mirror of
https://github.com/reactos/syzkaller.git
synced 2024-10-07 00:53:27 +00:00
ce441f065b
While investigating an OpenBSD reproducer[1][2] I discovered the
following:
* All threads are stuck on the last `sleep(1000000)` syscall in main(),
hence no output for the test machine.
* Each executor process created in loop() performs one iteration but
exits abnormally during the call to remove_dir().
* Calling remove_dir() will eventually invoke itself recursively since
one of the executed syscall is `mkdir("./file0", 0)` meaning that it
will try to remove the directory created by execute_one(). However,
`opendir(3)` fails with `EACCES` due to the permissions passed to
`mkdir(2)` is zero.
Instead of exiting, trying to remove the problematic directory in a best
effort manner makes the reproducer continue executing the generated
syscalls. This work around might be considered to narrow. Another option
would be to replace the `sleep(1000000)` with `waitpid(-1, NULL, 0)`
until ECHILD is hit.
[1] https://syzkaller.appspot.com/bug?id=6f7ce2a0536580a94f65f44e478732ec505e88af
[2] https://syzkaller.appspot.com/text?tag=ReproC&x=10fd1a71900000
|
||
|---|---|---|
| .. | ||
| android | ||
| common_akaros.h | ||
| common_bsd.h | ||
| common_fuchsia.h | ||
| common_kvm_amd64.h | ||
| common_kvm_arm64.h | ||
| common_linux.h | ||
| common_test.h | ||
| common_usb_linux.h | ||
| common_usb_netbsd.h | ||
| common_usb.h | ||
| common_windows.h | ||
| common.h | ||
| executor_akaros.h | ||
| executor_bsd.h | ||
| executor_fuchsia.h | ||
| executor_linux.h | ||
| executor_test.h | ||
| executor_windows.h | ||
| executor.cc | ||
| gen.go | ||
| kvm_gen.cc | ||
| kvm.h | ||
| kvm.S | ||
| kvm.S.h | ||
| nocover.h | ||
| stub.go | ||
| style_test.go | ||
| test_linux.h | ||
| test.h | ||