sys/freebsd: avoid mangling syscall names

syz-extract was removing certain prefixes from syscall names, but this caused some problems: - freebsd* prefixes are for compatibility syscalls when the syscall ABI has changed. For instance, we have both fstat() and freebsd11_fstat(), and it is desirable to fuzz them both. - Stripping prefixes may leave us with undefined SYS_ constants. This resulted in some test failures in pkg/csource, which emitted code referencing SYS_semctl when it should have been SYS___semctl. Fix the problem by updating syscall descriptions to match the names given by the FreeBSD kernel. Add some new descriptions for compatibility syscalls, fix the mknodat() description (dev_t is now 64 bits wide on FreeBSD), and remove mknod$loop, which appears to be Linux-specific.
xairy · Mar 7, 2019 · 4fc2fa5 · 4fc2fa5
1 parent c08c1cd
commit 4fc2fa5
Show file tree

Hide file tree

Showing 10 changed files with 257 additions and 231 deletions.
diff --git a/executor/defs.h b/executor/defs.h
@@ -20,7 +20,7 @@
 
 #if GOARCH_amd64
 #define GOARCH "amd64"
-#define SYZ_REVISION "87222f38848c14df07a6a0304da0b1915e3396bb"
+#define SYZ_REVISION "873616249e74ae100e93afb6a14e4fef92b3acc4"
 #define SYZ_EXECUTOR_USES_FORK_SERVER 1
 #define SYZ_EXECUTOR_USES_SHMEM 1
 #define SYZ_PAGE_SIZE 4096

diff --git a/executor/syscalls.h b/executor/syscalls.h
@@ -226,6 +226,20 @@ const call_t syscalls[] = {
 
 #if GOARCH_amd64
 const call_t syscalls[] = {
+    {"__getcwd", 326},
+    {"__semctl$GETALL", 510},
+    {"__semctl$GETNCNT", 510},
+    {"__semctl$GETPID", 510},
+    {"__semctl$GETVAL", 510},
+    {"__semctl$GETZCNT", 510},
+    {"__semctl$IPC_INFO", 510},
+    {"__semctl$IPC_RMID", 510},
+    {"__semctl$IPC_SET", 510},
+    {"__semctl$IPC_STAT", 510},
+    {"__semctl$SEM_INFO", 510},
+    {"__semctl$SEM_STAT", 510},
+    {"__semctl$SETALL", 510},
+    {"__semctl$SETVAL", 510},
     {"accept", 30},
     {"accept$inet", 30},
     {"accept$inet6", 30},
@@ -270,12 +284,17 @@ const call_t syscalls[] = {
     {"fcntl$setstatus", 92},
     {"fdatasync", 550},
     {"flock", 131},
+    {"freebsd10_pipe", 42},
+    {"freebsd11_fstat", 189},
+    {"freebsd11_getdents", 272},
+    {"freebsd11_lstat", 190},
+    {"freebsd11_mknod", 14},
+    {"freebsd11_mknodat", 498},
+    {"freebsd11_stat", 188},
     {"fstat", 551},
     {"fsync", 95},
     {"ftruncate", 480},
     {"futimesat", 494},
-    {"getcwd", 326},
-    {"getdents", 272},
     {"getegid", 43},
     {"geteuid", 25},
     {"getgid", 47},
@@ -409,13 +428,10 @@ const call_t syscalls[] = {
     {"linkat", 495},
     {"listen", 106},
     {"lseek", 478},
-    {"lstat", 190},
     {"madvise", 75},
     {"mincore", 78},
     {"mkdir", 136},
     {"mkdirat", 496},
-    {"mknod", 14},
-    {"mknod$loop", 14},
     {"mknodat", 559},
     {"mlock", 203},
     {"mlockall", 324},
@@ -437,7 +453,6 @@ const call_t syscalls[] = {
     {"open", 5},
     {"open$dir", 5},
     {"openat", 499},
-    {"pipe", 42},
     {"pipe2", 542},
     {"poll", 209},
     {"ppoll", 545},
@@ -456,19 +471,6 @@ const call_t syscalls[] = {
     {"renameat", 501},
     {"rmdir", 137},
     {"select", 93},
-    {"semctl$GETALL", 510},
-    {"semctl$GETNCNT", 510},
-    {"semctl$GETPID", 510},
-    {"semctl$GETVAL", 510},
-    {"semctl$GETZCNT", 510},
-    {"semctl$IPC_INFO", 510},
-    {"semctl$IPC_RMID", 510},
-    {"semctl$IPC_SET", 510},
-    {"semctl$IPC_STAT", 510},
-    {"semctl$SEM_INFO", 510},
-    {"semctl$SEM_STAT", 510},
-    {"semctl$SETALL", 510},
-    {"semctl$SETVAL", 510},
     {"semget", 221},
     {"semget$private", 221},
     {"semop", 222},
@@ -647,7 +649,6 @@ const call_t syscalls[] = {
     {"socket$unix", 97},
     {"socketpair", 135},
     {"socketpair$unix", 135},
-    {"stat", 188},
     {"symlink", 57},
     {"symlinkat", 502},
     {"sync", 36},

