Skip to content
Permalink
Browse files

tools/syz-check: add description checking utility

syz-check parses vmlinux dwarf, extracts struct descriptions,
compares them with what we have (size, fields, alignment, etc)
and produces .warn files.
This is first raw version, it can be improved in a number of ways.
But it already helped to identify a critical issue #1542
and shows some wrong struct descriptions.

Update #590
  • Loading branch information
dvyukov committed Dec 9, 2019
1 parent f950e82 commit 64ca0a371100fc7dfdb20de9263763e46c88a436
Showing with 2,032 additions and 0 deletions.
  1. +7 −0 sys/linux/9p.txt.warn
  2. +1 −0 sys/linux/binfmt.txt.warn
  3. +87 −0 sys/linux/bpf.txt.warn
  4. +48 −0 sys/linux/dev_binder.txt.warn
  5. +80 −0 sys/linux/dev_cdrom.txt.warn
  6. +26 −0 sys/linux/dev_dri.txt.warn
  7. +1 −0 sys/linux/dev_hidraw.txt.warn
  8. +1 −0 sys/linux/dev_i2c.txt.warn
  9. +121 −0 sys/linux/dev_infiniband_rdma.txt.warn
  10. +13 −0 sys/linux/dev_infiniband_rdma_cm.txt.warn
  11. +8 −0 sys/linux/dev_input.txt.warn
  12. +70 −0 sys/linux/dev_kvm.txt.warn
  13. +15 −0 sys/linux/dev_loop.txt.warn
  14. +1 −0 sys/linux/dev_nbd.txt.warn
  15. +25 −0 sys/linux/dev_ptmx.txt.warn
  16. +2 −0 sys/linux/dev_ptp.txt.warn
  17. +1 −0 sys/linux/dev_rtc.txt.warn
  18. +29 −0 sys/linux/dev_sg.txt.warn
  19. +8 −0 sys/linux/dev_snd_control.txt.warn
  20. +14 −0 sys/linux/dev_snd_midi.txt.warn
  21. +34 −0 sys/linux/dev_snd_pcm.txt.warn
  22. +42 −0 sys/linux/dev_snd_seq.txt.warn
  23. +9 −0 sys/linux/dev_tlk_device.txt.warn
  24. +23 −0 sys/linux/dev_uhid.txt.warn
  25. +1 −0 sys/linux/dev_usbmon.txt.warn
  26. +4 −0 sys/linux/dev_vfio.txt.warn
  27. +71 −0 sys/linux/dev_video4linux.txt.warn
  28. +20 −0 sys/linux/devio.txt.warn
  29. +4 −0 sys/linux/filesystem.txt.warn
  30. +22 −0 sys/linux/fs_ioctl.txt.warn
  31. +14 −0 sys/linux/fscrypt.txt.warn
  32. +5 −0 sys/linux/fuse.txt.warn
  33. +1 −0 sys/linux/hafnium.txt.warn
  34. +5 −0 sys/linux/io_uring.txt.warn
  35. +38 −0 sys/linux/ipc.txt.warn
  36. +1 −0 sys/linux/ipvs.txt.warn
  37. +3 −0 sys/linux/key.txt.warn
  38. +4 −0 sys/linux/mptcp.txt.warn
  39. +118 −0 sys/linux/netfilter.txt.warn
  40. +27 −0 sys/linux/netfilter_arp.txt.warn
  41. +10 −0 sys/linux/netfilter_bridge.txt.warn
  42. +17 −0 sys/linux/netfilter_ipv4.txt.warn
  43. +38 −0 sys/linux/netfilter_ipv6.txt.warn
  44. +14 −0 sys/linux/netfilter_targets.txt.warn
  45. +57 −0 sys/linux/perf.txt.warn
  46. +3 −0 sys/linux/smack.txt.warn
  47. +32 −0 sys/linux/socket.txt.warn
  48. +8 −0 sys/linux/socket_alg.txt.warn
  49. +9 −0 sys/linux/socket_ax25.txt.warn
  50. +18 −0 sys/linux/socket_bluetooth.txt.warn
  51. +8 −0 sys/linux/socket_caif.txt.warn
  52. +7 −0 sys/linux/socket_can.txt.warn
  53. +10 −0 sys/linux/socket_inet.txt.warn
  54. +5 −0 sys/linux/socket_inet6.txt.warn
  55. +16 −0 sys/linux/socket_inet_sctp.txt.warn
  56. +17 −0 sys/linux/socket_inet_tcp.txt.warn
  57. +2 −0 sys/linux/socket_ipx.txt.warn
  58. +3 −0 sys/linux/socket_isdn.txt.warn
  59. +8 −0 sys/linux/socket_key.txt.warn
  60. +1 −0 sys/linux/socket_llc.txt.warn
