Skip to content
Permalink
Browse files

sys/freebsd: avoid mangling syscall names

syz-extract was removing certain prefixes from syscall names, but this
caused some problems:
- freebsd* prefixes are for compatibility syscalls when the syscall ABI
  has changed.  For instance, we have both fstat() and
  freebsd11_fstat(), and it is desirable to fuzz them both.
- Stripping prefixes may leave us with undefined SYS_ constants.  This
  resulted in some test failures in pkg/csource, which emitted code
  referencing SYS_semctl when it should have been SYS___semctl.

Fix the problem by updating syscall descriptions to match the names
given by the FreeBSD kernel.  Add some new descriptions for
compatibility syscalls, fix the mknodat() description (dev_t is now 64
bits wide on FreeBSD), and remove mknod$loop, which appears to be
Linux-specific.
  • Loading branch information...
markjdb authored and dvyukov committed Mar 7, 2019
1 parent c08c1cd commit 4fc2fa55acc12f9e82084e52521380b84be9a08b
@@ -20,7 +20,7 @@

#if GOARCH_amd64
#define GOARCH "amd64"
#define SYZ_REVISION "87222f38848c14df07a6a0304da0b1915e3396bb"
#define SYZ_REVISION "873616249e74ae100e93afb6a14e4fef92b3acc4"
#define SYZ_EXECUTOR_USES_FORK_SERVER 1
#define SYZ_EXECUTOR_USES_SHMEM 1
#define SYZ_PAGE_SIZE 4096
@@ -226,6 +226,20 @@ const call_t syscalls[] = {

#if GOARCH_amd64
const call_t syscalls[] = {
{"__getcwd", 326},
{"__semctl$GETALL", 510},
{"__semctl$GETNCNT", 510},
{"__semctl$GETPID", 510},
{"__semctl$GETVAL", 510},
{"__semctl$GETZCNT", 510},
{"__semctl$IPC_INFO", 510},
{"__semctl$IPC_RMID", 510},
{"__semctl$IPC_SET", 510},
{"__semctl$IPC_STAT", 510},
{"__semctl$SEM_INFO", 510},
{"__semctl$SEM_STAT", 510},
{"__semctl$SETALL", 510},
{"__semctl$SETVAL", 510},
{"accept", 30},
{"accept$inet", 30},
{"accept$inet6", 30},
@@ -270,12 +284,17 @@ const call_t syscalls[] = {
{"fcntl$setstatus", 92},
{"fdatasync", 550},
{"flock", 131},
{"freebsd10_pipe", 42},
{"freebsd11_fstat", 189},
{"freebsd11_getdents", 272},
{"freebsd11_lstat", 190},
{"freebsd11_mknod", 14},
{"freebsd11_mknodat", 498},
{"freebsd11_stat", 188},
{"fstat", 551},
{"fsync", 95},
{"ftruncate", 480},
{"futimesat", 494},
{"getcwd", 326},
{"getdents", 272},
{"getegid", 43},
{"geteuid", 25},
{"getgid", 47},
@@ -409,13 +428,10 @@ const call_t syscalls[] = {
{"linkat", 495},
{"listen", 106},
{"lseek", 478},
{"lstat", 190},
{"madvise", 75},
{"mincore", 78},
{"mkdir", 136},
{"mkdirat", 496},
{"mknod", 14},
{"mknod$loop", 14},
{"mknodat", 559},
{"mlock", 203},
{"mlockall", 324},
@@ -437,7 +453,6 @@ const call_t syscalls[] = {
{"open", 5},
{"open$dir", 5},
{"openat", 499},
{"pipe", 42},
{"pipe2", 542},
{"poll", 209},
{"ppoll", 545},
@@ -456,19 +471,6 @@ const call_t syscalls[] = {
{"renameat", 501},
{"rmdir", 137},
{"select", 93},
{"semctl$GETALL", 510},
{"semctl$GETNCNT", 510},
{"semctl$GETPID", 510},
{"semctl$GETVAL", 510},
{"semctl$GETZCNT", 510},
{"semctl$IPC_INFO", 510},
{"semctl$IPC_RMID", 510},
{"semctl$IPC_SET", 510},
{"semctl$IPC_STAT", 510},
{"semctl$SEM_INFO", 510},
{"semctl$SEM_STAT", 510},
{"semctl$SETALL", 510},
{"semctl$SETVAL", 510},
{"semget", 221},
{"semget$private", 221},
{"semop", 222},
@@ -647,7 +649,6 @@ const call_t syscalls[] = {
{"socket$unix", 97},
{"socketpair", 135},
{"socketpair$unix", 135},
{"stat", 188},
{"symlink", 57},
{"symlinkat", 502},
{"sync", 36},

