[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v3 1/2] Add libfuzzer target to fuzz/x86_instruction_emulator


  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
  • Date: Mon, 22 Jul 2024 10:07:09 -0400
  • Arc-authentication-results: i=1; mx.zohomail.com; dkim=pass header.i=tklengyel.com; spf=pass smtp.mailfrom=tamas@xxxxxxxxxxxxx; dmarc=pass header.from=<tamas@xxxxxxxxxxxxx>
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1721657268; h=Content-Type:Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:Subject:To:To:Message-Id:Reply-To; bh=ymsslw8WPnqgAd6UT7sCqI7SIkucw0cEeB7ugUBdApM=; b=ApCQno5vcmivAfiD8sXhX4RfzcL77EKkdRU+dz20bAVpSQxP1/ImOxGFvATsXhOz3JJNKPtjXV62CmBg3uX9OHArGlePjGzoavjntiUMYkUN3+T3mMVNcPG9bH/e8fSKTFH7rlS198rNwXVV2Mkul9L5TWzA3guV45yNdy0kwDI=
  • Arc-seal: i=1; a=rsa-sha256; t=1721657268; cv=none; d=zohomail.com; s=zohoarc; b=IIQiai6P+HMuKKVR5AX/C7TCtd1fASVSNLcUxZft5sh2BR5k9Kylg1o/682zwDjDBm3aBv6KH6bjLj/hx2AUAj5eZDTW2wUz1j5njPOoaa6pUvUdrhiTnIvfL77r2CNKmG9wuxw1dgWIUBhpHyz72zD5gvi9J4hyKvZuhU36Y+Y=
  • Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, Anthony PERARD <anthony@xxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 22 Jul 2024 14:07:57 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Mon, Jul 22, 2024 at 9:57 AM Jan Beulich <jbeulich@xxxxxxxx> wrote:
>
> On 22.07.2024 15:51, Tamas K Lengyel wrote:
> > On Mon, Jul 22, 2024 at 8:24 AM Jan Beulich <jbeulich@xxxxxxxx> wrote:
> >>
> >> On 22.07.2024 13:27, Tamas K Lengyel wrote:
> >>> This target enables integration into oss-fuzz. Changing invalid input 
> >>> return
> >>> to -1 as values other then 0/-1 are reserved by libfuzzer. Also adding the
> >>> missing __wrap_vsnprintf wrapper which is required for successful oss-fuzz
> >>> build.
> >>>
> >>> Signed-off-by: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
> >>> ---
> >>> v3: don't include libfuzzer-harness in target 'all' as it requires 
> >>> specific cc
> >>
> >> With this, how is it going to be built at all? Only by invoking the special
> >> target "manually" as it seems? Which sets this up for easy bit-rotting. I
> >> wonder what others think here ...
> >
> > Yes, by calling make with the specific target. It's not going to
> > bitrot because oss-fuzz will pick up any regression on a daily basis
> > to this target. I assume you would be interested in receiving the
> > fuzzing reports so it would show as a build failure in case something
> > broke it.
>
> Please forgive my lack of knowledge here, but which part of whose
> infrastructure would pick up stuff in a daily basis, and what fuzzing
> reports (I've never seen any, daily or not) are you talking about?
> For now it feels to me as if you're talking of what's possible down
> the road, not what's going to happen from the moment this patch was
> committed in a 2nd try. If so, the gap between both points in time
> may be significant, and hence my bit-rotting concern would still
> apply.

Once these two patches are merged to Xen I'll send my PR to oss-fuzz
to have it pull Xen daily and build this fuzzer and run it on their
infrastructure. It usually takes them less than 24 hours to respond to
PRs, I have added multiple projects there already so the "lag" you
worry about it's not something to worry about.

Having these two patches upstream in Xen is not required by the way, I
could just send these to be upstream to oss-fuzz and have them apply
them after it pulling the xen git repo but it gives more flexibility
to you guys to add additional fuzzers in the future more easily if
these are in your repository because you don't even have to touch
oss-fuzz afterwards.

If you need to learn more about what oss-fuzz is and how it operates
they have a quite nice documentation.

Tamas



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.