  61. +8 −0 sys/linux/socket_netlink.txt.warn
  62. +3 −0 sys/linux/socket_netlink_generic_devlink.txt.warn
  63. +2 −0 sys/linux/socket_netlink_netfilter.txt.warn
  64. +2 −0 sys/linux/socket_netlink_route.txt.warn
  65. +46 −0 sys/linux/socket_netlink_route_sched.txt.warn
  66. +16 −0 sys/linux/socket_netlink_xfrm.txt.warn
  67. +3 −0 sys/linux/socket_netrom.txt.warn
  68. +1 −0 sys/linux/socket_nfc.txt.warn
  69. +4 −0 sys/linux/socket_packet.txt.warn
  70. +2 −0 sys/linux/socket_pppox.txt.warn
  71. +6 −0 sys/linux/socket_rds.txt.warn
  72. +7 −0 sys/linux/socket_rose.txt.warn
  73. +4 −0 sys/linux/socket_rxrpc.txt.warn
  74. +9 −0 sys/linux/socket_tipc.txt.warn
  75. +8 −0 sys/linux/socket_unix.txt.warn
  76. +5 −0 sys/linux/socket_vnet.txt.warn
  77. +2 −0 sys/linux/socket_x25.txt.warn
  78. +4 −0 sys/linux/socket_xdp.txt.warn
  79. +64 −0 sys/linux/sys.txt.warn
  80. +12 −0 sys/linux/trusty.txt.warn
  81. +69 −0 sys/linux/vnet.txt.warn
  82. +33 −0 sys/linux/vusb.txt.warn
  83. +5 −0 sys/linux/xattr.txt.warn
  84. +228 −0 tools/syz-check/check.go
  85. +202 −0 tools/syz-check/dwarf.go
@@ -0,0 +1,7 @@
0025: struct pipe_9p: no corresponding struct in kernel
0096: struct p9_qid: bad size: syz=13 kernel=16
0098: field p9_qid.version/version: bad offset: syz=1 kernel=4
0099: field p9_qid.path/path: bad offset: syz=5 kernel=8
0109: struct p9_ropen: no corresponding struct in kernel
0156: struct p9_rstatfs: bad size: syz=60 kernel=64
0168: struct p9_rgetattr: no corresponding struct in kernel
@@ -0,0 +1 @@
0043: struct exec: no corresponding struct in kernel
@@ -0,0 +1,87 @@
0057: struct bpf_map_create_arg: no corresponding struct in kernel
0072: struct bpf_map_get_fd_by_id_arg: no corresponding struct in kernel
0078: struct bpf_map_lookup_arg: no corresponding struct in kernel
0085: struct bpf_map_update_arg: no corresponding struct in kernel
0092: struct bpf_map_delete_arg: no corresponding struct in kernel
0099: struct bpf_map_get_next_arg: no corresponding struct in kernel
0109: struct bpf_prog: bad number of fields: syz=21 kernel=20
0109: struct bpf_prog: bad size: syz=120 kernel=56
0110: field bpf_prog.type/pages: bad size: syz=4 kernel=2
0111: field bpf_prog.ninsn/jited: bad bit size/offset: syz=0/0 kernel=1/0
0111: field bpf_prog.ninsn/jited: bad offset: syz=4 kernel=2
0111: field bpf_prog.ninsn/jited: bad size: syz=4 kernel=2
0112: field bpf_prog.insns/jit_requested: bad bit size/offset: syz=0/0 kernel=1/1
0112: field bpf_prog.insns/jit_requested: bad offset: syz=8 kernel=2
0112: field bpf_prog.insns/jit_requested: bad size: syz=8 kernel=2
0113: field bpf_prog.license/gpl_compatible: bad bit size/offset: syz=0/0 kernel=1/2
0113: field bpf_prog.license/gpl_compatible: bad offset: syz=16 kernel=2
0113: field bpf_prog.license/gpl_compatible: bad size: syz=8 kernel=2
0114: field bpf_prog.loglev/cb_access: bad bit size/offset: syz=0/0 kernel=1/3
0114: field bpf_prog.loglev/cb_access: bad offset: syz=24 kernel=2
0114: field bpf_prog.loglev/cb_access: bad size: syz=4 kernel=2
0115: field bpf_prog.logsize/dst_needed: bad bit size/offset: syz=0/0 kernel=1/4