diff --git a/sys/freebsd/gen/amd64.go b/sys/freebsd/gen/amd64.go
diff --git a/sys/freebsd/ipc.txt b/sys/freebsd/ipc.txt
@@ -13,7 +13,7 @@ resource ipc[int32]: 0, 0xffffffffffffffff
 
 # TODO: describe ipc syscall
 
-define SYS_semctl	510
+define SYS___semctl	510
 
 resource ipc_msq[ipc]
 msgget(key proc[2039379027, 4], flags flags[msgget_flags]) ipc_msq
@@ -29,19 +29,19 @@ resource ipc_sem[ipc]
 semget(key proc[2039359027, 4], nsems flags[sem_sem_id], flags flags[semget_flags]) ipc_sem
 semget$private(key const[IPC_PRIVATE], nsems flags[sem_sem_id], flags flags[semget_flags]) ipc_sem
 semop(semid ipc_sem, ops ptr[in, array[sembuf]], nops len[ops])
-semctl$IPC_STAT(semid ipc_sem, semnum const[0], cmd const[IPC_STAT], arg buffer[out])
-semctl$IPC_SET(semid ipc_sem, semnum const[0], cmd const[IPC_SET], arg ptr[in, semid_ds])
-semctl$IPC_RMID(semid ipc_sem, semnum const[0], cmd const[IPC_RMID])
-semctl$IPC_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[IPC_INFO], buf buffer[out])
-semctl$SEM_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_INFO], arg buffer[out])
-semctl$SEM_STAT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_STAT], arg buffer[out])
-semctl$GETALL(semid ipc_sem, semnum const[0], cmd const[GETALL], arg buffer[out])
-semctl$GETNCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETNCNT], arg buffer[out])
-semctl$GETPID(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETPID], arg buffer[out])
-semctl$GETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETVAL], arg buffer[out])
-semctl$GETZCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETZCNT], arg buffer[out])
-semctl$SETALL(semid ipc_sem, semnum const[0], cmd const[SETALL], arg ptr[in, array[int16]])
-semctl$SETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SETVAL], arg ptr[in, int32])
+__semctl$IPC_STAT(semid ipc_sem, semnum const[0], cmd const[IPC_STAT], arg buffer[out])
+__semctl$IPC_SET(semid ipc_sem, semnum const[0], cmd const[IPC_SET], arg ptr[in, semid_ds])
+__semctl$IPC_RMID(semid ipc_sem, semnum const[0], cmd const[IPC_RMID])
+__semctl$IPC_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[IPC_INFO], buf buffer[out])
+__semctl$SEM_INFO(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_INFO], arg buffer[out])
+__semctl$SEM_STAT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SEM_STAT], arg buffer[out])
+__semctl$GETALL(semid ipc_sem, semnum const[0], cmd const[GETALL], arg buffer[out])
+__semctl$GETNCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETNCNT], arg buffer[out])
+__semctl$GETPID(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETPID], arg buffer[out])
+__semctl$GETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETVAL], arg buffer[out])
+__semctl$GETZCNT(semid ipc_sem, semnum flags[sem_sem_id], cmd const[GETZCNT], arg buffer[out])
+__semctl$SETALL(semid ipc_sem, semnum const[0], cmd const[SETALL], arg ptr[in, array[int16]])
+__semctl$SETVAL(semid ipc_sem, semnum flags[sem_sem_id], cmd const[SETVAL], arg ptr[in, int32])
 
 resource ipc_shm[ipc]
 resource shmaddr[intptr]: 0

diff --git a/sys/freebsd/ipc_amd64.const b/sys/freebsd/ipc_amd64.const
@@ -25,13 +25,10 @@ SHM_RND = 8192
 SHM_STAT = 13
 SHM_UNLOCK = 12
 SYS___semctl = 510
-SYS_freebsd7_msgctl = 224
-SYS_freebsd7_shmctl = 229
 SYS_msgctl = 511
 SYS_msgget = 225
 SYS_msgrcv = 227
 SYS_msgsnd = 226
-SYS_semctl = 510
 SYS_semget = 221
 SYS_semop = 222
 SYS_shmat = 228

