blob: 3bd6b3676040c28a8824be0507e96d7fa5a6dba1 [file] [log] [blame]
Syzygy Release Notes
====================
Version 0.8.32.0
[0cc169a1af] Fix some VS2017 issues, adds support for the 10.0.15063.468 Windows
SDK.
[e94470d3ee] Adds the afl instrumenter.
Version 0.8.31.1
[bb44adc69b] Add the hashes for the VS2010 version of the CRT.
Version 0.8.31.0
[e2fe0d0e41] Fail if we can't intercept a CRT function and add support for
Win10 SDK versions 10.0.10586.0 and 10.0.15063.0.
Version 0.8.30.0
[8e43875330] Add support for the vperm2i128 and vpbroadcastw VEX instructions.
Version 0.8.29.0
[ab9b65e1fd] Add support for the VS2017 built binaries.
[5970d392db] Improve the decoding of the VEX encoded instructions.
Version 0.8.28.0
[7677dfdf22] Add support for the Win10 SDK to the PE reader.
Version 0.8.27.0
[666a753011] SyzyAsan - Add a flag to defer the initialization of the SyzyAsan
crash reporter.
Version 0.8.26.0
[78fa5bc24d] SyzyAsan - Improve the performance of the heap corruption detector.
Version 0.8.25.0
[226ab514b7] Add support for more AVX2 instructions.
Version 0.8.24.0
[ea4e050ecd] SyzyAsan - Support the allocations with a size > 1GB.
[a1f6aa6249] SyzyAsan - Remove support for the nested allocations.
Version 0.8.23.0
[379045f2fe] SyzyAsan - Remove the Kasko integration.
[38646919c4] Add support for the vbroadcastss instruction.
Version 0.8.22.0
[2662b3a8a2] SyzyAsan - More careful handling when freeing corrupt blocks.
[745955797d] SyzyAsan - Fix potential race when shutting down the deferred
free thread.
[c86c6caeae] SyzyAsan - Fix overflow error in ShadowWalker for 4GB 32-bit
processes.
Version 0.8.21.0
[dca3e80883] Switch back to using VS2015.
Version 0.8.20.7
[f10f8a119b] Add support for LODS instruction.
Version 0.8.20.6
[dea670f0a0] SyzyAsan - Fix a bug in the Large Block Heap.
Version 0.8.20.5
[63fbbf176d] Really fix the 16-bit CRC32 decoding, with a thorough test.
Version 0.8.20.4
[479cc1d8da] Work around broken distorm size-prefixed CRC32 decoding.
Version 0.8.20.3
[15ac4a9af6] Regress ToT to before VS2015 change to affect a build fix.
Version 0.8.20.2
[c76e874ec4] Added benchmarks archive back to build archive as it is still
required for official builds.
Version 0.8.20.1
[b142ab0a1f] Removed the benchmarks archive from the list of things that we
archive. Fixed the build configuration.
Version 0.8.20.0
[ae4b5c8f27] Switch to using VS2015.
Version 0.8.19.0
[c5c600f40e] Fix parsing of empty debug directories.
[858cdc69ba] SyzyASAN - Enable Crashpad integration as a 50/50 experiment.
Version 0.8.18.0
[b00d18bfd7] SyzyASAN - Add an experiment enumeration export on the runtime.
Version 0.8.17.1
[460e0d1319] Fixed the build configuration.
Version 0.8.17.0
[577a26edc4] Improved reporting for mem* instrumentation by reporting first
poisoned byte, rather than range endpoints.
Version 0.8.16.1
[6b939a8bf7] Disabled some flaky unittests.
Version 0.8.16.0
[0da823d284] Add support for more VEX encoded instructions.
Version 0.8.15.0
[0b7468bc3b] SyzyASan - Add option to offload trimming of the quarantine to
a background thread.
Version 0.8.14.4
[0cb9970e70] SyzyASan - Add wcsnlen interceptor for VS2015 CRT compatibility.
Version 0.8.14.3
[68eb588716] SyzyASan - Add strnlen interceptor for VS2015 CRT compatibility.
Version 0.8.14.2
[2e9b159d91] Fixed broken build step.
Version 0.8.14.1
[35cb04163a] SyzyASan - Fix to prevent instrumentation of NOP instructions.
Version 0.8.14.0
[fce63bdc64] Add a fix to support the I_FXSAVE and I_FXRSTOR instructions.
Version 0.8.13.1
[8f7d7913d1] SyzyASan - Tolerate patching races with retries.
Version 0.8.13.0
[a12e59096e] SyzyASan - Enable dynamic 2G/4G interceptors by default.
[c6eaf97768] SyzyASan - Enable Kasko by default.
Version 0.8.12.1
[76a00d3bec] Fix missing kasko_upload dependency.
