When running applications which make large (sparsely populated) address ranges
(e.g. when using address sanitizer with LibAFL) the inability to exclude these
regions from any core dump can result in very large files which fill the disk.
A coredump is obvously very useful for performing a post-mortem when fuzzing.
Whilst the man pages state that madvise provides only a hint (and hence can be
ignored), this patch adds support to handle MADV_DONTDUMP and set a
corresponding flag in the page flags, thus allowing QEMU to exclude these
regions from the core file.
Signed-off-by: WorksButNotTested
<62701594+WorksButNotTested@users.noreply.github.com>
---
include/exec/page-protection.h | 6 ++++++
linux-user/elfload.c | 4 ++++
linux-user/mmap.c | 5 +++++
3 files changed, 15 insertions(+)
diff --git a/include/exec/page-protection.h b/include/exec/page-protection.h
index c43231af8b..f8826d917e 100644
--- a/include/exec/page-protection.h
+++ b/include/exec/page-protection.h
@@ -38,4 +38,10 @@
*/
#define PAGE_PASSTHROUGH 0x0800
+/*
+ * For linux-user, indicates that the page should not be included in a core
+ * dump.
+ */
+#define PAGE_DONTDUMP 0x1000
+
#endif
diff --git a/linux-user/elfload.c b/linux-user/elfload.c
index fbfdec2f17..41c46da055 100644
--- a/linux-user/elfload.c
+++ b/linux-user/elfload.c
@@ -4067,6 +4067,10 @@ static size_t vma_dump_size(target_ulong start,
target_ulong end,
return 0;
}
+ if (flags & PAGE_DONTDUMP) {
+ return 0;
+ }
+
/*
* Usually we don't dump executable pages as they contain
* non-writable code that debugger can read directly from
diff --git a/linux-user/mmap.c b/linux-user/mmap.c
index f88a80c31e..62fc8ac921 100644
--- a/linux-user/mmap.c
+++ b/linux-user/mmap.c
@@ -1247,6 +1247,11 @@ abi_long target_madvise(abi_ulong start, abi_ulong
len_in, int advice)
*/
mmap_lock();
switch (advice) {
+ case MADV_DONTDUMP:
+ if (len > 0) {
+ page_set_flags(start, start + len - 1, PAGE_DONTDUMP);
+ }
+ break;
case MADV_WIPEONFORK:
case MADV_KEEPONFORK:
ret = -EINVAL;