Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target

From:	Stefan Hajnoczi
Subject:	Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target
Date:	Thu, 7 Nov 2019 16:41:33 +0100

On Thu, Nov 7, 2019 at 2:44 PM Jason Wang <address@hidden> wrote:
> On 2019/10/30 下午10:50, Oleinik, Alexander wrote:
> > From: Alexander Oleinik <address@hidden>
> >
> > The virtio-net fuzz target feeds inputs to all three virtio-net
> > virtqueues, and uses forking to avoid leaking state between fuzz runs.
> >
> > Signed-off-by: Alexander Oleinik <address@hidden>
>
>
> Can this fuzz vhost-net or vhost-user (I only see socket backend)? If
> it's not too hard, it would be even more interesting.

Fuzzing vhost devices would be awesome but this patch series does not do that.

libfuzzer uses coverage-guided fuzzing.  It needs to instrument the
code.  vhost kernel modules or external vhost-user processes aren't
instrumented so the fuzzing engine has no code instrumentation
feedback.

It should be possible to solve those problems eventually.  You could
also run it as-is, but the fuzzer wouldn't make intelligent decisions
about mutating input data to explore new code paths in vhost kernel
modules.

Stefan

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target, Stefan Hajnoczi, 2019/11/07
- Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target, Jason Wang, 2019/11/07
  - Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target, Stefan Hajnoczi <=

Prev by Date: Re: [RFC PATCH 06/18] qemu-storage-daemon: Add --nbd-server option
Next by Date: Re: [PATCH 0/2] Acceptance test: update kernel used on m68k/q800 test
Previous by thread: Re: [PATCH v4 19/20] fuzz: add virtio-net fuzz target
Next by thread: Re: [PATCH v4 20/20] fuzz: add documentation to docs/devel/
Index(es):
- Date
- Thread