Large diffs are not rendered by default.

Oops, something went wrong.
@@ -13,7 +13,7 @@ resource ipc[int32]: 0, 0xffffffffffffffff

# TODO: describe ipc syscall

define SYS_semctl 510
define SYS___semctl 510

resource ipc_msq[ipc]
msgget(key proc[2039379027, 4], flags flags[msgget_flags]) ipc_msq
@@ -29,19 +29,19 @@ resource ipc_sem[ipc]
semget(key proc[2039359027, 4], nsems flags[sem_sem_id], flags flags[semget_flags]) ipc_sem
semget$private(key const[IPC_PRIVATE], nsems flags[sem_sem_id], flags flags[semget_flags]) ipc_sem
semop(semid ipc_sem, ops ptr[in, array[sembuf]], nops len[ops])
semctl$IPC_STAT(semid ipc_sem, semnum const[0], cmd const[IPC_STAT], arg buffer[out])
semctl$IPC_SET(semid ipc_sem, semnum const[0], cmd const[IPC_SET], arg ptr[in, semid_ds])
semctl$IPC_RMID(semid ipc_sem, semnum const[0], cmd const[IPC_RMID])
semctl$IPC_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[IPC_INFO], buf buffer[out])
semctl$SEM_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_INFO], arg buffer[out])
semctl$SEM_STAT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_STAT], arg buffer[out])
semctl$GETALL(semid ipc_sem, semnum const[0], cmd const[GETALL], arg buffer[out])
semctl$GETNCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETNCNT], arg buffer[out])
semctl$GETPID(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETPID], arg buffer[out])
semctl$GETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETVAL], arg buffer[out])
semctl$GETZCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETZCNT], arg buffer[out])
semctl$SETALL(semid ipc_sem, semnum const[0], cmd const[SETALL], arg ptr[in, array[int16]])
semctl$SETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SETVAL], arg ptr[in, int32])
__semctl$IPC_STAT(semid ipc_sem, semnum const[0], cmd const[IPC_STAT], arg buffer[out])
__semctl$IPC_SET(semid ipc_sem, semnum const[0], cmd const[IPC_SET], arg ptr[in, semid_ds])
__semctl$IPC_RMID(semid ipc_sem, semnum const[0], cmd const[IPC_RMID])
__semctl$IPC_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[IPC_INFO], buf buffer[out])
__semctl$SEM_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_INFO], arg buffer[out])
__semctl$SEM_STAT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_STAT], arg buffer[out])
__semctl$GETALL(semid ipc_sem, semnum const[0], cmd const[GETALL], arg buffer[out])
__semctl$GETNCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETNCNT], arg buffer[out])
__semctl$GETPID(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETPID], arg buffer[out])
__semctl$GETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETVAL], arg buffer[out])
__semctl$GETZCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETZCNT], arg buffer[out])
__semctl$SETALL(semid ipc_sem, semnum const[0], cmd const[SETALL], arg ptr[in, array[int16]])
__semctl$SETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SETVAL], arg ptr[in, int32])