0115: field bpf_prog.logsize/dst_needed: bad offset: syz=28 kernel=2
0115: field bpf_prog.logsize/dst_needed: bad size: syz=4 kernel=2
0116: field bpf_prog.log/blinded: bad bit size/offset: syz=0/0 kernel=1/5
0116: field bpf_prog.log/blinded: bad offset: syz=32 kernel=2
0116: field bpf_prog.log/blinded: bad size: syz=8 kernel=2
0117: field bpf_prog.kern_version/is_func: bad bit size/offset: syz=0/0 kernel=1/6
0117: field bpf_prog.kern_version/is_func: bad offset: syz=40 kernel=2
0117: field bpf_prog.kern_version/is_func: bad size: syz=4 kernel=2
0118: field bpf_prog.flags/kprobe_override: bad bit size/offset: syz=0/0 kernel=1/7
0118: field bpf_prog.flags/kprobe_override: bad offset: syz=44 kernel=2
0118: field bpf_prog.flags/kprobe_override: bad size: syz=4 kernel=2
0119: field bpf_prog.prog_name/has_callchain_buf: bad bit size/offset: syz=0/0 kernel=1/8
0119: field bpf_prog.prog_name/has_callchain_buf: bad offset: syz=48 kernel=2
0119: field bpf_prog.prog_name/has_callchain_buf: bad size: syz=16 kernel=2
0120: field bpf_prog.prog_ifindex/enforce_expected_attach_type: bad bit size/offset: syz=0/0 kernel=1/9
0120: field bpf_prog.prog_ifindex/enforce_expected_attach_type: bad offset: syz=64 kernel=2
0120: field bpf_prog.prog_ifindex/enforce_expected_attach_type: bad size: syz=4 kernel=2
0121: field bpf_prog.expected_attach_type/type: bad offset: syz=68 kernel=4
0122: field bpf_prog.btf_fd/expected_attach_type: bad offset: syz=72 kernel=8
0123: field bpf_prog.func_info_rec_size/len: bad offset: syz=76 kernel=12
0124: field bpf_prog.func_info/jited_len: bad offset: syz=80 kernel=16
0124: field bpf_prog.func_info/jited_len: bad size: syz=8 kernel=4
0125: field bpf_prog.func_info_cnt/tag: bad offset: syz=88 kernel=20
0125: field bpf_prog.func_info_cnt/tag: bad size: syz=4 kernel=8
0126: field bpf_prog.line_info_rec_size/aux: bad offset: syz=92 kernel=32
0126: field bpf_prog.line_info_rec_size/aux: bad size: syz=4 kernel=8
0127: field bpf_prog.line_info/orig_prog: bad offset: syz=96 kernel=40
0128: field bpf_prog.line_info_cnt/bpf_func: bad offset: syz=104 kernel=48
0128: field bpf_prog.line_info_cnt/bpf_func: bad size: syz=4 kernel=8
0129: field bpf_prog.attach_btf_id/: bad offset: syz=108 kernel=56
0129: field bpf_prog.attach_btf_id/: bad size: syz=4 kernel=0
0174: struct bpf_insn_generic: no corresponding struct in kernel
0182: struct bpf_insn_ldst: no corresponding struct in kernel
0207: struct bpf_insn_alu: no corresponding struct in kernel
0235: struct bpf_insn_jmp: no corresponding struct in kernel
0262: struct bpf_insn_call_helper: no corresponding struct in kernel
0269: struct bpf_insn_call_func: no corresponding struct in kernel
0280: struct bpf_insn_exit: no corresponding struct in kernel
0289: struct bpf_insn_init_r0: no corresponding struct in kernel
0301: struct bpf_insn_map: no corresponding struct in kernel
0313: struct bpf_insn_map_value: no corresponding struct in kernel
0335: struct bpf_obj_pin_map: no corresponding struct in kernel
0341: struct bpf_obj_pin_prog: no corresponding struct in kernel
0347: struct bpf_obj_get: no corresponding struct in kernel
