首先，该函数会生成一个 error ，用于输出错误信息；之后从结构体中，取出对应 arch 的字符串->整型映射表：
eh := func(pos ast.Pos, msg string) { // [1] 生成一个 error handler, 用于输出错误信息;job.Errors = append(job.Errors, fmt.Sprintf("%v: %v\n", pos, msg))}
func processJob(job *Job, descriptions *ast.Description, constFile *compiler.ConstFile) {eh := func(pos ast.Pos, msg string) { // [1] 生成一个 error handler, 用于输出错误信息;job.Errors = append(job.Errors, fmt.Sprintf("%v: %v\n", pos, msg))}consts := constFile.Arch(job.Target.Arch) // [2] 从 constFile 结构体取出对应 arch 的 consts 字符串->整型 映射表if job.Target.OS == targets.TestOS {// [3] 过滤掉自己开发人员测试用的 testOS （targets.TestOS 即为字符串 test）constInfo := compiler.ExtractConsts(descriptions, job.Target, eh)compiler.FabricateSyscallConsts(job.Target, constInfo, consts)}prog := compiler.Compile(descriptions, consts, job.Target, eh) // [4] 对 syzlang AST 进行编译, 继续分析 AST 信息 。if prog == nil {// 这次编译提供了consts信息，因此会执行完整的编译过程return}for what := range prog.Unsupported {job.Unsupported[what] = true}// [5] 将分析结果，序列化为go语言源代码，留待后续 syz-fuzzer 使用，代码存放在 sys//gen/.gosysFile := filepath.Join(*outDir, "sys", job.Target.OS, "gen", job.Target.Arch+".go")out := new(bytes.Buffer)generate(job.Target, prog, consts, out)rev := hash.String(out.Bytes())fmt.Fprintf(out, "const revision_%v = %q\n", job.Target.Arch, rev)writeSource(sysFile, out.Bytes())// [6] 调用 generateExecutorSyscalls 函数来创建 Executor 的 syscall 信息，并将其返回给 main 函数job.ArchData = http://www.kingceram.com/post/generateExecutorSyscalls(job.Target, prog.Syscalls, rev)// Don't print warnings, they are printed in syz-check.job.Errors = niljob.OK = true}
syz- 需要分析 AST 信息，对进行编译：
prog := compiler.Compile(descriptions, consts, job.Target, eh) // [4] 对 syzlang AST 进行编译, 继续分析 AST 信息 。if prog == nil {// 这次编译提供了consts信息，因此会执行完整的编译过程return}for what := range prog.Unsupported {job.Unsupported[what] = true}
返回的 Prog 结构体声明如下：
// Prog is description compilation result.type Prog struct {Resources []*prog.ResourceDescSyscalls[]*prog.SyscallTypes[]prog.Type// Set of unsupported syscalls/flags.Unsupported map[string]bool// Returned if consts was nil.fileConsts map[string]*ConstInfo}
? [4]编译操作和先前 syz- 类似，不同的是这次提供了信息，因此会执行完整的编译过程，分析代码中描述的全部参数类型信息 。返回的 Prog 结构体中：
() 除了调用 () 函数和 () 函数，接下来首先调用的是() / () / check() 函数 。
我们来看看生成出的代码是什么样的（以 /sys/linux/gen/amd64.go 为例）：
说明：
// AUTOGENERATED FILE// +build !codeanalysis// +build !syz_target syz_target,syz_os_linux,syz_arch_amd64package genimport . "github.com/google/syzkaller/prog"import . "github.com/google/syzkaller/sys/linux"func init() {RegisterTarget(&Target{OS: "linux", Arch: "amd64", Revision: revision_amd64, PtrSize: 8, PageSize: 4096, NumPages: 4096, DataOffset: 536870912, LittleEndian: true, ExecutorUsesShmem: true, Syscalls: syscalls_amd64, Resources: resources_amd64, Consts: consts_amd64}, types_amd64, InitTarget)}var resources_amd64 = []*ResourceDesc{{Name:"ANYRES16",Kind:[]string{"ANYRES16"},Values:[]uint64{18446744073709551615,0}},{Name:"ANYRES32",Kind:[]string{"ANYRES32"},Values:[]uint64{18446744073709551615,0}},{Name:"ANYRES64",Kind:[]string{"ANYRES64"},Values:[]uint64{18446744073709551615,0}},{Name:"IMG_DEV_VIRTADDR",Kind:[]string{"IMG_DEV_VIRTADDR"},Values:[]uint64{0}},{Name:"IMG_HANDLE",Kind:[]string{"IMG_HANDLE"},Values:[]uint64{0}},{Name:"assoc_id",Kind:[]string{"assoc_id"},Values:[]uint64{0}},....}var syscalls_amd64 = []*Syscall{{NR:43,Name:"accept",CallName:"accept",Args:[]Field{{Name:"fd",Type:Ref(11199)},{Name:"peer",Type:Ref(10021)},{Name:"peerlen",Type:Ref(10305)},},Ret:Ref(11199)},{NR:43,Name:"accept$alg",CallName:"accept",Args:[]Field{{Name:"fd",Type:Ref(11202)},{Name:"peer",Type:Ref(4943)},{Name:"peerlen",Type:Ref(4943)},},Ret:Ref(11203)},{NR:43,Name:"accept$ax25",CallName:"accept",Args:[]Field{{Name:"fd",Type:Ref(11204)},{Name:"peer",Type:Ref(10033)},{Name:"peerlen",Type:Ref(10305)},},Ret:Ref(11204)},{NR:43,Name:"accept$inet",CallName:"accept",Args:[]Field{{Name:"fd",Type:Ref(11223)},{Name:"peer",Type:Ref(10025)},{Name:"peerlen",Type:Ref(10305)},},Ret:Ref(11223)},....}var types_amd64 = []Type{&ArrayType{TypeCommon:TypeCommon{TypeName:"array",TypeAlign:1,IsVarlen:true},Elem:Ref(17155)},&ArrayType{TypeCommon:TypeCommon{TypeName:"array",TypeAlign:1,IsVarlen:true},Elem:Ref(14707),Kind:1,RangeEnd:32},&ArrayType{TypeCommon:TypeCommon{TypeName:"array",TypeAlign:1,IsVarlen:true},Elem:Ref(14707),Kind:1,RangeEnd:8},&ArrayType{TypeCommon:TypeCommon{TypeName:"array",TypeAlign:1,IsVarlen:true},Elem:Ref(14560)},&ArrayType{TypeCommon:TypeCommon{TypeName:"array",TypeAlign:1,IsVarlen:true},Elem:Ref(14575)},....}var consts_amd64 = []ConstValue{{"ABS_CNT",64},{"ABS_MAX",63},{"ACL_EXECUTE",1},{"ACL_GROUP",8},{"ACL_GROUP_OBJ",4},{"ACL_LINK",1},....}const revision_amd64 = "e61403f96ca19fc071d8e9c946b2259a2804c68e"