diff options
| author | Dmitry Vyukov <dvyukov@google.com> | 2019-01-31 10:57:46 +0100 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2019-01-31 11:35:53 +0100 |
| commit | 25e10a043498087f9427f0698b341d051c310fc4 (patch) | |
| tree | 7e7b9416711039e1d1f22ba216959cd94134a199 /executor/executor.cc | |
| parent | 724adc544590747ce47c3be1b4a63951b7171188 (diff) | |
executor: remove ability to detect kernel bugs
This ability was never used but we maintain a bunch of code for it.
syzkaller also recently learned to spoof this error code
with some ptrace magic (probably intercepted control flow again
and exploited executor binary).
Drop all of it.
Diffstat (limited to 'executor/executor.cc')
| -rw-r--r-- | executor/executor.cc | 17 |
1 files changed, 1 insertions, 16 deletions
diff --git a/executor/executor.cc b/executor/executor.cc index d1d1f2694..798cae71e 100644 --- a/executor/executor.cc +++ b/executor/executor.cc @@ -60,12 +60,9 @@ const int kMaxArgs = 9; const int kCoverSize = 256 << 10; const int kFailStatus = 67; const int kRetryStatus = 69; -const int kErrorStatus = 68; // Logical error (e.g. invalid input program), use as an assert() alternative. static NORETURN PRINTF(1, 2) void fail(const char* msg, ...); -// Kernel error (e.g. wrong syscall return value). -NORETURN PRINTF(1, 2) void error(const char* msg, ...); // Just exit (e.g. due to temporal ENOMEM error). static NORETURN PRINTF(1, 2) void exitf(const char* msg, ...); static NORETURN void doexit(int status); @@ -404,7 +401,7 @@ int main(int argc, char** argv) } #if SYZ_EXECUTOR_USES_FORK_SERVER // Other statuses happen when fuzzer processes manages to kill loop. - if (status != kFailStatus && status != kErrorStatus) + if (status != kFailStatus) status = kRetryStatus; // If an external sandbox process wraps executor, the out pipe will be closed // before the sandbox process exits this will make ipc package kill the sandbox. @@ -415,8 +412,6 @@ int main(int argc, char** argv) errno = 0; if (status == kFailStatus) fail("loop failed"); - if (status == kErrorStatus) - error("loop errored"); // Loop can be killed by a test process with e.g.: // ptrace(PTRACE_SEIZE, 1, 0, 0x100040) // This is unfortunate, but I don't have a better solution than ignoring it for now. @@ -1353,16 +1348,6 @@ void fail(const char* msg, ...) doexit((e == ENOMEM || e == EAGAIN) ? kRetryStatus : kFailStatus); } -void error(const char* msg, ...) -{ - va_list args; - va_start(args, msg); - vfprintf(stderr, msg, args); - va_end(args); - fprintf(stderr, "\n"); - doexit(kErrorStatus); -} - void exitf(const char* msg, ...) { int e = errno; |