Version 0.8.12.0
[d18da087d2] Created kasko_upload utility.
[867c355fb6] SyzyASan - Fixed empty stack trace bug.
Version 0.8.11.4
[----------] Fixed the build configuration.
Version 0.8.11.3
[----------] Fixed some unittests.
Version 0.8.11.2
[----------] Fixed the build configuration.
[2380fe379e] SyzyASan - Fixed overflow in stack walking code.
Version 0.8.11.1
[e7dc3c69c8] Bugfix for PDB named streams hash table.
Version 0.8.11.0
[70efbeafc9] SyzyASan - Fix Kasko/Breakpad feature flag.
[3051479681] SyzyASan - Add a flag to turn on the reporting of the invalid
accesses.
[600e5ed812] Add temporary parsing of security directory.
[4a4554f4da] SyzyASan - Include the crashdata protobuf in the minidump produced
by agent_logger.
Version 0.8.10.3
[----------] Fixed a unittest failure.
Version 0.8.10.2
[e208902143] Only set early crash keys for sufficiently modern Chrome.
[8ce23ad741] Fix the interception of the heap_init function.
Version 0.8.10.1
[d5431ad295] Fixed the build configuration.
Version 0.8.10.0
[d692f37ef6] SyzyASan - Disable CtMalloc and put Kasko behind a feature flag.
[9eecf1f1f4] SyzyASan - Register some crash keys immediately upon SyzyASAN
initialization.
[e5ef6d14c8] SyzyASan - Disable optimization on key error handling functions.
[4578f181d2] SyzyASan - Ignores near-nullptr accesses.
[5248c93d6d] SyzyASan - Use the new Kasko memory range functionality.
Version 0.8.9.0
[b05aa394ae] SyzyASan - Improvements to corrupt block analysis.
[7c56cb233f] SyzyASan - Custom and faster stack walker.
[a5a4d0fd8d] SyzyASan - Remove use of MEM_RESET in CtMalloc.
Version 0.8.8.0
[846392a3d8] SyzyASan - Prevent from crashing twice for the same corrupt block.
[b49166cfc3] SyzyASan - Randomly enable some of the Asan features.
[21a1d32189] SyzyASan - Copy the Asan parameters into the protobuf and the
error_info structure.
[40355197d9] SyzyASan - Introduce a flood-filled quarantined block state.
[8305158b02] SyzyASan - Fix the parsing of the 'asan-rtl-options' parameter.
[d5a72bba38] SyzyASan - Fix a crash in the teardown of the runtime library.
Version 0.8.7.0
[872a0d66e2] SyzyASan - Remove the rate targeted heaps.
[36c32820e8] SyzyASan - Add type safety to BlockInfo.
[79e8c0ac2c] SyzyASan - Add support for the Windows 8.1 SDK.
[dbf490efee] SyzyASan - Fix inconsistency problem in size limited quarantine.
Version 0.8.6.3
[48b8591e29] Fixed a broken header generation build dependency.
Version 0.8.6.2
[8a14d34c61] SyzyASan - Fixed two CtMalloc bugs.
[09655752d6] SyzyASan - Report metadata via Kasko.
Version 0.8.6.1
[e01e186430] SyzyASan - Restore the asan_GetProcessHeap function for backward
compatibility.
[----------] Disabled some flaky unittests.
Version 0.8.6.0
[52bb7c7062] SyzyASan - Add the minidump symbolizer to the release binaries.
[645e667e25] SyzyASan - Don't replace the process heap by an ASan one.
[17dedec789] SyzyASan - Changed the rate targeted heaps intervals.
Version 0.8.5.0
[cec4a29a57] SyzyASan - Add support for rate targeted heaps
[562794745b] SyzyASan - Add support for more AVX2 instructions.
Version 0.8.4.1
[----------] Fixed some unittest failures.
Version 0.8.4.0
[5130039b66] Synchronize page protection modifications.
[e204e630ba] SyzyASan - Fix an issue when the first block of a corrupt range has
page protections.
[aef343e391] Preserve alignment of code blocks generated by unsupported
compilers.
Version 0.8.3.0
[734f70ac46] Shadow memory performance improvements.
Version 0.8.2.0
[ae952911d4] Change the default date used in zap_timestamp.
[0c61db4c14] SyzyASan - Fix a potential deadlock.
Version 0.8.1.0
[6dc7c8be0f] SyzyASan - Exception filtering for interceptors.
[a4121262fa] SyzyASan - CTMalloc and LargeBlockHeap enabled by default.
[d38ee96601] SyzyASan - Remove use of contended lock in quarantine logic.
Version 0.8.0.0
As of this version, SyzyASan has been entirely refactored and much of it
reimplemented. New mechanisms exist for finding bugs in external/uninstrumented
code, and coverage has been increased.
