[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RFC PATCH] xen: add libafl-qemu fuzzer support

To: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
From: Stefano Stabellini <sstabellini@xxxxxxxxxx>
Date: Thu, 21 Nov 2024 16:37:10 -0800 (PST)
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>, Juergen Gross <jgross@xxxxxxxx>, George Dunlap <gwd@xxxxxxxxxxxxxx>
Delivery-date: Fri, 22 Nov 2024 00:37:37 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, 21 Nov 2024, Volodymyr Babchuk wrote:
> Hi Stefano,
> 
> Stefano Stabellini <sstabellini@xxxxxxxxxx> writes:
> 
> > On Wed, 20 Nov 2024, Volodymyr Babchuk wrote:
> >> Hi Stefano,
> >> 
> >> (sorry, hit wrong Reply-To option, re-sending for wider audience)
> >> 
> >> Stefano Stabellini <sstabellini@xxxxxxxxxx> writes:
> >> 
> >> > On Tue, 19 Nov 2024, Volodymyr Babchuk wrote:
> >> >> Hi Stefano,
> >> >>
> >> >> Stefano Stabellini <sstabellini@xxxxxxxxxx> writes:
> >> >>
> 
> [...]
> 
> >> >>
> >> >> I was considering this as well. Problem is that fuzzing should be
> >> >> running for a prolonged periods of time. There is no clear consensus on
> >> >> "how long", but most widely accepted time period is 24 hours. So looks
> >> >> like it should be something like "nightly build" task. Fuzzer code
> >> >> needs to be extended to support some runtime restriction, because right
> >> >> now it runs indefinitely, until user stops it.
> >> >
> >> > We can let it run for 48 hours continuously every weekend using the
> >> > Gitlab runners
> >> 
> >> Great idea. Anyways, I need to add option to limit runtime to the fuzzer
> >> and invent some method for reporting discovered crashes to the CI first.
> >> 
> >> >
> >> >> I am certainly going to implement this, but this is a separate topic,
> >> >> because it quires changes in the fuzzer app. Speaking on which... Right
> >> >> now both fuzzer and test harness reside in our github repo, as you
> >> >> noticed. I believe it is better to host it on xenbits as an official
> >> >> part of the Xen Project.
> >> >
> >> > Yes we can create repos under gitlab.com/xen-project for this, maybe a
> >> > new subgroup gitlab.com/xen-project/fuzzer
> >> 
> >> Good. Whom should I ask to do this?
> >
> > I created gitlab.com/xen-project/fuzzer as an empty group. What
> > repositories do you need under it?
> 
> Right now it is only the fuzzer itself
> (https://github.com/xen-troops/xen-fuzzer-rs). If we are going to use
> XTF then we don't need additional repo for the the harness.

Please see:
https://gitlab.com/xen-project/fuzzer/xen-fuzzer

Before pushing the master of https://github.com/xen-troops/xen-fuzzer-rs
to https://gitlab.com/xen-project/fuzzer/xen-fuzzer, we need to make
sure that an appropriate Open Source license is clearly specified for
the project either with a top level COPYING file, or with an SPDX tag on
top of each source file, or both. MIT is a good candidate as LibAFL is
dual licensed as MIT.

References:
- [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Volodymyr Babchuk
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Stefano Stabellini
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Volodymyr Babchuk
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Stefano Stabellini
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Volodymyr Babchuk
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Stefano Stabellini
- Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
  - From: Volodymyr Babchuk

Prev by Date: Re: [PATCH] 9p/xen: fix release of IRQ
Next by Date: Re: [PATCH] vpci: Add resizable bar support
Previous by thread: Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
Next by thread: Re: [RFC PATCH] xen: add libafl-qemu fuzzer support
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.