From 75a7c5e2d1f09a4a58e7e1f1f4ef0b0f55a33413 Mon Sep 17 00:00:00 2001
From: Dmitry Vyukov <dvyukov@google.com>
Date: Mon, 19 Feb 2018 19:35:04 +0100
Subject: prog: rework address allocation

1. mmap all memory always, without explicit mmap calls in the program.
This makes lots of things much easier and removes lots of code.
Makes mmap not a special syscall and allows to fuzz without mmap enabled.

2. Change address assignment algorithm.
Current algorithm allocates unmapped addresses too frequently
and allows collisions between arguments of a single syscall.
The new algorithm analyzes actual allocations in the program
and places new arguments at unused locations.
---
 executor/executor_bsd.cc | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'executor/executor_bsd.cc')

diff --git a/executor/executor_bsd.cc b/executor/executor_bsd.cc
index 2500a2a12..ee14d84a6 100644
--- a/executor/executor_bsd.cc
+++ b/executor/executor_bsd.cc
@@ -50,6 +50,9 @@ int main(int argc, char** argv)
 	output_data = (uint32*)mmap(kOutputDataAddr, kMaxOutput, PROT_READ | PROT_WRITE, MAP_SHARED | MAP_FIXED, kOutFd, 0);
 	if (output_data != kOutputDataAddr)
 		fail("mmap of output file failed");
+	if (mmap((void*)SYZ_DATA_OFFSET, SYZ_NUM_PAGES * SYZ_PAGE_SIZE, PROT_READ | PROT_WRITE,
+		 MAP_ANON | MAP_PRIVATE | MAP_FIXED, -1, 0) != (void*)SYZ_DATA_OFFSET)
+		fail("mmap of data segment failed");
 	// Prevent random programs to mess with these fds.
 	// Due to races in collider mode, a program can e.g. ftruncate one of these fds,
 	// which will cause fuzzer to crash.
-- 
cgit mrf-deployment