This version also marks the official separation of Syzygy from Sawbuck, it's
original ancestor. Syzygy is now hosted in a pure GIT repository, and built with
Ninja.
Some highlights:
[4e6b4f9b19] Refactor of zap_timestamp.
[a01d2374e6] SyzyASan - Zebra heap fully implemented.
[990009f460] SyzyASan - Large block heap fully implemented.
[735e51eb5c] SyzyASan - Narrowed crash race conditions as much as possible.
[08ebb870d9] Full Ninja support for the build.
[45d2fb0bec] SyzyASan - CTMalloc support added.
[217fe21486] Fully split from Sawbuck repository.
Version 0.7.18.1
[r2183] SyzyASan - Fix the interceptor of wcsstr.
Version 0.7.18.0
[r2179] SyzyASan - Adds a new flag to disable Breakpad error reporting.
Version 0.7.17.0
[r2171] SyzyASan - Implements the interceptor of wcsstr.
[r2162] SyzyASan - Intercept the kernel32!Interlocked* functions.
Version 0.7.16.0
[r2151] SyzyASan - Fixes to the heap validation code.
[r2148] Add a script for installing Syzygy binaries directly from the archives.
Version 0.7.15.0
[r2142] SyzyASan - Addition of a heap validation code to error processing and
reporting.
[r2138] Fix to allow VS2013 produced Syzygy agents to run with VS2013 produced
instrumented binaries.
Version 0.7.14.0
[r2115] Adds native .lib support to the toolchain.
[r2120] SyzyASan - Implements the interceptor for wcschr.
Version 0.7.13.0
[-----] SyzyASan - Fixed some XP compatibility issues.
[r2095] SyzyASan - Add support for runtime subsampling of SyzyASan allocation
guards.
[r2094] SyzyASan - Cast the return value of HeapFree to a boolean before
checking it.
[r2064] SyzyASan - Plumb runtime ASan parameters through instrumentation to the
runtime library.
Version 0.7.12.0
[-----] First build with VS2013.
[r2059] SyzyASan - Add instrumentation subsampling support to ASan instrumenter.
Version 0.7.11.0
[r2056] SyzyASan - Block checksums now validated as they exit the quarantine.
Version 0.7.10.0
[r2049] SyzyASan - Fix to quarantine to prevent flushing it when overly large
blocks are inserted. Also modifies eviction policy to be random.
Version 0.7.9.0
[r2029] Add --no-logo flag to Syzygy tool command line parsing to allow for
fully silent execution.
[r2025] SyzyASan - Add a checksum to ASan's blocks and use it to prevent heap
corruption.
[r2023] Add dumping of MSToolEnv to pdb_dumper.
Version 0.7.8.0
[r2012] Now officially building with VS2013.
[r2010] swapimport.exe now works with 64-bit binaries.
Version 0.7.7.2
[r1989] Fix to reorderer to make it use the same decomposer as the relinker.
Version 0.7.7.1
[r1983] Small fix to decompose_image_to_text which was causing failed official
builder tests.
Version 0.7.7.0
[r1979] Created swapimport.exe utility.
[r1978] SyzyASan - Fix for improperly intercepted CRT functions with custom
calling conventions in LTCG builds.
[r1969] SyzyASan - Wide character CRT string function interceptors.
Version 0.7.6.0
[r1957] Full VS2013 support.
[r1955] PEHacker is now fully functional. First release.
[r1934] Switched to using new decomposer.
Version 0.7.5.0
[r1906] Various fixes for VS2013 support.
Version 0.7.4.1
[r1893] Fix the failures on the decomposer unittests for the official build.
[r1892] SyzyASan - Add the header and the lib file of SyzyASan_rtl.dll to the
released binaries.
Version 0.7.4.0
[r1889] SyzyASan - Interception of the ReadFile and WriteFile functions.
[r1864] Bug fix for sampling profiler grinder.
[r1862] SyzyASan - Implementation of the API for the nested heaps.
Version 0.7.3.0
[r1840] Improved integration testing for profiler.
[r1838] Refactor HeapProxy to expose the redzoning functions in an API.
Version 0.7.2.0
[r1827] New instrumentation mode for profiler.
[r1819] Fixes for broken sample grinder unittests in official build mode.
Version 0.7.1.0
[r1817] Sampling profiler now supports KCacheGrind output format.
[r1814] Fixes to benchmarking scripts to handle multi-DLL Chrome builds.
Version 0.7.0.1
[-----] Build infrastructure changes to support renamed ASan RTL.
Version 0.7.0.0
[r1807] SyzyASan - Reduce the contention in StackCaptureCache.