diff --git a/sys/freebsd/posix_fs.txt b/sys/freebsd/posix_fs.txt
@@ -28,7 +28,11 @@ lseek(fd fd, offset fileoff, whence flags[seek_whence])
 dup(oldfd fd) fd
 dup2(oldfd fd, newfd fd) fd
 pipe2(pipefd ptr[out, pipefd], flags flags[pipe_flags])
+freebsd10_pipe(pipefd ptr[out, pipefd])
 fstat(fd fd, statbuf ptr[out, stat])
+freebsd11_stat(file ptr[in, filename], statbuf ptr[out, freebsd11_stat])
+freebsd11_fstat(fd fd, statbuf ptr[out, freebsd11_stat])
+freebsd11_lstat(file ptr[in, filename], statbuf ptr[out, freebsd11_stat])
 
 pipefd {
 	rfd	fd
@@ -45,25 +49,54 @@ iovec_out {
 	len	len[addr, intptr]
 }
 
-stat {
-	dev	int16
+freebsd11_stat {
+	dev	int32
 	ino	int32
 	mode	int16
 	nlink	int16
 	uid	uid
 	gid	gid
-	rdev	int16
-	size	int32
+	rdev	int32
+	atime	int64
+	ansec	int64
+	mtime	int64
+	mnsec	int64
+	ctime	int64
+	cnsec	int64
+	size	int64
+	blocks	int64
+	blksize	int32
+	flags	int32
+	gen	int32
+	__spare	const[0, int32]
+	btime	int64
+	bnsec	int64
+}
+
+stat {
+	dev	int64
+	ino	int64
+	nlink	int64
+	mode	int16
+	__pad0	const[0, int16]
+	uid	uid
+	gid	gid
+	__pad1	const[0, int32]
+	rdev	int64
+	atime	int64
+	ansec	int64
+	mtime	int64
+	mnsec	int64
+	ctime	int64
+	cnsec	int64
+	btime	int64
+	bnsec	int64
+	size	int64
+	blocks	int64
 	blksize	int32
-	blocks	int32
-	atime	int32
-	ansec	int32
-	mtime	int32
-	mnsec	int32
-	ctime	int32
-	cnsec	int32
-	pad1	const[0, int32]
-	pad2	const[0, int32]
+	flags	int32
+	gen	int64
+	__spare	array[int64, 10]
 }
 
 open_flags = O_RDONLY, O_WRONLY, O_RDWR, O_APPEND, FASYNC, O_CLOEXEC, O_CREAT, O_DIRECT, O_DIRECTORY, O_EXCL, O_NOCTTY, O_NOFOLLOW, O_NONBLOCK, O_SYNC, O_TRUNC

diff --git a/sys/freebsd/posix_fs_amd64.const b/sys/freebsd/posix_fs_amd64.const
@@ -23,7 +23,10 @@ SEEK_SET = 0
 SYS_close = 6
 SYS_dup = 41
 SYS_dup2 = 90
+SYS_freebsd10_pipe = 42
 SYS_freebsd11_fstat = 189
+SYS_freebsd11_lstat = 190
+SYS_freebsd11_stat = 188
 SYS_fstat = 551
 SYS_lseek = 478
 SYS_open = 5

diff --git a/sys/freebsd/sys.txt b/sys/freebsd/sys.txt
@@ -19,13 +19,8 @@ include <sys/wait.h>
 
 syz_execute_func(text ptr[in, text[target]])
 
-pipe(pipefd ptr[out, pipefd])
-
 sendfile(fdout fd, fdin fd, off ptr[inout, fileoff[int64], opt], count int64)
 
-stat(file ptr[in, filename], statbuf ptr[out, stat])
-lstat(file ptr[in, filename], statbuf ptr[out, stat])
-
 poll(fds ptr[in, array[pollfd]], nfds len[fds], timeout int32)
 ppoll(fds ptr[in, array[pollfd]], nfds len[fds], tsp ptr[in, timespec], sigmask ptr[in, sigset], size len[sigmask])
 select(n len[inp], inp ptr[inout, fd_set], outp ptr[inout, fd_set], exp ptr[inout, fd_set], tvp ptr[inout, timeval])
@@ -40,9 +35,9 @@ fcntl$lock(fd fd, cmd flags[fcntl_lock], lock ptr[in, flock])
 fcntl$getown(fd fd, cmd const[F_GETOWN]) pid
 fcntl$setown(fd fd, cmd const[F_SETOWN], pid pid)
 
