diff options
| author | Alexander Potapenko <glider@google.com> | 2025-09-17 12:22:00 +0200 |
|---|---|---|
| committer | Alexander Potapenko <glider@google.com> | 2025-09-19 08:38:14 +0000 |
| commit | bc3f649c1cdcc44bee1e351e1326a9072393736a (patch) | |
| tree | 454a2896a937ca69e4a2530e7a2bcafd203b3d64 /pkg/runtest | |
| parent | e2beed91937c0ace342f19a2e9afb67adb3a828a (diff) | |
pkg/runtest: fix a null deref in checkCallResult
Pseudo-syscalls from noCovSyscalls may not generate any coverage, which
leads to a crash in the following line:
if len(inf.Signal) < 2 && !calls[callName] && len(info.Extra.Signal)
Make sure that this check is only done for calls not belonging to
noCovSyscalls.
Diffstat (limited to 'pkg/runtest')
| -rw-r--r-- | pkg/runtest/run.go | 24 |
1 files changed, 9 insertions, 15 deletions
diff --git a/pkg/runtest/run.go b/pkg/runtest/run.go index 36159b9a7..99c5f4698 100644 --- a/pkg/runtest/run.go +++ b/pkg/runtest/run.go @@ -20,6 +20,7 @@ import ( "path/filepath" "regexp" "runtime" + "slices" "sort" "strconv" "strings" @@ -553,27 +554,20 @@ func checkCallResult(req *runRequest, isC bool, run, call int, info *flatrpc.Pro return nil } if req.ExecOpts.EnvFlags&flatrpc.ExecEnvSignal != 0 { + callName := req.Prog.Calls[call].Meta.CallName + // Pseudo-syscalls that might not provide any coverage when invoked. + noCovSyscalls := []string{"syz_btf_id_by_name", "syz_kvm_assert_syzos_uexit"} + isNoCov := slices.Contains(noCovSyscalls, callName) // Signal is always deduplicated, so we may not get any signal // on a second invocation of the same syscall. // For calls that are not meant to collect synchronous coverage we // allow the signal to be empty as long as the extra signal is not. - callName := req.Prog.Calls[call].Meta.CallName - if len(inf.Signal) < 2 && !calls[callName] && len(info.Extra.Signal) == 0 { + if !isNoCov && len(inf.Signal) < 2 && !calls[callName] && + len(info.Extra.Signal) == 0 { return fmt.Errorf("run %v: call %v: no signal", run, call) } - // Pseudo-syscalls that might not provide any coverage when invoked. - noCovSyscalls := []string{"syz_btf_id_by_name", "syz_kvm_assert_syzos_uexit"} - if len(inf.Cover) == 0 { - found := true - for _, s := range noCovSyscalls { - if callName == s { - found = true - break - } - } - if !found { - return fmt.Errorf("run %v: call %v: no cover", run, call) - } + if !isNoCov && len(inf.Cover) == 0 { + return fmt.Errorf("run %v: call %v: no cover", run, call) } calls[callName] = true } else { |