Open nrb547 opened 1 year ago
this tool syz-trace2syz's status is outdated now .
I used your example (tools/syz-trace2syz/trace2syz.go) to invoke strace:
strace -o trace -a 1 -s 65500 -v -xx -f -Xraw ls
Running trace2-syz for this trace made it log parsing errors, such as:
`panic: unknown target: linux/amd64 (supported: [])
goroutine 1 [running]: github.com/google/syzkaller/tools/syz-trace2syz/proggen.glob..func1() /root/syzkaller/tools/syz-trace2syz/proggen/fuzz.go:18 +0x105 github.com/google/syzkaller/tools/syz-trace2syz/proggen.init() /root/syzkaller/tools/syz-trace2syz/proggen/fuzz.go:25 +0x81d `
To avoid the panic: unknown target: linux/amd64 (supported: [])
problem, first compile syzkaller itself before compiling its individual tools. It auto-generates some necessary .go
files as a part of its build process.
Or make sure you build the tool via make trace2syz
rather than go build
.
Description
I wanted to try trace2syz, but it seems like the tool is outdated, for instance it cannot deal with
rt_sigaction
calls,<wait4 resumed...>
logs, and apparently some buffer type.Reproduction
I used your example (tools/syz-trace2syz/trace2syz.go) to invoke strace:
strace -o trace -a 1 -s 65500 -v -xx -f -Xraw ./a.out
I ran it on a simple script which enables the loopback interface (with raised privileges):
#!/bin/sh ip link set dev lo up
Running trace2-syz for this trace made it log parsing errors, such as:
I decided to minimize the trace by hand, so I deleted the
wait4
,ELF/libc
handling lines. Also, I deleted everything until I saw the actual program invoked related to opening sockets, etc.Then this issue occurred:
Trace: