From 1905d7c090a13a8b94e5d19a5388104f2d7693fd Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Sun, 3 May 2020 16:53:36 +0200
Subject: prog: refactor ANY to not fabricate new types

Currently ANY implementation fabricates new types dynamically.
This is something we don't do anywhere else, generally types
come from compiler and all are static.
Dynamic types will conflict with use of Ref in Arg optimization.
Move ANY types creation into compiler.

Update #1580
---
 pkg/compiler/types.go | 23 +++++++++++++++++++++++
 pkg/host/syscalls.go  | 20 +++++++++++---------
 2 files changed, 34 insertions(+), 9 deletions(-)

(limited to 'pkg')

diff --git a/pkg/compiler/types.go b/pkg/compiler/types.go
index 2fddb4917..fd021cefc 100644
--- a/pkg/compiler/types.go
+++ b/pkg/compiler/types.go
@@ -964,6 +964,29 @@ type optional[T] [
 	val	T
 	void	void
 ] [varlen]
+
+# prog/any.go knows layout of these types.
+ANYUNION [
+	ANYBLOB		array[int8]
+	ANYRES16	ANYRES16
+	ANYRES32	ANYRES32
+	ANYRES64	ANYRES64
+	ANYRESDEC	fmt[dec, ANYRES64]
+	ANYRESHEX	fmt[hex, ANYRES64]
+	ANYRESOCT	fmt[oct, ANYRES64]
+] [varlen]
+
+ANYPTRS [
+	ANYPTR		ptr[in, array[ANYUNION]]
+	ANYPTR64	ptr64[in, array[ANYUNION]]
+]
+
+resource ANYRES16[int16]: -1, 0
+resource ANYRES32[int32]: -1, 0
+resource ANYRES64[int64]: -1, 0
+
+syz_builtin0(a ptr[in, ANYPTRS]) (disabled)
+syz_builtin1(a ptr[out, ANYUNION]) (disabled)
 `
 
 func init() {
diff --git a/pkg/host/syscalls.go b/pkg/host/syscalls.go
index d63c7ceef..e322fc3b1 100644
--- a/pkg/host/syscalls.go
+++ b/pkg/host/syscalls.go
@@ -16,16 +16,24 @@ func DetectSupportedSyscalls(target *prog.Target, sandbox string) (
 	log.Logf(1, "detecting supported syscalls")
 	supported := make(map[*prog.Syscall]bool)
 	unsupported := make(map[*prog.Syscall]string)
+	const disabledAttribute = "has disabled attribute in descriptions"
 	// These do not have own host and parasitize on some other OS.
 	if targets.Get(target.OS, target.Arch).HostFuzzer {
 		for _, c := range target.Syscalls {
-			supported[c] = true
+			if c.Attrs.Disabled {
+				unsupported[c] = disabledAttribute
+			} else {
+				supported[c] = true
+			}
 		}
 	} else {
 		for _, c := range target.Syscalls {
 			ok, reason := false, ""
-			switch c.CallName {
-			case "syz_execute_func":
+			switch {
+			case c.Attrs.Disabled:
+				ok = false
+				reason = disabledAttribute
+			case c.CallName == "syz_execute_func":
 				// syz_execute_func caused multiple problems:
 				// 1. First it lead to corpus exploision. The program used existing values in registers
 				// to pollute output area. We tried to zero registers (though, not reliably).
@@ -55,12 +63,6 @@ func DetectSupportedSyscalls(target *prog.Target, sandbox string) (
 			}
 		}
 	}
-	for c := range supported {
-		if c.Attrs.Disabled {
-			delete(supported, c)
-			unsupported[c] = "has disabled attribute in descriptions"
-		}
-	}
 	return supported, unsupported, nil
 }
 
-- 
cgit mrf-deployment