[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] fuzz: do not use POSIX shm for coverage bitmap
From: |
Stefan Hajnoczi |
Subject: |
Re: [PATCH] fuzz: do not use POSIX shm for coverage bitmap |
Date: |
Tue, 23 Jun 2020 09:44:10 +0100 |
On Mon, Jun 22, 2020 at 12:50:40PM -0400, Alexander Bulekov wrote:
> We used shm_open with mmap to share libfuzzer's coverage bitmap with
> child (runner) processes. The same functionality can be achieved with
> MAP_SHARED | MAP_ANONYMOUS, since we do not care about naming or
> permissioning the shared memory object.
>
> Signed-off-by: Alexander Bulekov <alxndr@bu.edu>
> ---
> This might fix:
> qemu-fuzz-i386-target-virtio-net-socket: Unexpected-exit in
> counter_shm_init
> https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23636 (private link)
>
> oss-fuzz does not provide access to /dev/, so it is likely that shm_open
> breaks, when it tries to access /dev/shm. This seems likely, based on
> the oss-fuzz minijail setup:
> https://github.com/google/oss-fuzz/blob/3740c751fd9edea138c17783995d370d6b1b89bc/infra/base-images/base-runner/run_minijail
>
> tests/qtest/fuzz/fork_fuzz.c | 40 ++++++++++++------------------------
> 1 file changed, 13 insertions(+), 27 deletions(-)
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
signature.asc
Description: PGP signature