From 5ba0fed13435213276f29e3d9e39d926f04ac1a8 Mon Sep 17 00:00:00 2001
From: Aleksandr Nogikh <nogikh@google.com>
Date: Wed, 6 Aug 2025 10:16:09 +0200
Subject: executor: keep output area base address on reallocation

Output area may be remapped from several different processes (i.e. after
forking), so we should not assume that the suggested base address will
be the same.
---
 executor/executor.cc | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'executor/executor.cc')

diff --git a/executor/executor.cc b/executor/executor.cc
index 53c52efc3..9adcf7835 100644
--- a/executor/executor.cc
+++ b/executor/executor.cc
@@ -748,6 +748,13 @@ static uint32* output_base_address()
 		// See the comment in input_base_address();
 		return 0;
 	}
+	if (output_data != NULL) {
+		// If output_data was already mapped, use the old base address
+		// since we could be extending the area from a different pid:
+		// realloc_output_data() may be called from a fork, which would cause
+		// input_base_address() to return a different address.
+		return (uint32*)output_data;
+	}
 	// Leave some unmmapped area after the input data.
 	return input_base_address() + kMaxInput + SYZ_PAGE_SIZE;
 }
-- 
cgit mrf-deployment