0353: struct bpf_attach_arg: no corresponding struct in kernel
0360: struct bpf_detach_arg: no corresponding struct in kernel
0367: struct bpf_test_prog_arg: no corresponding struct in kernel
0382: struct bpf_obj_get_next_id_arg: no corresponding struct in kernel
0388: struct bpf_prog_get_fd_by_id_arg: no corresponding struct in kernel
0394: struct bpf_get_prog_info_arg: no corresponding struct in kernel
0400: struct bpf_prog_info: bad number of fields: syz=32 kernel=34
0400: struct bpf_prog_info: bad size: syz=192 kernel=208
0435: struct bpf_get_map_info_arg: no corresponding struct in kernel
0441: struct bpf_map_info: bad number of fields: syz=7 kernel=13
0441: struct bpf_map_info: bad size: syz=40 kernel=80
0451: struct bpf_get_btf_info_arg: no corresponding struct in kernel
0463: struct bpf_prog_query: no corresponding struct in kernel
0474: field bpf_raw_tracepoint.prog_fd/prog: bad size: syz=4 kernel=8
0477: struct bpf_btf_load: no corresponding struct in kernel
0520: struct btf_type_int: no corresponding struct in kernel
0543: struct btf_type_array: no corresponding struct in kernel
0588: struct btf_type_fwd: no corresponding struct in kernel
0596: struct btf_type_func: no corresponding struct in kernel
0618: struct btf_type_var: no corresponding struct in kernel
0652: struct bpf_task_fd_query: no corresponding struct in kernel
@@ -0,0 +1,48 @@
0085: struct binder_cmd_transaction: no corresponding struct in kernel
0090: struct binder_cmd_reply: no corresponding struct in kernel
0095: struct binder_cmd_transaction_sg: no corresponding struct in kernel
0101: struct binder_cmd_reply_sg: no corresponding struct in kernel
0110: struct binder_transaction_data: bad number of fields: syz=11 kernel=9
0111: field binder_transaction_data.handle/target: bad size: syz=4 kernel=8
0113: field binder_transaction_data.pad/cookie: bad offset: syz=4 kernel=8
0113: field binder_transaction_data.pad/cookie: bad size: syz=4 kernel=8
0114: field binder_transaction_data.cookie/code: bad offset: syz=8 kernel=16
0114: field binder_transaction_data.cookie/code: bad size: syz=8 kernel=4
0115: field binder_transaction_data.code/flags: bad offset: syz=16 kernel=20
0116: field binder_transaction_data.flags/sender_pid: bad offset: syz=20 kernel=24
0117: field binder_transaction_data.sender_pid/sender_euid: bad offset: syz=24 kernel=28
0118: field binder_transaction_data.sender_euid/data_size: bad offset: syz=28 kernel=32
0118: field binder_transaction_data.sender_euid/data_size: bad size: syz=4 kernel=8
0119: field binder_transaction_data.data_size/offsets_size: bad offset: syz=32 kernel=40
0120: field binder_transaction_data.offsets_size/data: bad offset: syz=40 kernel=48
0120: field binder_transaction_data.offsets_size/data: bad size: syz=8 kernel=16
0131: struct binder_offsets: no corresponding struct in kernel
0147: field flat_binder_object.binder/hdr: bad size: syz=24 kernel=4
0148: field flat_binder_object.weak_binder/flags: bad offset: syz=24 kernel=4
0148: field flat_binder_object.weak_binder/flags: bad size: syz=24 kernel=4
