[google/syzkaller] 81ed97: executor: change input/output area mapping rules
1 view
Skip to first unread message
Aleksandr Nogikh
Aug 6, 2025, 6:09:16 AM8/6/25
to syzk...@googlegroups.com
Branch: refs/heads/master
Home: https://github.com/google/syzkaller
Commit: 81ed97dd2689fd11ddeed17d837515e0163857ad
https://github.com/google/syzkaller/commit/81ed97dd2689fd11ddeed17d837515e0163857ad
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M executor/executor.cc
Log Message:
-----------
executor: change input/output area mapping rules
For ASAN builds, assume that the executable is dynamically linked and
that the addresses in HighMem may be occupied by the libraries.
Otherwise, use fixed addresses both for the input and the output area.
Before, input area was mapped at an arbitrary location and the default
output area location for ASAN builds was sometimes overlapping with it.
Use MAP_FIXED_NOREPLACE to prevent such overlappings in the first place.
Commit: 4d59bf324183ff9386d28bc6d33b86b3115ddf54
https://github.com/google/syzkaller/commit/4d59bf324183ff9386d28bc6d33b86b3115ddf54
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M sys/targets/targets.go
Log Message:
-----------
sys/targets: enable ASAN for TestArch64Fuzz
Now it no longer causes a segfault.
Commit: 5ba0fed13435213276f29e3d9e39d926f04ac1a8
https://github.com/google/syzkaller/commit/5ba0fed13435213276f29e3d9e39d926f04ac1a8
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M executor/executor.cc
Log Message:
-----------
executor: keep output area base address on reallocation
Output area may be remapped from several different processes (i.e. after
forking), so we should not assume that the suggested base address will
be the same.
Commit: 745510422fa0fd508f681b06c98e3a74d41344c5
https://github.com/google/syzkaller/commit/745510422fa0fd508f681b06c98e3a74d41344c5
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M pkg/manager/diff.go
M pkg/manager/diff_test.go
Log Message:
-----------
pkg/manager: fix a NeedRepro check
It's been checking the inverse of what was needed.
Rename the helper function to reduce confusion in the future.
Commit: 81aa8cec401bfdbde1c8d695368c67352fca64ee
https://github.com/google/syzkaller/commit/81aa8cec401bfdbde1c8d695368c67352fca64ee
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M vm/dispatcher/pool.go
M vm/dispatcher/pool_test.go
Log Message:
-----------
vm/dispatcher: don't block on the boot error chan on exit
React on the context cancellation even if the boot error channel is
blocked.
Add a test that verifies this behavior.
Print a log message if the channel is full.
Commit: 61ad06c3adc5c20856fd641e634887676f3bf23e
https://github.com/google/syzkaller/commit/61ad06c3adc5c20856fd641e634887676f3bf23e
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M pkg/manager/diff.go
Log Message:
-----------
pkg/manager: fetch boot errors during patch fuzzing
The VM pool expects us to listen on the boot error channel.
Commit: 4bd24a3ebf2c0a11349dbd8b6830c5cdf98d2c7d
https://github.com/google/syzkaller/commit/4bd24a3ebf2c0a11349dbd8b6830c5cdf98d2c7d
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M vm/dispatcher/pool.go
Log Message:
-----------
vm/dispatcher: simplify runInstance()
Move boot error reporting to a separate function.
Compare: https://github.com/google/syzkaller/compare/ffe1dd46b97d...4bd24a3ebf2c
To unsubscribe from these emails, change your notification settings at https://github.com/google/syzkaller/settings/notifications
Home: https://github.com/google/syzkaller
Commit: 81ed97dd2689fd11ddeed17d837515e0163857ad
https://github.com/google/syzkaller/commit/81ed97dd2689fd11ddeed17d837515e0163857ad
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M executor/executor.cc
Log Message:
-----------
executor: change input/output area mapping rules
For ASAN builds, assume that the executable is dynamically linked and
that the addresses in HighMem may be occupied by the libraries.
Otherwise, use fixed addresses both for the input and the output area.
Before, input area was mapped at an arbitrary location and the default
output area location for ASAN builds was sometimes overlapping with it.
Use MAP_FIXED_NOREPLACE to prevent such overlappings in the first place.
Commit: 4d59bf324183ff9386d28bc6d33b86b3115ddf54
https://github.com/google/syzkaller/commit/4d59bf324183ff9386d28bc6d33b86b3115ddf54
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M sys/targets/targets.go
Log Message:
-----------
sys/targets: enable ASAN for TestArch64Fuzz
Now it no longer causes a segfault.
Commit: 5ba0fed13435213276f29e3d9e39d926f04ac1a8
https://github.com/google/syzkaller/commit/5ba0fed13435213276f29e3d9e39d926f04ac1a8
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M executor/executor.cc
Log Message:
-----------
executor: keep output area base address on reallocation
Output area may be remapped from several different processes (i.e. after
forking), so we should not assume that the suggested base address will
be the same.
Commit: 745510422fa0fd508f681b06c98e3a74d41344c5
https://github.com/google/syzkaller/commit/745510422fa0fd508f681b06c98e3a74d41344c5
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M pkg/manager/diff.go
M pkg/manager/diff_test.go
Log Message:
-----------
pkg/manager: fix a NeedRepro check
It's been checking the inverse of what was needed.
Rename the helper function to reduce confusion in the future.
Commit: 81aa8cec401bfdbde1c8d695368c67352fca64ee
https://github.com/google/syzkaller/commit/81aa8cec401bfdbde1c8d695368c67352fca64ee
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M vm/dispatcher/pool.go
M vm/dispatcher/pool_test.go
Log Message:
-----------
vm/dispatcher: don't block on the boot error chan on exit
React on the context cancellation even if the boot error channel is
blocked.
Add a test that verifies this behavior.
Print a log message if the channel is full.
Commit: 61ad06c3adc5c20856fd641e634887676f3bf23e
https://github.com/google/syzkaller/commit/61ad06c3adc5c20856fd641e634887676f3bf23e
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M pkg/manager/diff.go
Log Message:
-----------
pkg/manager: fetch boot errors during patch fuzzing
The VM pool expects us to listen on the boot error channel.
Commit: 4bd24a3ebf2c0a11349dbd8b6830c5cdf98d2c7d
https://github.com/google/syzkaller/commit/4bd24a3ebf2c0a11349dbd8b6830c5cdf98d2c7d
Author: Aleksandr Nogikh <nog...@google.com>
Date: 2025-08-06 (Wed, 06 Aug 2025)
Changed paths:
M vm/dispatcher/pool.go
Log Message:
-----------
vm/dispatcher: simplify runInstance()
Move boot error reporting to a separate function.
Compare: https://github.com/google/syzkaller/compare/ffe1dd46b97d...4bd24a3ebf2c
To unsubscribe from these emails, change your notification settings at https://github.com/google/syzkaller/settings/notifications
Reply all
Reply to author
Forward
0 new messages