From 85c573157db1baae51178263fe3289c8329e6dc2 Mon Sep 17 00:00:00 2001
From: Anton Lindqvist <anton@basename.se>
Date: Tue, 21 May 2019 23:17:22 +0200
Subject: pkg/csource: add ability to annotate syscalls using comments in C
 reproducers

Providing additional info, especially regarding syscall arguments, in reproducers
can be helpful. An example is device numbers passed to mknod(2).

This commit introduces an optional annotate function on a per target basis.

Example for the OpenBSD target:

  $ cat prog.in
  mknod(0x0, 0x0, 0x4503)
  getpid()
  $ syz-prog2c -prog prog.in
  int main(void)
  {
    syscall(SYS_mmap, 0x20000000, 0x1000000, 3, 0x1012, -1, 0, 0);
    syscall(SYS_mknod, 0, 0, 0x4503); /* major = 69, minor = 3 */
    syscall(SYS_getpid);
    return 0;
  }
---
 sys/openbsd/init.go | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'sys')

diff --git a/sys/openbsd/init.go b/sys/openbsd/init.go
index bce74fbac..c42fe0497 100644
--- a/sys/openbsd/init.go
+++ b/sys/openbsd/init.go
@@ -4,6 +4,8 @@
 package openbsd
 
 import (
+	"fmt"
+
 	"github.com/google/syzkaller/prog"
 	"github.com/google/syzkaller/sys/targets"
 )
@@ -17,6 +19,7 @@ func InitTarget(target *prog.Target) {
 
 	target.MakeMmap = targets.MakePosixMmap(target)
 	target.SanitizeCall = arch.SanitizeCall
+	target.AnnotateCall = arch.annotateCall
 }
 
 type arch struct {
@@ -107,3 +110,16 @@ func (arch *arch) SanitizeCall(c *prog.Call) {
 		arch.unix.SanitizeCall(c)
 	}
 }
+
+func (arch *arch) annotateCall(c prog.ExecCall) string {
+	devArg := 2
+	switch c.Meta.Name {
+	case "mknodat":
+		devArg = 3
+		fallthrough
+	case "mknod":
+		dev := c.Args[devArg].(prog.ExecArgConst).Value
+		return fmt.Sprintf("major = %v, minor = %v", devmajor(dev), devminor(dev))
+	}
+	return ""
+}
-- 
cgit mrf-deployment