0149: field flat_binder_object.handle/: bad offset: syz=48 kernel=8
0149: field flat_binder_object.handle/: bad size: syz=24 kernel=8
0150: field flat_binder_object.weak_handle/cookie: bad offset: syz=72 kernel=16
0150: field flat_binder_object.weak_handle/cookie: bad size: syz=24 kernel=8
0162: struct binder_fd_object: bad number of fields: syz=5 kernel=4
0165: field binder_fd_object.fd/: bad size: syz=4 kernel=8
0166: field binder_fd_object.pad2/cookie: bad offset: syz=12 kernel=16
0166: field binder_fd_object.pad2/cookie: bad size: syz=4 kernel=8
0170: struct binder_fd_array_object: bad number of fields: syz=4 kernel=5
0172: field binder_fd_array_object.num_fds/pad: bad offset: syz=8 kernel=4
0172: field binder_fd_array_object.num_fds/pad: bad size: syz=8 kernel=4
0173: field binder_fd_array_object.parnt/num_fds: bad offset: syz=16 kernel=8
0174: field binder_fd_array_object.parent_offset/parent: bad offset: syz=24 kernel=16
0189: struct binder_cmd_free_buffer: no corresponding struct in kernel
0194: struct binder_cmd_increfs: no corresponding struct in kernel
0199: struct binder_cmd_acquire: no corresponding struct in kernel
0204: struct binder_cmd_release: no corresponding struct in kernel
0209: struct binder_cmd_decrefs: no corresponding struct in kernel
0214: struct binder_cmd_increfs_done: no corresponding struct in kernel
0220: struct binder_cmd_acquire_done: no corresponding struct in kernel
0226: struct binder_cmd_register_looper: no corresponding struct in kernel
0230: struct binder_cmd_enter_looper: no corresponding struct in kernel
0234: struct binder_cmd_exit_looper: no corresponding struct in kernel
0238: struct binder_cmd_request_death: no corresponding struct in kernel
0244: struct binder_cmd_clear_death: no corresponding struct in kernel
0250: struct binder_cmd_dead_binder_done: no corresponding struct in kernel
@@ -0,0 +1,80 @@
0079: struct cdrom_output_buffer: no corresponding struct in kernel
0092: struct cdrom_msf_out_stub: no corresponding struct in kernel
0123: struct cdrom_addr: no corresponding struct in kernel
0177: field dvd_struct.physical/physical: bad offset: syz=1 kernel=0
0178: field dvd_struct.copyright/copyright: bad offset: syz=85 kernel=0
0179: field dvd_struct.disckey/disckey: bad offset: syz=89 kernel=0
0179: field dvd_struct.disckey/disckey: bad size: syz=2056 kernel=2052
0180: field dvd_struct.bca/bca: bad offset: syz=2145 kernel=0
0181: field dvd_struct.manufact/manufact: bad offset: syz=2341 kernel=0
0214: struct dvd_disckey: bad size: syz=2056 kernel=2052
0217: field dvd_disckey.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0217: field dvd_disckey.agid/agid: bad offset: syz=4 kernel=0
0218: field dvd_disckey.value/value: bad offset: syz=8 kernel=2
0236: struct dvd_authinfo: bad size: syz=24 kernel=16
0239: field dvd_authinfo.lsa/lsa: bad offset: syz=1 kernel=0
0239: field dvd_authinfo.lsa/lsa: bad size: syz=8 kernel=4
0240: field dvd_authinfo.hsc/hsc: bad offset: syz=9 kernel=0
0240: field dvd_authinfo.hsc/hsc: bad size: syz=20 kernel=12
0241: field dvd_authinfo.lsk/lsk: bad offset: syz=29 kernel=0
