diff options
Diffstat (limited to 'executor/executor.cc')
| -rw-r--r-- | executor/executor.cc | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/executor/executor.cc b/executor/executor.cc index 798cae71e..4d60b10cc 100644 --- a/executor/executor.cc +++ b/executor/executor.cc @@ -59,7 +59,6 @@ const int kCoverFd = kOutPipeFd - kMaxThreads; const int kMaxArgs = 9; const int kCoverSize = 256 << 10; const int kFailStatus = 67; -const int kRetryStatus = 69; // Logical error (e.g. invalid input program), use as an assert() alternative. static NORETURN PRINTF(1, 2) void fail(const char* msg, ...); @@ -400,22 +399,17 @@ int main(int argc, char** argv) fail("unknown sandbox type"); } #if SYZ_EXECUTOR_USES_FORK_SERVER - // Other statuses happen when fuzzer processes manages to kill loop. + fprintf(stderr, "loop exited with status %d\n", status); + // Other statuses happen when fuzzer processes manages to kill loop, e.g. with: + // ptrace(PTRACE_SEIZE, 1, 0, 0x100040) if (status != kFailStatus) - status = kRetryStatus; + status = 0; // If an external sandbox process wraps executor, the out pipe will be closed // before the sandbox process exits this will make ipc package kill the sandbox. // As the result sandbox process will exit with exit status 9 instead of the executor - // exit status (notably kRetryStatus). Consequently, ipc will treat it as hard - // failure rather than a temporal failure. So we duplicate the exit status on the pipe. + // exit status (notably kFailStatus). So we duplicate the exit status on the pipe. reply_execute(status); - errno = 0; - if (status == kFailStatus) - fail("loop failed"); - // Loop can be killed by a test process with e.g.: - // ptrace(PTRACE_SEIZE, 1, 0, 0x100040) - // This is unfortunate, but I don't have a better solution than ignoring it for now. - exitf("loop exited with status %d", status); + doexit(status); // Unreachable. return 1; #else @@ -1343,9 +1337,7 @@ void fail(const char* msg, ...) vfprintf(stderr, msg, args); va_end(args); fprintf(stderr, " (errno %d)\n", e); - // ENOMEM/EAGAIN is frequent cause of failures in fuzzing context, - // so handle it here as non-fatal error. - doexit((e == ENOMEM || e == EAGAIN) ? kRetryStatus : kFailStatus); + doexit(kFailStatus); } void exitf(const char* msg, ...) @@ -1356,7 +1348,7 @@ void exitf(const char* msg, ...) vfprintf(stderr, msg, args); va_end(args); fprintf(stderr, " (errno %d)\n", e); - doexit(kRetryStatus); + doexit(0); } void debug(const char* msg, ...) |