diff options
| author | Joey Jiao <quic_jiangenj@quicinc.com> | 2024-05-14 10:51:19 +0800 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2024-05-27 09:44:25 +0000 |
| commit | b75d07e8995d9d6682851c553b23b4d3e9734436 (patch) | |
| tree | 09e80808b88d2f6f576becef41a887eb242f3ce3 /pkg/corpus | |
| parent | 339d8cf83c825a88ff6d1c6b5a73e20fffd33010 (diff) | |
all: adapt all cover and sig to 64bit
Taken some arm64 devices for example:
kaslr_offset is diff at bits 12-40, and kernel modules are loaded at 2GB space,
so we have `ffffffd342e10000 T _stext` where uppper 32bit is ffffffd3. However,
if we check modules range, the 1st module is loaded at 0xffffffd2eeb2a000,
while the last module is loaded at 0xffffffd2f42c4000.
We can see the upper 32bits are diff for core kernel and modules.
If we use current 32bits for covered PC, we will get wrong module address
recovered.
So we need to move to 64bit cover and signal:
- change cover/sig to 64bit to fit for syz-executor change
- remove kernel upper base logic as kernel upper base is not a constant when
kaslr enabled for core kernel and modules.
- remove unused pcBase
Diffstat (limited to 'pkg/corpus')
| -rw-r--r-- | pkg/corpus/corpus.go | 10 | ||||
| -rw-r--r-- | pkg/corpus/corpus_test.go | 12 |
2 files changed, 11 insertions, 11 deletions
diff --git a/pkg/corpus/corpus.go b/pkg/corpus/corpus.go index 46e388366..5b2b9983f 100644 --- a/pkg/corpus/corpus.go +++ b/pkg/corpus/corpus.go @@ -53,7 +53,7 @@ func NewMonitoredCorpus(ctx context.Context, updates chan<- NewItemEvent) *Corpu // sysalls. In that case, there will be several ItemUpdate entities. type ItemUpdate struct { Call int - RawCover []uint32 + RawCover []uint64 } // Item objects are to be treated as immutable, otherwise it's just @@ -66,7 +66,7 @@ type Item struct { ProgData []byte // to save some Serialize() calls HasAny bool // whether the prog contains squashed arguments Signal signal.Signal - Cover []uint32 + Cover []uint64 Updates []ItemUpdate } @@ -78,15 +78,15 @@ type NewInput struct { Prog *prog.Prog Call int Signal signal.Signal - Cover []uint32 - RawCover []uint32 + Cover []uint64 + RawCover []uint64 } type NewItemEvent struct { Sig string Exists bool ProgData []byte - NewCover []uint32 + NewCover []uint64 } func (corpus *Corpus) Save(inp NewInput) { diff --git a/pkg/corpus/corpus_test.go b/pkg/corpus/corpus_test.go index 62aad1e04..90b11717a 100644 --- a/pkg/corpus/corpus_test.go +++ b/pkg/corpus/corpus_test.go @@ -62,16 +62,16 @@ func TestCorpusCoverage(t *testing.T) { rs := rand.NewSource(0) inp := generateInput(target, rs, 5, 5) - inp.Cover = []uint32{10, 11} + inp.Cover = []uint64{10, 11} go corpus.Save(inp) event := <-ch - assert.Equal(t, []uint32{10, 11}, event.NewCover) + assert.Equal(t, []uint64{10, 11}, event.NewCover) inp.Call = 1 - inp.Cover = []uint32{11, 12} + inp.Cover = []uint64{11, 12} go corpus.Save(inp) event = <-ch - assert.Equal(t, []uint32{12}, event.NewCover) + assert.Equal(t, []uint64{12}, event.NewCover) // Check the total corpus size. assert.Equal(t, corpus.StatCover.Val(), 3) @@ -101,9 +101,9 @@ func TestCorpusSaveConcurrency(t *testing.T) { func generateInput(target *prog.Target, rs rand.Source, ncalls, sizeSig int) NewInput { p := target.Generate(rs, ncalls, target.DefaultChoiceTable()) - var raw []uint32 + var raw []uint64 for i := 1; i <= sizeSig; i++ { - raw = append(raw, uint32(i)) + raw = append(raw, uint64(i)) } return NewInput{ Prog: p, |