From 172b24cb88e0a1a65238406f5174c323da8e9635 Mon Sep 17 00:00:00 2001 From: Kyle Huey Date: Sun, 18 Aug 2024 14:09:26 -0700 Subject: [PATCH] Remove regions that have ever had PR_SET_VMA_ANON_NAME called on them from always_free_address_space. --- src/ReplaySession.cc | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/ReplaySession.cc b/src/ReplaySession.cc index d17a9df2656..cffac2efea1 100644 --- a/src/ReplaySession.cc +++ b/src/ReplaySession.cc @@ -105,7 +105,7 @@ const ReplaySession::MemoryRanges& ReplaySession::always_free_address_space( auto frame = tmp_reader.read_frame(); auto event = frame.event(); // If a region was ever mprotected to something that's not PROT_NONE, - // we need to delete it as well. + // or had PR_SET_VMA_ANON_NAME called on it, we need to delete it as well. if (event.is_syscall_event()) { auto syscall_event = event.Syscall(); if (is_mprotect_syscall(syscall_event.number, syscall_event.arch()) || @@ -117,6 +117,14 @@ const ReplaySession::MemoryRanges& ReplaySession::always_free_address_space( delete_range(*result, MemoryRange(start, size)); } } + if (is_prctl_syscall(syscall_event.number, syscall_event.arch())) { + auto regs = frame.regs(); + if (regs.arg2() == PR_SET_VMA_ANON_NAME) { + remote_ptr start = regs.arg3(); + size_t size = regs.arg4(); + delete_range(*result, MemoryRange(start, size)); + } + } } else if (event.is_syscallbuf_flush_event()) { auto syscallbuf_flush_event = event.SyscallbufFlush(); for (auto& record : syscallbuf_flush_event.mprotect_records) {