[Skiboot] skiboot + AFL fuzz test for 'libstb' unit tests

Nageswara R Sastry nasastry at in.ibm.com
Fri Nov 11 23:52:12 AEDT 2016 

Sorry if it is a duplicate, I sent through my linux vnet id but there is 
no mail sent at all. So sending through lotus notes id.



Did a little hack to file libc/string/strdup.c

line # 16:
char *strdup(const char *src) changed to char *(strdup)(const char *src)


And now with ‘make check’ seeing the following 

        [ RUN-TEST ]   core/test/run-mem_region_reservations
run-mem_region_reservations: core/test/../mem_region.c:472: void 
mem_free(struct mem_region *, void *, const char *): Assertion `mem < 
region_start(region) + region->len' failed.
./test/run.sh: line 7: 20971 Aborted                 (core dumped) $* 2>&1 
> $t
MEM: parsing reserved memory from reserved-names/-ranges properties
Releasing unused memory:
    ibm,firmware-heap: 1192/4096 used
    ibm,firmware-allocs-memory at 5204170: 0/1048576 used
Reserved regions:
  0x000000004000..000000004fff : test.3
/home/rnsastry/skiboot/core/test/Makefile.check:49: recipe for target 
'core/test/run-mem_region_reservations-check' failed
make: *** [core/test/run-mem_region_reservations-check] Error 134

The above created a file named vgcore.20971 (13MB)

Tested the above on today’s git (11th Nov 2016 5:32 PM IST)

gdb shows …

rnsastry at rnsastry-VirtualBox:~/skiboot$ gdb 
core/test/run-mem_region_reservations vgcore.20971
GNU gdb (Ubuntu 7.11.1-0ubuntu1~16.04) 7.11.1
Copyright (C) 2016 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <
http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from core/test/run-mem_region_reservations...done.

warning: core file may not match specified executable file.
[New LWP 20971]
Core was generated by `'.
Program terminated with signal SIGABRT, Aborted.
#0  0x0000000004e6f428 in __GI_raise (sig=sig at entry=6) at 
../sysdeps/unix/sysv/linux/raise.c:54
54      ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
#0  0x0000000004e6f428 in __GI_raise (sig=sig at entry=6) at 
../sysdeps/unix/sysv/linux/raise.c:54
#1  0x0000000004e7102a in __GI_abort () at abort.c:89
#2  0x0000000004e67bd7 in __assert_fail_base (fmt=<optimized out>, 
assertion=assertion at entry=0x4131bb "mem < region_start(region) + 
region->len",
    file=file at entry=0x4130d2 "core/test/../mem_region.c", 
line=line at entry=472,
    function=function at entry=0x413157 "void mem_free(struct mem_region *, 
void *, const char *)") at assert.c:92
#3  0x0000000004e67c82 in __GI___assert_fail (assertion=0x4131bb "mem < 
region_start(region) + region->len", file=0x4130d2 
"core/test/../mem_region.c", line=472,
    function=0x413157 "void mem_free(struct mem_region *, void *, const 
char *)") at assert.c:101
#4  0x0000000000402073 in mem_free (region=<optimized out>, mem=<optimized 
out>, location=0xb4 <error: Cannot access memory at address 0xb4>)
    at core/test/../mem_region.c:472
#5  0x0000000000408069 in __free (p=0x5305420, location=<optimized out>) 
at core/test/../malloc.c:43
#6  mem_region_add_dt_reserved_node (parent=<optimized out>, 
region=<optimized out>) at core/test/../mem_region.c:1122
#7  mem_region_add_dt_reserved () at core/test/../mem_region.c:1178
#8  0x00000000004118fc in main () at 
core/test/run-mem_region_reservations.c:218
(gdb) i r
rax            0x0      0
rbx            0x4028000        67272704
rcx            0x4e6f428        82244648
rdx            0x6      6
rsi            0x51eb   20971
rdi            0x51eb   20971
rbp            0x4131bb 0x4131bb
rsp            0xfff000658      0xfff000658
r8             0xb4     180
r9             0x0      0
r10            0x8      8
r11            0x5305730        87054128
r12            0x1d8    472
r13            0x413157 4272471
r14            0x7      7
r15            0x5305420        87053344
rip            0x4e6f428        0x4e6f428 <__GI_raise+56>
eflags         0x44     [ PF ZF ]
cs             0x0      0
ss             0x0      0
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0


please let me know if you need more information. Thank you.





Thank you very much.

Kind Regards,
R.Nageswara Sastry, CSTE®,C|EH®,CSTM®
Linux Technology Center
Phone - +91-80-40255027
Internet mail - nasastry at in.ibm.com/rnsastry at linux.vnet.ibm.com
Develop your initiative. Do something no one else has done - Thomson J 
Watson, Sr.
**Think Green  - Please print responsibly**

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/skiboot/attachments/20161111/2e8267b8/attachment.html>

More information about the Skiboot mailing list