Dmitry Vyukov

Do I read the reproducer correctly that if we wouldn't write to mmap-ed range, we also wouldn't trigger the bug?

Interesting. For such proposals it always help to have move places where this can be used. 1-3 places vs "many" leads to very different trade offs. And we will need...

I think this is dup of #2831

We should already do this here: https://github.com/google/syzkaller/blob/b438bd66d6f95113d52f25c25bfef0e963c8ce8d/syz-manager/manager.go#L403-L405 Perhaps you have some VMs reserved for fuzzing?

Hi Jiri, Thanks for the report. How can we reproduce such kernel build with DW_TAG_partial_unit? Do you know how to get them in a unit test? Some special compiler flags?...

For the second struct we also want something like `flags[bpf_attach_flags & ~BPF_F_ID, int32]`, right? Or, BPF_F_ID is just assumed to not be present in `bpf_attach_flags`?

There can be intermixed kernel output and/or corrupted lines. So I tried to exact what's extractable in best-effort manner.

Try to reproduce, may be a hang on our side. The reproducer looks funky. May be a real issue on our side.

Please re-send to the mailing list with full repro instructions.

I think it's simpler to just support multiple "syz fix" commands per email. Multiple fixing commits is already fully supported by the app, if they are linked with "Reported-by" tags...