executor: arm: check for zero VM handle in syz_kvm_add_vcpu()

When running syscalls asynchronously, syz_kvm_add_vcpu() sometimes receives a zero VM handle, on which it then crashes. Check for the zero value to ensure stability of the tests in sys/linux/tests. Also make sure to set errno for the pseudo-syscall in the cases where it's not done by the underlying syscalls.
author: Alexander Potapenko <glider@google.com> 2024-11-29 11:14:27 +0100
committer: Alexander Potapenko <glider@google.com> 2024-12-06 09:15:15 +0000
commit: 5132a90423156e48e17421311db239954b074c6c (patch)
tree: 3cfa557a67208cf2babf6f19ed8b493107ef852b /executor
parent: db71b33259eecad538948bd227ac995db11079c6 (diff)
1 files changed, 7 insertions, 1 deletions
diff --git a/executor/common_kvm_arm64.h b/executor/common_kvm_arm64.h
index 59b01201a..66697b2cf 100644
--- a/executor/common_kvm_arm64.h
+++ b/executor/common_kvm_arm64.h
@@ -267,8 +267,14 @@ static long syz_kvm_add_vcpu(volatile long a0, volatile long a1, volatile long a
 	const struct kvm_opt* const opt_array_ptr = (struct kvm_opt*)a2;
 	uintptr_t opt_count = a3;
 
-	if (vm->next_cpu_id == KVM_MAX_VCPU)
+	if (!vm) {
+		errno = EINVAL;
 		return -1;
+	}
+	if (vm->next_cpu_id == KVM_MAX_VCPU) {
+		errno = ENOMEM;
+		return -1;
+	}
 	int cpu_id = vm->next_cpu_id;
 	int cpufd = ioctl(vm->vmfd, KVM_CREATE_VCPU, cpu_id);
 	if (cpufd == -1)
author	Alexander Potapenko <glider@google.com>	2024-11-29 11:14:27 +0100
committer	Alexander Potapenko <glider@google.com>	2024-12-06 09:15:15 +0000
commit	5132a90423156e48e17421311db239954b074c6c (patch)
tree	3cfa557a67208cf2babf6f19ed8b493107ef852b /executor
parent	db71b33259eecad538948bd227ac995db11079c6 (diff)