Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support

From:	Paolo Bonzini
Subject:	Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support
Date:	Fri, 11 Jan 2019 16:33:58 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1

On 11/01/19 16:04, Max Moroz wrote:
> We usually have a single fuzzing process, it starts with a fuzzing
> engine's main function and is calling LLVMFuzzerTestOneInput with
> various inputs and keep mutating them based on the coverage feedback.
> Running a second process which you don't care too much about might be
> fine, but the fuzzing process should be "replacing" or should I say
> "imitating" the process whose coverage you're interested in.

What do you mean by replacing or imitating?

Avoiding fork would probably be hard.  I'm mostly afraid that some state
guest state is not resetted properly across runs, and this would result
in non-reproducible crashes.

It seems to me that the task can be approached with AFL and a test case
postprocessor to generate the qtest input; however, my knowledge of
libFuzzer is very very limited.

Paolo

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Stefan Hajnoczi, 2019/01/09
- Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Bandan Das, 2019/01/10
  - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Dmitry Vyukov, 2019/01/10
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Max Moroz, 2019/01/10
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Paolo Bonzini, 2019/01/10
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Stefan Hajnoczi, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Max Moroz, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Paolo Bonzini <=
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Max Moroz, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Paolo Bonzini, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Jonathan Metzman, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Paolo Bonzini, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Jonathan Metzman, 2019/01/11
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Stefan Hajnoczi, 2019/01/14
    - Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Bandan Das, 2019/01/18
- Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support, Dmitry Vyukov, 2019/01/10

Prev by Date: Re: [Qemu-devel] [PATCH 5/5] [debug] some logging
Next by Date: [Qemu-devel] [PATCH v2 0/9] Build ACPI Heterogeneous Memory Attribute Table (HMAT)
Previous by thread: Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support
Next by thread: Re: [Qemu-devel] Internship idea: virtio-blk oss-fuzz support
Index(es):
- Date
- Thread