-mknod(file ptr[in, filename], mode flags[mknod_mode], dev int32)
-mknod$loop(file ptr[in, filename], mode flags[mknod_mode], dev proc[1792, 2])
-mknodat(dirfd fd_dir, file ptr[in, filename], mode flags[mknod_mode], dev int32)
+mknodat(dirfd fd_dir, file ptr[in, filename], mode flags[mknod_mode], dev int64)
+freebsd11_mknod(file ptr[in, filename], mod flags[mknod_mode], dev int32)
+freebsd11_mknodat(dirfd fd_dir, file ptr[in, filename], mod flags[mknod_mode], dev int32)
 chmod(file ptr[in, filename], mode flags[open_mode])
 fchmod(fd fd, mode flags[open_mode])
 fchmodat(dirfd fd_dir, file ptr[in, filename], mode flags[open_mode])
@@ -95,9 +90,9 @@ flock(fd fd, op flags[flock_op])
 fsync(fd fd)
 fdatasync(fd fd)
 sync()
-getdents(fd fd_dir, ent buffer[out], count len[ent])
+freebsd11_getdents(fd fd_dir, ent buffer[out], count len[ent])
 chroot(dir ptr[in, filename])
-getcwd(buf buffer[out], size len[buf])
+__getcwd(buf buffer[out], size len[buf])
 chdir(dir ptr[in, filename])
 fchdir(fd fd)
 

diff --git a/sys/freebsd/sys_amd64.const b/sys/freebsd/sys_amd64.const
@@ -56,6 +56,7 @@ RLIMIT_STACK = 3
 RUSAGE_CHILDREN = 18446744073709551615
 RUSAGE_SELF = 0
 RUSAGE_THREAD = 1
+SYS___getcwd = 326
 SYS_chdir = 12
 SYS_chmod = 15
 SYS_chown = 16
@@ -75,12 +76,12 @@ SYS_fchownat = 491
 SYS_fcntl = 92
 SYS_fdatasync = 550
 SYS_flock = 131
+SYS_freebsd11_getdents = 272
+SYS_freebsd11_mknod = 14
 SYS_freebsd11_mknodat = 498
 SYS_fsync = 95
 SYS_ftruncate = 480
 SYS_futimesat = 494
-SYS_getcwd = 326
-SYS_getdents = 272
 SYS_getegid = 43
 SYS_geteuid = 25
 SYS_getgid = 47
@@ -97,14 +98,11 @@ SYS_getuid = 24
 SYS_lchown = 254
 SYS_link = 9
 SYS_linkat = 495
-SYS_lstat = 190
 SYS_mincore = 78
 SYS_mkdir = 136
 SYS_mkdirat = 496
-SYS_mknod = 14
 SYS_mknodat = 559
 SYS_nanosleep = 240
-SYS_pipe = 42
 SYS_poll = 209
 SYS_ppoll = 545
 SYS_readlink = 58
@@ -125,7 +123,6 @@ SYS_setreuid = 126
 SYS_setrlimit = 195
 SYS_setuid = 23
 SYS_sigaltstack = 53
-SYS_stat = 188
 SYS_symlink = 57
 SYS_symlinkat = 502
 SYS_sync = 36

diff --git a/sys/syz-extract/freebsd.go b/sys/syz-extract/freebsd.go
@@ -55,33 +55,5 @@ func (*freebsd) processFile(arch *Arch, info *compiler.ConstInfo) (map[string]ui
 			args = append(args, "-I"+dir)
 		}
 	}
-	// Syscall consts on freebsd have weird prefixes sometimes,
-	// try to extract consts with these prefixes as well.
-	compatNames := make(map[string][]string)
-	for _, val := range info.Consts {
-		const SYS = "SYS_"
-		if strings.HasPrefix(val, SYS) {
-			for _, prefix := range []string{"__", "freebsd11_", "freebsd10_", "freebsd7_"} {
-				compat := SYS + prefix + val[len(SYS):]
-				compatNames[val] = append(compatNames[val], compat)
-				info.Consts = append(info.Consts, compat)
-			}
-		} else {
-			compat := "LINUX_" + val
-			compatNames[val] = append(compatNames[val], compat)
-			info.Consts = append(info.Consts, compat)
-		}
-	}
-	res, undeclared, err := extract(info, "gcc", args, "#include <sys/syscall.h>", true)
-	for orig, compats := range compatNames {
-		for _, compat := range compats {
-			if undeclared[orig] && !undeclared[compat] {
-				res[orig] = res[compat]
-				delete(res, compat)
-				delete(undeclared, orig)
-			}
-			delete(undeclared, compat)
-		}
-	}
-	return res, undeclared, err
+	return extract(info, "gcc", args, "#include <sys/syscall.h>", true)
 }