[google/syzkaller] bc3f64: pkg/runtest: fix a null deref in checkCallResult
3 views
Skip to first unread message
Alexander Potapenko
Sep 19, 2025, 4:38:55 AM (10 days ago) Sep 19
to syzk...@googlegroups.com
Branch: refs/heads/gh-readonly-queue/master/pr-6364-e2beed91937c0ace342f19a2e9afb67adb3a828a
Home: https://github.com/google/syzkaller
Commit: bc3f649c1cdcc44bee1e351e1326a9072393736a
https://github.com/google/syzkaller/commit/bc3f649c1cdcc44bee1e351e1326a9072393736a
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M pkg/runtest/run.go
Log Message:
-----------
pkg/runtest: fix a null deref in checkCallResult
Pseudo-syscalls from noCovSyscalls may not generate any coverage, which
leads to a crash in the following line:
if len(inf.Signal) < 2 && !calls[callName] && len(info.Extra.Signal)
Make sure that this check is only done for calls not belonging to
noCovSyscalls.
Commit: 2a4c6c0dbed891610b6d10f663c797e9e80d1981
https://github.com/google/syzkaller/commit/2a4c6c0dbed891610b6d10f663c797e9e80d1981
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A executor/common_kvm.h
M executor/common_kvm_386.h
M executor/common_kvm_amd64.h
M executor/common_kvm_arm64.h
M executor/common_linux.h
M pkg/runtest/run.go
M pkg/vminfo/linux_syscalls.go
M sys/linux/dev_kvm_amd64.txt
M sys/linux/dev_kvm_arm64.txt
Log Message:
-----------
executor: sys/linux/: pkg/runtest: pkg/vminfo: add syz_kvm_assert_syzos_kvm_exit
Implement a pseudo-syscall to check the value of kvm_run.exit_reason
Commit: 184fe589c4e27b7e7dcc12a43900b1c2d363e200
https://github.com/google/syzkaller/commit/184fe589c4e27b7e7dcc12a43900b1c2d363e200
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm-cpuid
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wrmsr-rdmsr
Log Message:
-----------
sys/linux/test: add syz_kvm_assert_syzos_kvm_exit() to amd64 tests
Not strictly necessary, because syz_kvm_assert_syzos_uexit() is checking
the exit reason, but should test the pseudo-syscall itself.
Commit: dd232cacbbd407c55bf26299264db0a2c3f0cfcf
https://github.com/google/syzkaller/commit/dd232cacbbd407c55bf26299264db0a2c3f0cfcf
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M executor/common_kvm_amd64_syzos.h
M sys/linux/dev_kvm_amd64.txt
Log Message:
-----------
sys/linux: executor: implement SYZOS_API_WR_DRN on x86
Add a SYZOS call to write to one of the debug registers
(DR0-DR7).
Commit: adbde109f03932b9eee8106ce8bad4bc506d0713
https://github.com/google/syzkaller/commit/adbde109f03932b9eee8106ce8bad4bc506d0713
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M executor/common_kvm_amd64_syzos.h
M sys/linux/dev_kvm_amd64.txt
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-in_dx-out_dx
Log Message:
-----------
sys/linux: executor: add IN_DX and OUT_DX to SYZOS x86 API
Add SYZOS calls that correspond to the IN and OUT x86 instructions
that perform port I/O.
These instructions have different variants, for now we just implement
the one that takes the port number from DX instead of encoding it in
the opcode.
Commit: ecab01f19835ae5984daf74b219e32cf85b053c8
https://github.com/google/syzkaller/commit/ecab01f19835ae5984daf74b219e32cf85b053c8
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M sys/linux/dev_kvm.txt
M sys/linux/dev_kvm.txt.const
M sys/linux/dev_kvm_amd64.txt
M sys/linux/dev_kvm_arm64.txt
A sys/linux/dev_kvm_extra.txt
Log Message:
-----------
sys/linux: rework ioctl$KVM_SET_GUEST_DEBUG
This ioctl accepts an arch-specific struct as an argument, so better split it
into several arch-specific ioctls.
To avoid compilation errors on exotic arches like MIPS, this patch also adds
sys/linux/dev_kvm_extra.txt that takes care of them.
While at it, also define KVM_GUESTDBG_USE_HW.
Commit: f04374a738f6693569f7e0c4ddb765081f433a0e
https://github.com/google/syzkaller/commit/f04374a738f6693569f7e0c4ddb765081f433a0e
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wr_drn
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wr_drn-shutdown
Log Message:
-----------
sys/linux/test: add tests for SYZOS_API_WR_DRN
Commit: 67c375600e44473aafff4ce6ff7abb90e4f4fff4
https://github.com/google/syzkaller/commit/67c375600e44473aafff4ce6ff7abb90e4f4fff4
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-hlt
Log Message:
-----------
sys/linux/test: add amd64-syz_kvm_setup_syzos_vm-hlt
The new test validates that KVM exits with KVM_EXIT_HLT when
encountering the x86 HLT instruction.
