From 91db3ed8ce2dc73444bcd649f8003cbe96fcb227 Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sat, 18 Apr 2020 17:09:59 +0200 Subject: prog: add ignore_return and breaks_returns call attribtues We had these hard-coded for fuchsia and linux accordingly. Replace with call attributes. --- prog/analysis.go | 7 +------ prog/prog_test.go | 8 ++++---- prog/types.go | 14 +++++++------- 3 files changed, 12 insertions(+), 17 deletions(-) (limited to 'prog') diff --git a/prog/analysis.go b/prog/analysis.go index 10d99a787..fe022b670 100644 --- a/prog/analysis.go +++ b/prog/analysis.go @@ -206,12 +206,7 @@ func (p *Prog) FallbackSignal(info []CallInfo) { typ = fallbackSignalErrnoBlocked } inf.Signal = append(inf.Signal, encodeFallbackSignal(typ, id, inf.Errno)) - // seccomp filter can produce arbitrary errno values for subsequent syscalls. - // Don't trust anything afterwards. prctl can setup seccomp too. - // clone+ptrace combo cause fallback coverage explosion under gvisor. - // Mechanics of that are unclear, but effect is very clear. - if c.Meta.CallName == "seccomp" || c.Meta.CallName == "prctl" || - c.Meta.CallName == "clone" || c.Meta.CallName == "ptrace" { + if c.Meta.Attrs.BreaksReturns { break } if inf.Errno != 0 { diff --git a/prog/prog_test.go b/prog/prog_test.go index 16a54e2d6..a42e4437f 100644 --- a/prog/prog_test.go +++ b/prog/prog_test.go @@ -328,9 +328,9 @@ fallback$1(0x0) ` fallback$0() fallback$0() -seccomp() +breaks_returns() fallback$0() -seccomp() +breaks_returns() fallback$0() fallback$0() `, @@ -369,9 +369,9 @@ fallback$0() { ` fallback$0() -prctl$PR_SET_SECCOMP() +breaks_returns() fallback$0() -prctl$PR_SET_SECCOMP() +breaks_returns() fallback$0() `, []CallInfo{ diff --git a/prog/types.go b/prog/types.go index 9257fae37..f07de2b16 100644 --- a/prog/types.go +++ b/prog/types.go @@ -30,14 +30,14 @@ type Syscall struct { // syz-sysgen uses this structure to generate code for executor. // // Only bool's and uint64's are currently supported. +// +// See docs/syscall_descriptions_syntax.md for description of individual attributes. type SyscallAttrs struct { - // Never enable this system call in fuzzing. - Disabled bool - // Additional execution timeout (in ms) for the call on top of some default value. - Timeout uint64 - // Additional execution timeout (in ms) for the whole program if it contains this call. - // If a program contains several such calls, the max value is used. - ProgTimeout uint64 + Disabled bool + Timeout uint64 + ProgTimeout uint64 + IgnoreReturn bool + BreaksReturns bool } // MaxArgs is maximum number of syscall arguments. -- cgit mrf-deployment