0241: field dvd_authinfo.lsk/lsk: bad size: syz=16 kernel=8
0242: field dvd_authinfo.lsc/lsc: bad offset: syz=45 kernel=0
0242: field dvd_authinfo.lsc/lsc: bad size: syz=20 kernel=12
0243: field dvd_authinfo.hsk/hsk: bad offset: syz=65 kernel=0
0243: field dvd_authinfo.hsk/hsk: bad size: syz=16 kernel=8
0244: field dvd_authinfo.lstk/lstk: bad offset: syz=81 kernel=0
0244: field dvd_authinfo.lstk/lstk: bad size: syz=24 kernel=16
0245: field dvd_authinfo.lsasf/lsasf: bad offset: syz=105 kernel=0
0245: field dvd_authinfo.lsasf/lsasf: bad size: syz=8 kernel=4
0246: field dvd_authinfo.hrpcs/hrpcs: bad offset: syz=113 kernel=0
0247: field dvd_authinfo.lrpcs/lrpcs: bad offset: syz=115 kernel=0
0253: struct dvd_lu_send_agid: bad size: syz=8 kernel=4
0255: field dvd_lu_send_agid.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0255: field dvd_lu_send_agid.agid/agid: bad offset: syz=4 kernel=0
0258: struct dvd_host_send_challenge: bad size: syz=20 kernel=12
0260: field dvd_host_send_challenge.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0260: field dvd_host_send_challenge.agid/agid: bad offset: syz=4 kernel=0
0262: field dvd_host_send_challenge.chal/chal: bad offset: syz=8 kernel=2
0267: struct dvd_send_key: bad size: syz=16 kernel=8
0269: field dvd_send_key.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0269: field dvd_send_key.agid/agid: bad offset: syz=4 kernel=0
0271: field dvd_send_key.key/key: bad offset: syz=8 kernel=2
0274: struct dvd_lu_send_challenge: bad size: syz=20 kernel=12
0276: field dvd_lu_send_challenge.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0276: field dvd_lu_send_challenge.agid/agid: bad offset: syz=4 kernel=0
0278: field dvd_lu_send_challenge.chal/chal: bad offset: syz=8 kernel=2
0281: struct dvd_lu_send_title_key: bad size: syz=24 kernel=16
0283: field dvd_lu_send_title_key.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0283: field dvd_lu_send_title_key.agid/agid: bad offset: syz=4 kernel=0
0285: field dvd_lu_send_title_key.title_key/title_key: bad offset: syz=8 kernel=2
0286: field dvd_lu_send_title_key.lba/lba: bad offset: syz=16 kernel=8
0287: field dvd_lu_send_title_key.cpm/cpm: bad offset: syz=20 kernel=12
0288: field dvd_lu_send_title_key.cp_sec/cp_sec: bad offset: syz=20 kernel=12
0289: field dvd_lu_send_title_key.cgms/cgms: bad offset: syz=20 kernel=12
0292: struct dvd_lu_send_asf: bad size: syz=8 kernel=4
0294: field dvd_lu_send_asf.agid/agid: bad bit size/offset: syz=2/0 kernel=2/8
0294: field dvd_lu_send_asf.agid/agid: bad offset: syz=4 kernel=0
0296: field dvd_lu_send_asf.asf/asf: bad bit size/offset: syz=1/2 kernel=1/10
0296: field dvd_lu_send_asf.asf/asf: bad offset: syz=4 kernel=0
0324: struct request_sense: bad number of fields: syz=11 kernel=15
0325: field request_sense.valid_err_code/error_code: bad bit size/offset: syz=0/0 kernel=7/0
0326: field request_sense.segment_number/valid: bad bit size/offset: syz=0/0 kernel=1/7
0326: field request_sense.segment_number/valid: bad offset: syz=1 kernel=0
0327: field request_sense.ili_sense_key/segment_number: bad offset: syz=2 kernel=1