Compare: https://github.com/google/syzkaller/compare/bc3f649c1cdc%5E...67c375600e44
To unsubscribe from these emails, change your notification settings at https://github.com/google/syzkaller/settings/notifications
Home: https://github.com/google/syzkaller
Commit: bc3f649c1cdcc44bee1e351e1326a9072393736a
https://github.com/google/syzkaller/commit/bc3f649c1cdcc44bee1e351e1326a9072393736a
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M pkg/runtest/run.go
Log Message:
-----------
pkg/runtest: fix a null deref in checkCallResult
Pseudo-syscalls from noCovSyscalls may not generate any coverage, which
leads to a crash in the following line:
if len(inf.Signal) < 2 && !calls[callName] && len(info.Extra.Signal)
Make sure that this check is only done for calls not belonging to
noCovSyscalls.
Commit: 2a4c6c0dbed891610b6d10f663c797e9e80d1981
https://github.com/google/syzkaller/commit/2a4c6c0dbed891610b6d10f663c797e9e80d1981
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A executor/common_kvm.h
M executor/common_kvm_386.h
M executor/common_kvm_amd64.h
M executor/common_kvm_arm64.h
M executor/common_linux.h
M pkg/runtest/run.go
M pkg/vminfo/linux_syscalls.go
M sys/linux/dev_kvm_amd64.txt
M sys/linux/dev_kvm_arm64.txt
Log Message:
-----------
executor: sys/linux/: pkg/runtest: pkg/vminfo: add syz_kvm_assert_syzos_kvm_exit
Implement a pseudo-syscall to check the value of kvm_run.exit_reason
Commit: 184fe589c4e27b7e7dcc12a43900b1c2d363e200
https://github.com/google/syzkaller/commit/184fe589c4e27b7e7dcc12a43900b1c2d363e200
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm-cpuid
M sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wrmsr-rdmsr
Log Message:
-----------
sys/linux/test: add syz_kvm_assert_syzos_kvm_exit() to amd64 tests
Not strictly necessary, because syz_kvm_assert_syzos_uexit() is checking
the exit reason, but should test the pseudo-syscall itself.
Commit: dd232cacbbd407c55bf26299264db0a2c3f0cfcf
https://github.com/google/syzkaller/commit/dd232cacbbd407c55bf26299264db0a2c3f0cfcf
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M executor/common_kvm_amd64_syzos.h
M sys/linux/dev_kvm_amd64.txt
Log Message:
-----------
sys/linux: executor: implement SYZOS_API_WR_DRN on x86
Add a SYZOS call to write to one of the debug registers
(DR0-DR7).
Commit: adbde109f03932b9eee8106ce8bad4bc506d0713
https://github.com/google/syzkaller/commit/adbde109f03932b9eee8106ce8bad4bc506d0713
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M executor/common_kvm_amd64_syzos.h
M sys/linux/dev_kvm_amd64.txt
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-in_dx-out_dx
Log Message:
-----------
sys/linux: executor: add IN_DX and OUT_DX to SYZOS x86 API
Add SYZOS calls that correspond to the IN and OUT x86 instructions
that perform port I/O.
These instructions have different variants, for now we just implement
the one that takes the port number from DX instead of encoding it in
the opcode.
Commit: ecab01f19835ae5984daf74b219e32cf85b053c8
https://github.com/google/syzkaller/commit/ecab01f19835ae5984daf74b219e32cf85b053c8
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
M sys/linux/dev_kvm.txt
M sys/linux/dev_kvm.txt.const
M sys/linux/dev_kvm_amd64.txt
M sys/linux/dev_kvm_arm64.txt
A sys/linux/dev_kvm_extra.txt
Log Message:
-----------
sys/linux: rework ioctl$KVM_SET_GUEST_DEBUG
This ioctl accepts an arch-specific struct as an argument, so better split it
into several arch-specific ioctls.
To avoid compilation errors on exotic arches like MIPS, this patch also adds
sys/linux/dev_kvm_extra.txt that takes care of them.
While at it, also define KVM_GUESTDBG_USE_HW.
Commit: f04374a738f6693569f7e0c4ddb765081f433a0e
https://github.com/google/syzkaller/commit/f04374a738f6693569f7e0c4ddb765081f433a0e
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wr_drn
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-wr_drn-shutdown
Log Message:
-----------
sys/linux/test: add tests for SYZOS_API_WR_DRN
Commit: 67c375600e44473aafff4ce6ff7abb90e4f4fff4
https://github.com/google/syzkaller/commit/67c375600e44473aafff4ce6ff7abb90e4f4fff4
Author: Alexander Potapenko <gli...@google.com>
Date: 2025-09-19 (Fri, 19 Sep 2025)
Changed paths:
A sys/linux/test/amd64-syz_kvm_setup_syzos_vm-hlt
Log Message:
-----------
sys/linux/test: add amd64-syz_kvm_setup_syzos_vm-hlt
The new test validates that KVM exits with KVM_EXIT_HLT when
encountering the x86 HLT instruction.
Compare: https://github.com/google/syzkaller/compare/bc3f649c1cdc%5E...67c375600e44
To unsubscribe from these emails, change your notification settings at https://github.com/google/syzkaller/settings/notifications
Alexander Potapenko
Sep 19, 2025, 4:52:02 AM (10 days ago) Sep 19
to syzk...@googlegroups.com
Branch: refs/heads/master
Compare: https://github.com/google/syzkaller/compare/e2beed91937c...67c375600e44
Reply all
Reply to author
Forward
0 new messages