset saving will be updated in future commits.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a boolean argument to the `syz_mount_image` pseudo-syscall. When
this is true, `syz_mount_image` will change directory to the mountpoint
after mounting the image passed.
Experimentation suggests that to reproduce many non-`ext4` filesystem
bugs, it is sufficient to mount the filesystem within an `ext4`-based VM
and then change directory to the mountpoint before executing code.
This change aims to increase the probability that a mount operation will
be succeeded by the corresponding change in directory, and so increase
the probability of finding non-`ext4` bugs.
We also have to update the `syz-imagegen` tool. Now it generates seed
`syz_mount_image` calls with change of directory enabled. The previous
behaviour (i.e. no change of directory) will be recovered by use of
existing corpuses and fuzzing the change-of-directory argument.
The next commit will regenerate all `syz_mount_image` seeds.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regenerate using the following versions:
mkfs.f2fs 1.14.0 (2020-08-24)
mkfs.btrfs btrfs-progs v5.18.1
mkfs.fat 4.2 (2021-01-31)
mkexfatfs 1.3.0
mkfs.bfs util-linux 2.38
mkfs.xfs 5.19.0
mkfs.minix util-linux 2.38
mkfs.reiserfs 3.6.27
mkfs.jfs 1.1.15 (2011-03-04)
mkntfs libntfs-3g v2022.5.17
mke2fs 1.46.5 (2021-12-30)
mkfs.gfs2 3.4.1
mkfs.ocfs2 1.8.7
mkfs.cramfs util-linux 2.38
genromfs 0.5.2
mkfs.erofs 1.5
makefs 20190105-3
mkudffs udftools 2.3
mkfs.jffs2 mtd-utils 2.1.4
mkfs.nilfs2 nilfs-utils 2.2.8
mksquashfs sqaushfs-tools 4.5.1
genisomage 1.1.11
NB: NTFS3 is not included here as my kernel does not seem to be compiled
with it.
No errors appear (except for failure to find NTFS3).
This commit also updates a comment in `imagegen.go` listing dependencies.
|
| |
|
|
|
|
|
|
| |
Add a comment to `syz-imagegen` output files indicating which options
were used to create the image. This is useful for documentation and
debugging.
Images will be regenerated in a future commit.
|
| |
|
|
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs ntfs` fails for two images which use the
`-s 256 -c 256` option. These are indexed 0 and 1 - but no
syz_mount_image_ntfs_{0,1} images exist on the GitHub repo, and a quick
`git log --full-history` suggests they never did.
This commit removes the `-s 256 -c 256` option so that a call of
`syz_imagegen` succeeds without any errors. Images will be regenerated
in a future commit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs udf` fails for two images. `dmesg` indicates the
following issue:
udf_load_sparable_map: error loading logical volume descriptor: Too big sparing table size (568)
This was introduced in the following commit:
torvalds/linux@44ac6b829c4e173fdf6df18e6dd86aecf9a3dc99
Interestingly in response to a `syzbot` bug report!
`mkfs.udf` requires the size of the sparing table to be no more than the
block size. This commit specifies the sparing table size as the block
size (512) for the previously failing images. Images will be regenerated
in a future commit.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs xfs` fails due with the following message:
Filesystem must be larger than 300MB.
This was introduced by the commit below:
6e0ed3d19c54603f0f7d628ea04b550151d8a262
in repo https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git
However, the change allows bypassing of this check by using the
`--unsupported` flag.
This commit adds this flag. Images will be regenerated in a future commit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs erofs` fails for some images with the following message:
<E> erofs: failed to initialize compressor: [Error 22] Invalid argument
<E> erofs: Could not format the device : [Error 22] Invalid argument
This error appears only for the runs with `lz4` compression enabled.
The commit below seems to be responsible for the changed behaviour:
96a59540090c6376553ff6cd5a042efea53d2d50
in repo https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git
Previously, it seems any compression level specified for `lz4` would be
ignored. Now, it is considered incompatible.
This commit removes the compression level. Images will be regenerated in
a future commit.
|
| |
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs vfat` now fails for some images with the following message:
mkfs.vfat: Not enough or too many clusters for filesystem - try less or more sectors per cluster
This error appears only for the runs with sectors per cluster set to `-s 128`.
This commit takes the error message's advice by reducing sectors per
cluster to `-s 64`. Images will be regenerated in a future commit.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
`./syz-imagegen -fs f2fs` fails for some images due to the following commit:
fe154d525044b9daa6ccc9e8fbd3cdcf9000adc3
in repo https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git
Before this commit, users could specify the `-m` flag to `mkfs.f2fs` and
if no zoned block device was found, it would fall back to non-zoned
behaviour. Therefore even though we specified the `-m` flag in
`syz-imagegen` it was never really used.
This commit removes the unused `-m` flag. Images will be regenerated in
a future commit.
|
| |
|
|
|
|
|
|
|
|
| |
5.15 kernel get new filesystem driver for ntfs called ntfs3. Old driver
is still in use so we do not delete it yet.
Generated test images are made with mkntfs v2021.8.22 (libntfs-3g) and
ntfs3 version from 5.17-rc7. For some reason I did not manage to
generate images with "-s 256" due some ntfs3 error. We can add those
later when we work out what is going on with those.
|
| |
|
|
|
|
|
|
|
|
|
| |
"make generate" produces this diff when go 1.17 (go1.17-c95464f0ea3f==upstream)
is used. Seems compatible with >=1.16.
https://github.com/golang/go/commit/4d2d89ff42ca documents the syntax.
https://github.com/golang/go/commit/eeadce2d8713 enforces "ignore" for
unsatisfiable tags hence the pkg/csource/gen.go change.
Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We use strings to identify OS/Arch.
These strings are duplicated throughout the code base massively.
golangci-lint points to possiblity of typos and duplication.
We already had to define these names in pkg/csource
and disable checking for prog package. A future change triggers
such warnings in another package.
Add OS/Arch name consts to sys/targets so that they can be used
to refer to OS/Arch. Use the consts everywhere.
|
| |
|
|
|
|
|
|
| |
And populate images with some files,
which should make both mounting and resulting dir more interesting.
Note: this adds 100MB of image files into the repo...
Maybe we need to think of some other way of string these images...
|
| |
|
|
| |
Add flexible_inline_xattr, inode_checksum, inode_crtime, project_quota features.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tools/create_{f2fs,btrfs}_image.sh are... well, shell scripts.
It's hard to scale this appraoch to more file systems
avoiding duplication and stupid errors while doing proper
error handling and parallelization.
Upgrade syz-imagegen to generate full test files and replace
the shell scripts.
f2fs -O=compression options is removed, it does not seem to be
supported by mkfs.f2fs, it always says:
Error: Wrong features
The shell script used it, but it seems that the way it passed
arguments (in a single '-quoted string) just made mkfs misparse
the arguments (use only the first one?) and so -O=compression
and most other arguments were simply ignored.
|
| |
|
|
|
| |
Not sure why I have not seen warnings about
these lines on another machine...
|
| | |
|
| |
|