0328: field request_sense.information/sense_key: bad bit size/offset: syz=0/0 kernel=4/0
0328: field request_sense.information/sense_key: bad offset: syz=3 kernel=2
0328: field request_sense.information/sense_key: bad size: syz=4 kernel=1
0329: field request_sense.add_sense_len/reserved2: bad bit size/offset: syz=0/0 kernel=1/4
0329: field request_sense.add_sense_len/reserved2: bad offset: syz=7 kernel=2
0330: field request_sense.command_info/ili: bad bit size/offset: syz=0/0 kernel=1/5
0330: field request_sense.command_info/ili: bad offset: syz=8 kernel=2
0330: field request_sense.command_info/ili: bad size: syz=4 kernel=1
0331: field request_sense.asc/reserved1: bad bit size/offset: syz=0/0 kernel=2/6
0331: field request_sense.asc/reserved1: bad offset: syz=12 kernel=2
0332: field request_sense.ascq/information: bad offset: syz=13 kernel=3
0332: field request_sense.ascq/information: bad size: syz=1 kernel=4
0333: field request_sense.fruc/add_sense_len: bad offset: syz=14 kernel=7
0334: field request_sense.sks/command_info: bad offset: syz=15 kernel=8
0334: field request_sense.sks/command_info: bad size: syz=3 kernel=4
0335: field request_sense.asb/asc: bad offset: syz=18 kernel=12
0335: field request_sense.asb/asc: bad size: syz=46 kernel=1
@@ -0,0 +1,26 @@
0114: struct drm_unique_in: no corresponding struct in kernel
0119: struct drm_unique_out: no corresponding struct in kernel
0131: struct drm_map: no corresponding struct in kernel
0140: struct drm_client: bad number of fields: syz=8 kernel=6
0143: field drm_client.pid/pid: bad size: syz=4 kernel=8
0145: field drm_client.pid_pad/uid: bad offset: syz=12 kernel=16
0145: field drm_client.pid_pad/uid: bad size: syz=4 kernel=8
0146: field drm_client.uid/magic: bad offset: syz=16 kernel=24
0146: field drm_client.uid/magic: bad size: syz=4 kernel=8
0148: field drm_client.uid_pad/iocs: bad offset: syz=20 kernel=32
0148: field drm_client.uid_pad/iocs: bad size: syz=4 kernel=8
0165: struct drm_ctx_priv_map: no corresponding struct in kernel
0170: struct drm_ctx: no corresponding struct in kernel
0175: struct drm_ctx_res: no corresponding struct in kernel
0180: struct drm_lock: no corresponding struct in kernel
0185: struct drm_buf_desc: no corresponding struct in kernel
0195: struct drm_buf_map: no corresponding struct in kernel
0201: struct drm_buf_pub: no corresponding struct in kernel
0208: struct drm_buf_free: no corresponding struct in kernel
0213: struct drm_dma: no corresponding struct in kernel
0226: struct drm_control: no corresponding struct in kernel
0243: struct drm_scatter_gather: no corresponding struct in kernel
0248: struct drm_wait_vblank: no corresponding struct in kernel
0303: struct drm_mode_crtc: bad number of fields: syz=8 kernel=9
0311: field drm_mode_crtc.mode/mode_valid: bad size: syz=68 kernel=4
0326: field drm_mode_modeinfo.vrefr/vrefresh: bad size: syz=2 kernel=4
@@ -0,0 +1 @@
0029: struct hidraw_get_report_arg: no corresponding struct in kernel
@@ -0,0 +1 @@
0032: struct i2c_smbus_data: no corresponding struct in kernel

0 comments on commit 64ca0a3

Please sign in to comment.
You can’t perform that action at this time.