From: George Dunlap <george.dunlap@citrix.com>
To: Andrew Cooper <andrew.cooper3@citrix.com>,
xen-devel <xen-devel@lists.xenproject.org>
Cc: Ian Jackson <ian.jackson@citrix.com>,
Wei Liu <wei.liu2@citrix.com>, Jan Beulich <jbeulich@suse.com>
Subject: Re: [PATCH 01/14] fuzz/x86_emulate: Remove redundant AFL hook
Date: Thu, 14 Sep 2017 16:26:22 +0100 [thread overview]
Message-ID: <CAFLBxZa8fRkwrmx-FLNVzuHcS8rfB4vxMnNGzVcwj5Qx4MNx9A@mail.gmail.com> (raw)
In-Reply-To: <9fcd6e90-6b62-fdf1-7569-2f44b75b33e7@citrix.com>
Ping?
I realize this isn't a major feature but it would be nice to get it
in for 4.10.
-George
On Mon, Aug 28, 2017 at 11:34 AM, George Dunlap
<george.dunlap@citrix.com> wrote:
> On 08/25/2017 06:37 PM, Andrew Cooper wrote:
>> On 25/08/17 17:43, George Dunlap wrote:
>>> You don't need __AFL_INIT if you have __AFL_LOOP.
>>>
>>> Signed-off-by: George Dunlap <george.dunlap@citrix.com>
>>
>> Really? Is that covered in any documentation?
>>
>> I got the contrary impression from whichever version of AFL I was using
>> when I put this in, and a quick look over the afl-fuzz source doesn't
>> appear to equate them in any way.
>
> The documentation does seem a bit hazy on the subject. However:
>
> 1. It clear from the documentation [1] that both of them work *only* in
> llvm mode (i.e., when compiled with afl-clang-fast). In particular the
> last paragraph of section 4: "afl-gcc or afl-clang will
> *not* generate a deferred-initialization binary".
>
> 2. The documentation does seem to speak of them as separate 'modes'
> (Section 5, "Note that as with the previous mode, ...")
>
> 3. Empirically speaking, persistent mode works fine with __AFL_LOOP()
> and no __AFL_INIT() (for me anyway).
>
> -George
>
> [1] https://github.com/mirrorer/afl/tree/master/llvm_mode
>
>>
>> ~Andrew
>>
>>> ---
>>> CC: Ian Jackson <ian.jackson@citrix.com>
>>> CC: Wei Liu <wei.liu2@citrix.com>
>>> CC: Andrew Cooper <andrew.cooper3@citrix.com>
>>> CC: Jan Beulich <jbeulich@suse.com>
>>> ---
>>> tools/fuzz/x86_instruction_emulator/afl-harness.c | 2 --
>>> 1 file changed, 2 deletions(-)
>>>
>>> diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c b/tools/fuzz/x86_instruction_emulator/afl-harness.c
>>> index 154869336a..1a79ff228e 100644
>>> --- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
>>> +++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
>>> @@ -63,8 +63,6 @@ int main(int argc, char **argv)
>>> exit(-1);
>>>
>>> #ifdef __AFL_HAVE_MANUAL_CONTROL
>>> - __AFL_INIT();
>>> -
>>> while ( __AFL_LOOP(1000) )
>>> #endif
>>> {
>>
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xen.org
> https://lists.xen.org/xen-devel
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-09-14 15:27 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-25 16:43 [PATCH 01/14] fuzz/x86_emulate: Remove redundant AFL hook George Dunlap
2017-08-25 16:43 ` [PATCH 02/14] x86emul/fuzz: add rudimentary limit checking George Dunlap
2017-08-25 16:43 ` [PATCH 03/14] fuzz/x86_emulate: Actually use cpu_regs input George Dunlap
2017-09-15 11:21 ` Wei Liu
2017-08-25 16:43 ` [PATCH 04/14] fuzz/x86_emulate: Add a better input size check George Dunlap
2017-08-25 17:42 ` Andrew Cooper
2017-09-15 11:39 ` Wei Liu
2017-09-25 9:36 ` George Dunlap
2017-09-25 11:08 ` George Dunlap
2017-08-25 16:43 ` [PATCH 05/14] fuzz/x86_emulate: Improve failure descriptions in x86_emulate harness George Dunlap
2017-09-15 11:41 ` Wei Liu
2017-09-15 11:47 ` George Dunlap
2017-08-25 16:43 ` [PATCH 06/14] fuzz/x86_emulate: Implement dread() and davail() George Dunlap
2017-08-25 17:45 ` Andrew Cooper
2017-09-14 17:06 ` George Dunlap
2017-09-25 11:40 ` George Dunlap
2017-08-25 16:43 ` [PATCH 07/14] fuzz/x86_emulate: Rename the file containing the wrapper code George Dunlap
2017-09-15 11:45 ` Wei Liu
2017-08-25 16:43 ` [PATCH 08/14] fuzz/x86_emulate: Add 'afl-cov' target George Dunlap
2017-09-15 12:55 ` Wei Liu
2017-09-15 12:57 ` Wei Liu
2017-09-15 13:28 ` George Dunlap
2017-08-25 16:43 ` [PATCH 09/14] fuzz/x86_emulate: Take multiple test files for inputs George Dunlap
2017-09-15 13:07 ` Wei Liu
2017-09-15 13:27 ` George Dunlap
2017-09-15 13:42 ` Wei Liu
2017-08-25 16:43 ` [PATCH 10/14] fuzz/x86_emulate: Move all state into fuzz_state George Dunlap
2017-08-25 16:43 ` [PATCH 11/14] fuzz/x86_emulate: Make input more compact George Dunlap
2017-08-25 16:52 ` George Dunlap
2017-08-25 17:59 ` Andrew Cooper
2017-08-28 9:10 ` George Dunlap
2017-08-25 16:43 ` [PATCH 12/14] fuzz/x86_emulate: Add --rerun option to try to track down instability George Dunlap
2017-09-15 13:30 ` Wei Liu
2017-08-25 16:43 ` [PATCH 13/14] fuzz/x86_emulate: Set and fuzz more CPU state George Dunlap
2017-08-25 16:43 ` [PATCH 14/14] fuzz/x86_emulate: Add an option to limit the number of instructions executed George Dunlap
2017-09-15 13:38 ` Wei Liu
2017-09-15 13:55 ` George Dunlap
2017-09-19 10:05 ` Wei Liu
2017-08-25 17:37 ` [PATCH 01/14] fuzz/x86_emulate: Remove redundant AFL hook Andrew Cooper
2017-08-28 10:34 ` George Dunlap
2017-09-14 15:26 ` George Dunlap [this message]
2017-09-22 15:47 ` George Dunlap
2017-09-22 16:09 ` Andrew Cooper
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFLBxZa8fRkwrmx-FLNVzuHcS8rfB4vxMnNGzVcwj5Qx4MNx9A@mail.gmail.com \
--to=george.dunlap@citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=ian.jackson@citrix.com \
--cc=jbeulich@suse.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.