diff options
| author | Andrey Konovalov <andreyknvl@google.com> | 2019-04-18 15:26:54 +0200 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2019-04-23 23:37:02 +0300 |
| commit | 4d3d6a50073a000e77372557752808f58154d68e (patch) | |
| tree | c00515da6422003262fe74de777163f6a76d66c7 /executor | |
| parent | deda7c38f91177644d5e9ef2934cc5fcbe640257 (diff) | |
executor: adjust waiting time for all usb syzcalls
Allow 2000 ms of waiting time for syz_usb_connect and and the same time for
the whole program is this syzkall is present. Allow 200 ms of waiting time
for syz_usb_disconnect. Remove sleep from syz_usb_control_io.
Diffstat (limited to 'executor')
| -rw-r--r-- | executor/common_usb.h | 2 | ||||
| -rw-r--r-- | executor/executor.cc | 22 |
2 files changed, 14 insertions, 10 deletions
diff --git a/executor/common_usb.h b/executor/common_usb.h index a491a2297..5b5fa87ac 100644 --- a/executor/common_usb.h +++ b/executor/common_usb.h @@ -411,8 +411,6 @@ reply: debug("syz_usb_control_io: reply length = %d\n", response.inner.length); usb_fuzzer_ep0_write(fd, (struct usb_fuzzer_ep_io*)&response); - sleep_ms(200); - return 0; } #endif diff --git a/executor/executor.cc b/executor/executor.cc index 1c9d857c8..fad53657c 100644 --- a/executor/executor.cc +++ b/executor/executor.cc @@ -572,15 +572,20 @@ retry: } int call_index = 0; - bool usb_prog = false; + bool collect_extra_cover = false; + int prog_extra_timeout = 0; for (;;) { uint64 call_num = read_input(&input_pos); if (call_num == instr_eof) break; - bool usb_call = false; + int call_extra_timeout = 0; if (strcmp(syscalls[call_num].name, "syz_usb_connect") == 0) { - usb_prog = true; - usb_call = true; + collect_extra_cover = true; + prog_extra_timeout = 2000; + call_extra_timeout = 2000; + } + if (strcmp(syscalls[call_num].name, "syz_usb_disconnect") == 0) { + call_extra_timeout = 200; } if (call_num == instr_copyin) { char* addr = (char*)read_input(&input_pos); @@ -690,7 +695,9 @@ retry: } else if (flag_threaded) { // Wait for call completion. // Note: sys knows about this 25ms timeout when it generates timespec/timeval values. - const uint64 timeout_ms = usb_call ? 2000 : (flag_debug ? 1000 : 45); + uint64 timeout_ms = 45 + call_extra_timeout; + if (flag_debug && timeout_ms < 1000) + timeout_ms = 1000; if (event_timedwait(&th->done, timeout_ms)) handle_completion(th); // Check if any of previous calls have completed. @@ -718,8 +725,7 @@ retry: uint64 wait_end = wait_start + wait; if (wait_end < start + 800) wait_end = start + 800; - if (usb_prog) - wait_end += 2000; + wait_end += prog_extra_timeout; while (running > 0 && current_time_ms() <= wait_end) { sleep_ms(1); for (int i = 0; i < kMaxThreads; i++) { @@ -746,7 +752,7 @@ retry: close_fds(); #endif - if (!colliding && !collide && usb_prog) { + if (!colliding && !collide && collect_extra_cover) { sleep_ms(500); write_extra_output(); } |