resource ipc_shm[ipc]
resource shmaddr[intptr]: 0
@@ -25,13 +25,10 @@ SHM_RND = 8192
SHM_STAT = 13
SHM_UNLOCK = 12
SYS___semctl = 510
SYS_freebsd7_msgctl = 224
SYS_freebsd7_shmctl = 229
SYS_msgctl = 511
SYS_msgget = 225
SYS_msgrcv = 227
SYS_msgsnd = 226
SYS_semctl = 510
SYS_semget = 221
SYS_semop = 222
SYS_shmat = 228
@@ -28,7 +28,11 @@ lseek(fd fd, offset fileoff, whence flags[seek_whence])
dup(oldfd fd) fd
dup2(oldfd fd, newfd fd) fd
pipe2(pipefd ptr[out, pipefd], flags flags[pipe_flags])
freebsd10_pipe(pipefd ptr[out, pipefd])
fstat(fd fd, statbuf ptr[out, stat])
freebsd11_stat(file ptr[in, filename], statbuf ptr[out, freebsd11_stat])
freebsd11_fstat(fd fd, statbuf ptr[out, freebsd11_stat])
freebsd11_lstat(file ptr[in, filename], statbuf ptr[out, freebsd11_stat])

pipefd {
rfd fd
@@ -45,25 +49,54 @@ iovec_out {
len len[addr, intptr]
}

stat {
dev int16
freebsd11_stat {
dev int32
ino int32
mode int16
nlink int16
uid uid
gid gid
rdev int16
size int32
rdev int32
atime int64
ansec int64
mtime int64
mnsec int64
ctime int64
cnsec int64
size int64
blocks int64
blksize int32
flags int32
gen int32
__spare const[0, int32]
btime int64
bnsec int64
}

stat {
dev int64
ino int64
nlink int64
mode int16
__pad0 const[0, int16]
uid uid
gid gid
__pad1 const[0, int32]
rdev int64
atime int64
ansec int64
mtime int64
mnsec int64
ctime int64
cnsec int64
btime int64
bnsec int64
size int64
blocks int64
blksize int32
blocks int32
atime int32
ansec int32
mtime int32
mnsec int32
ctime int32
cnsec int32
pad1 const[0, int32]
pad2 const[0, int32]
flags int32
gen int64
__spare array[int64, 10]
}

open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_APPEND, FASYNC, O_CLOEXEC, O_CREAT, O_DIRECT, O_DIRECTORY, O_EXCL, O_NOCTTY, O_NOFOLLOW, O_NONBLOCK, O_SYNC, O_TRUNC
@@ -23,7 +23,10 @@ SEEK_SET = 0
SYS_close = 6
SYS_dup = 41
SYS_dup2 = 90
SYS_freebsd10_pipe = 42
SYS_freebsd11_fstat = 189
SYS_freebsd11_lstat = 190
SYS_freebsd11_stat = 188
SYS_fstat = 551
SYS_lseek = 478
SYS_open = 5
@@ -19,13 +19,8 @@ include <sys/wait.h>

syz_execute_func(text ptr[in, text[target]])

pipe(pipefd ptr[out, pipefd])

sendfile(fdout fd, fdin fd, off ptr[inout, fileoff[int64], opt], count int64)

stat(file ptr[in, filename], statbuf ptr[out, stat])
lstat(file ptr[in, filename], statbuf ptr[out, stat])

poll(fds ptr[in, array[pollfd]], nfds len[fds], timeout int32)
ppoll(fds ptr[in, array[pollfd]], nfds len[fds], tsp ptr[in, timespec], sigmask ptr[in, sigset], size len[sigmask])
select(n len[inp], inp ptr[inout, fd_set], outp ptr[inout, fd_set], exp ptr[inout, fd_set], tvp ptr[inout, timeval])
@@ -40,9 +35,9 @@ fcntl$lock(fd fd, cmd flags[fcntl_lock], lock ptr[in, flock])
fcntl$getown(fd fd, cmd const[F_GETOWN]) pid
fcntl$setown(fd fd, cmd const[F_SETOWN], pid pid)