[r1791] SyzyASan - Rename asan_rtl.dll to SyzyASan_rtl.dll
[r1787] Add branch events buffering to the instrumenter.
Version 0.2.29.1
[r1768] SyzyASan - Fix an ugly bug in the way we were setting up the filter in
AsanInstrumenter
Version 0.2.29.0
[r1759] SyzyASan - Add ASan RTL support for a quarantine size/trailer padding
size experiment.
[r1758] SyzyASan - Use the CRT interceptors by default.
[r1750] SyzyASan - Adds a parameter to the command line to specify the blocks
padding size.
Version 0.2.28.0
[r1738] SyzyASan - Support for new Breakpad exported functions.
[r1737] Fix to benchmarking automation scripts to more cleanly shutdown Chrome.
[r1729] Full grinder support for sampling profiler data.
[r1722] Fix to PDB generation to handle large PDBs.
Version 0.2.27.0
[r1716] Flaky unittest fixit. Fixed 4 cases of known occasional test failures.
[r1715] reorder.exe can handle multiple instrumented modules.
[r1713] Chrome optimization scripts updated to handle multi-DLL builds.
[r1695] SyzyASan - Implemented interceptors of CRT string.h functions.
Version 0.2.26.0
[r1684] SyzyASan - Enable the redundant checks analysis by default.
[r1679] SyzyASan - Add a logging message when a minidump is saved to the disk.
[r1678] Add the PDB of our binaries to the binaries-syms archive.
[r1650] Sampling profiler (sampler.exe) now fully functional.
[r1636] Add --sampling-interval and --bucket-size parameters to sampler.exe.
Version 0.2.25.0
[r1624] Turn on the liveness analysis for the asan instrumentation.
[r1617] Refactor the instrumenter application.
Version 0.2.24.0
[r1581] Add bb and dromaeo modes into benchmark/optimize scripts.
Version 0.2.23.0
[-----] Build infrastructure changes to properly source index this build.
[r1578] SyzyASan - Bugfix to Realloc.
Version 0.2.22.0
[r1567] Various bugfixes to make Syzygy able to decompose Adobe Flash binaries.
[r1566] SyzyASan - Added reference counting and reuse to stack cache.
Version 0.2.21.1
[r1542] SyzyASan - Remove use of a kernel32 import that was not available on XP.
[r1529] SyzyASan - More performance improvements to slow path.
Version 0.2.21.0
[r1524] Update asan rtl for minidump generation.
[r1523] Add mini-dump generation to the logger.
[r1520] Reduce the memory overhead per block and add the TIDs to the header.
[r1503] Add more aggressive optimization settings to our official builds.
Version 0.2.20.0
[r1490] SyzyASan - Cut shadow size in half.
[r1469] Disable DCHECKs in official builds.
[r1466] SyzyASan - Make the slow path faster.
Version 0.2.19.0
[r1460] SyzyASan - Include all stack frames by default.
[r1459] SyzyASan - Fix asan logger shutdown on error.
[r1456] SyzyASan - Capture time between free and use-after-free.
Version 0.2.18.0
[r1444] SyzyASan - Use breakpad key/value pairs to label crashes.
[r1443] SyzyASan - Leave contents of freed blocks intact for better debugging.
Version 0.2.17.1
[r1425] SyzyASan - Save crash analyses to the stack.
[r1424] SyzyASan - Directly report crashes via breakpad, if available.
[r1417] Fix parsing to support trace files larger than 4GB.
[r1411] SyzyASan - Add support for string and other special instructions.
Version 0.2.16.0
[r1390] New genfilter tool for creating image filters.
[r1389] Runtime filtering of SyzyASan bugs by stack-trace IDs.
[r1385] Performance improvements to profiler instrumentation.
[r1381] Many performance improvements for SyzyASan.
[r1374] Instrumentation time filtering enabled for SyzyASan.
[r1366] SyzyASan stack-traces can have configurable max depth and bottom frame
trimming.
Version 0.2.15.0
[r1359] Elide ASan hooks for (unhandled) stack addresses.
[r1330] Thunk entry points to blocks which are not basic-block decomposable.
[r1344] Add client DLL symbol information to the release.
Version 0.2.14.0
[r1285] Small fix to binaries script.
Version 0.2.13.0
[r1284] Started keeping release notes.
[r1283] SyzyASan uses remote stack tracing in RPC logging service so as to get
accurate traces even in sandboxed code.
[r1282] Much simplified straight-path decomposer.
[r1281] SyzyASan no longer corrupts IAT entries and NT headers size/start values
are properly calculated.
[r1276] PDB/MSF files contain properly formatted free page maps.
[r1272] zap_timestamps for normalizing PE/PDB pairs.
[r1263] pdbfind for locating the PDB associated with a PE file.
[r1261] Proper parsing of imported data symbols.