Dmitry Vyukov dvyukov
dvyukov
/ gist:75fd37f9ad6747abfe5f
Created
November 16, 2015 21:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <signal.h> | |
| #include <time.h> | |
| #include <unistd.h> | |
| #include <errno.h> | |
| #include <stdlib.h> | |
| #include <stdio.h> | |
| #include <sys/syscall.h> | |
| #include <pthread.h> | |
| void *thr(void *arg) { |
dvyukov
/ gist:451019c8fb14aa4565a4
Created
November 24, 2015 13:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Save the following log into memcg file, and then run: | |
| $ ./execprog -executor ./executor -debug=0 -cover=0 -threaded=1 -collide=1 -procs=16 -loop memcg | |
| // execprog and executor binaries are built from https://github.com/google/syzkaller | |
| 2015/11/24 02:00:19 executing program 3: | |
| mmap(&(0x7f0000000000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0) | |
| mmap(&(0x7f0000001000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0) | |
| prctl$intptr(0x26, 0x1) | |
| seccomp(0x1, 0x0, &(0x7f0000000000+0x4da)={0x3, &(0x7f0000002000-0x18)={{0x15, 0x0, 0x1, 0x0}, {0x4, 0x7, 0x31e04854, 0xb13}, {0x6, 0x73b8285d7d5712f1, 0x5, 0xfffffffffffffff9}}}) | |
| r0 = accept(0x1869f, &(0x7f0000002000+0xc52)=nil, &(0x7f0000002000+0x19d)=nil) |
dvyukov
/ gist:64c0b2dfe64047d90edd
Created
November 26, 2015 13:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| vmlinux: file format elf64-x86-64 | |
| Disassembly of section .text: | |
| ffffffff829d99d0 <tty_ioctl>: | |
| /* | |
| * Split this up, as gcc can choke on it otherwise.. |
dvyukov
/ gist:8e1fe39aeb1e457664fb
Created
November 26, 2015 13:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ================================================================== | |
| BUG: KASAN: use-after-free in tty_ioctl+0x1f06/0x2140 at addr ffff880061aa0968 | |
| Read of size 8 by task a.out/6241 | |
| ============================================================================= | |
| ser_gigaset: Serial Driver for Gigaset 307x using Siemens M101 | |
| gigaset: maximum number of devices exceeded | |
| BUG kmalloc-16 (Not tainted): kasan: bad access detected | |
| ----------------------------------------------------------------------------- | |
| Disabling lock debugging due to kernel taint |
dvyukov
/ gist:42bc81d1057c88fb6dcf
Created
December 11, 2015 12:13
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // AUTOGENERATED FILE | |
| package sys | |
| var Calls = []*Call{ | |
| &Call{ID: 0, Name: "open", CallName: "open", Ret: ResourceType{TypeCommon: TypeCommon{TypeName: "ret", IsOptional: false}, Kind: ResFD, Subkind: ResAny}, Args: []Type{PtrType{TypeCommon: TypeCommon{TypeName: "file", IsOptional: false}, Dir: DirIn, Type: FilenameType{TypeCommon: TypeCommon{TypeName: "file", IsOptional: false}}}, FlagsType{TypeCommon: TypeCommon{TypeName: "flags", IsOptional: false}, TypeSize: 0, Vals: []uintptr{0, 1, 2, 1024, 8192, 524288, 64, 16384, 65536, 128, 0, 262144, 256, 131072, 2048, 2097152, 1052672, 512}}, FlagsType{TypeCommon: TypeCommon{TypeName: "mode", IsOptional: false}, TypeSize: 0, Vals: []uintptr{256, 128, 64, 32, 16, 8, 4, 2, 1}}}}, | |
| &Call{ID: 1, Name: "openat", CallName: "openat", Ret: ResourceType{TypeCommon: TypeCommon{TypeName: "ret", IsOptional: false}, Kind: ResFD, Subkind: ResAny}, Args: []Type{ResourceType{TypeCommon: TypeCommon{TypeName: "fd", IsOptional: false}, Kind: ResFD, Subkind: FdDir}, PtrType{TypeCommo |
dvyukov
/ gist:e840d00cfefe66c5e064
Created
December 31, 2015 11:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // autogenerated by syzkaller (http://github.com/google/syzkaller) | |
| #include <unistd.h> | |
| #include <sys/syscall.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| int main() | |
| { | |
| syscall(SYS_mmap, 0x20000000ul, 0xa000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); | |
| int fd = syscall(SYS_socket, 0x10ul, 0x2ul, 0xbul, 0, 0, 0); |
dvyukov
/ gist:524b398f379440b21115
Last active
January 8, 2016 18:40
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // autogenerated by syzkaller (http://github.com/google/syzkaller) | |
| #include <unistd.h> | |
| #include <sys/syscall.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| #include <pthread.h> | |
| long r1[117]; | |
| void *thr1(void *arg) |
dvyukov
/ gist:fad55a75c516033c50a9
Created
January 12, 2016 09:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/crypto/af_alg.c b/crypto/af_alg.c | |
| index a8e7aa3..b8fb45a 100644 | |
| --- a/crypto/af_alg.c | |
| +++ b/crypto/af_alg.c | |
| @@ -125,6 +125,23 @@ int af_alg_release(struct socket *sock) | |
| } | |
| EXPORT_SYMBOL_GPL(af_alg_release); | |
| +void af_alg_release_parent(struct sock *sk) | |
| +{ |
dvyukov
/ gist:0bfc7714a09769ed80c0
Created
January 12, 2016 10:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| mmap(&(0x7f0000000000)=nil, (0x1e000), 0x3, 0x32, 0xffffffffffffffff, 0x0) | |
| r0 = socket(0xa, 0x1, 0x6) | |
| bind(r0, &(0x7f0000018000)="0a0033d6efe55c65000000000000000000000000000000014d3aa6ff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", 0x80) | |
| connect(r0, &(0x7f0000017000-0x1c)="0a0033d60e32665600000000000000000000000000000001bffed7fd", 0x1c) | |
| remap_file_pages(&(0x7f0000009000)=nil, (0x1000), 0x4, 0x9, 0x100) | |
| readahead(r0, 0x1, 0xfffffffffffffffc) | |
| setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000008000)=0x4, 0x4) | |
| sendto(r0, &(0x7f0000018000-0x7e)="5fb2a8739cb82b9265a174e31e8840f70c985969321a275144c0a933c2bb4a419ce2e504326fab0321f709e8652ab22c1a4a174d8741a646ff386d3c188631378b5f577672974330c62c76f0e2ff680d5da135a3b75667313fe3bed579d46e57577bb8ea7140c8de83605630cd3984732b0f81694c0e74df44912f9fce9d53", 0x7f, 0x8000, &(0x7f0000012000+0x778)="1000", 0x2) | |
| read(r0, &(0x7 |
dvyukov
/ gist:94aed45494edf1dff0a8
Created
January 12, 2016 16:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // autogenerated by syzkaller (http://github.com/google/syzkaller) | |
| #include <unistd.h> | |
| #include <sys/syscall.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| #include <pthread.h> | |
| long r[58]; | |
| void *thr(void *arg) |