mknod(file ptr[in, filename], mode flags[mknod_mode], dev int32)
mknod$loop(file ptr[in, filename], mode flags[mknod_mode], dev proc[1792, 2])
mknodat(dirfd fd_dir, file ptr[in, filename], mode flags[mknod_mode], dev int32)
mknodat(dirfd fd_dir, file ptr[in, filename], mode flags[mknod_mode], dev int64)
freebsd11_mknod(file ptr[in, filename], mod flags[mknod_mode], dev int32)
freebsd11_mknodat(dirfd fd_dir, file ptr[in, filename], mod flags[mknod_mode], dev int32)
chmod(file ptr[in, filename], mode flags[open_mode])
fchmod(fd fd, mode flags[open_mode])
fchmodat(dirfd fd_dir, file ptr[in, filename], mode flags[open_mode])
@@ -95,9 +90,9 @@ flock(fd fd, op flags[flock_op])
fsync(fd fd)
fdatasync(fd fd)
sync()
getdents(fd fd_dir, ent buffer[out], count len[ent])
freebsd11_getdents(fd fd_dir, ent buffer[out], count len[ent])
chroot(dir ptr[in, filename])
getcwd(buf buffer[out], size len[buf])
__getcwd(buf buffer[out], size len[buf])
chdir(dir ptr[in, filename])
fchdir(fd fd)

@@ -56,6 +56,7 @@ RLIMIT_STACK = 3
RUSAGE_CHILDREN = 18446744073709551615
RUSAGE_SELF = 0
RUSAGE_THREAD = 1
SYS___getcwd = 326
SYS_chdir = 12
SYS_chmod = 15
SYS_chown = 16
@@ -75,12 +76,12 @@ SYS_fchownat = 491
SYS_fcntl = 92
SYS_fdatasync = 550
SYS_flock = 131
SYS_freebsd11_getdents = 272
SYS_freebsd11_mknod = 14
SYS_freebsd11_mknodat = 498
SYS_fsync = 95
SYS_ftruncate = 480
SYS_futimesat = 494
SYS_getcwd = 326
SYS_getdents = 272
SYS_getegid = 43
SYS_geteuid = 25
SYS_getgid = 47
@@ -97,14 +98,11 @@ SYS_getuid = 24
SYS_lchown = 254
SYS_link = 9
SYS_linkat = 495
SYS_lstat = 190
SYS_mincore = 78
SYS_mkdir = 136
SYS_mkdirat = 496
SYS_mknod = 14
SYS_mknodat = 559
SYS_nanosleep = 240
SYS_pipe = 42
SYS_poll = 209
SYS_ppoll = 545
SYS_readlink = 58
@@ -125,7 +123,6 @@ SYS_setreuid = 126
SYS_setrlimit = 195
SYS_setuid = 23
SYS_sigaltstack = 53
SYS_stat = 188
SYS_symlink = 57
SYS_symlinkat = 502
SYS_sync = 36
@@ -55,33 +55,5 @@ func (*freebsd) processFile(arch *Arch, info *compiler.ConstInfo) (map[string]ui
args = append(args, "-I"+dir)
}
}
// Syscall consts on freebsd have weird prefixes sometimes,
// try to extract consts with these prefixes as well.
compatNames := make(map[string][]string)
for _, val := range info.Consts {
const SYS = "SYS_"
if strings.HasPrefix(val, SYS) {
for _, prefix := range []string{"__", "freebsd11_", "freebsd10_", "freebsd7_"} {
compat := SYS + prefix + val[len(SYS):]
compatNames[val] = append(compatNames[val], compat)
info.Consts = append(info.Consts, compat)
}
} else {
compat := "LINUX_" + val
compatNames[val] = append(compatNames[val], compat)
info.Consts = append(info.Consts, compat)
}
}
res, undeclared, err := extract(info, "gcc", args, "#include <sys/syscall.h>", true)
for orig, compats := range compatNames {
for _, compat := range compats {
if undeclared[orig] && !undeclared[compat] {
res[orig] = res[compat]
delete(res, compat)
delete(undeclared, orig)
}
delete(undeclared, compat)
}
}
return res, undeclared, err
return extract(info, "gcc", args, "#include <sys/syscall.h>", true)
}

0 comments on commit 4fc2fa5

Please sign in to comment.
You can’t perform that action at this time.