From: Andrew Cooper <andrew.cooper3@citrix.com>
To: Xen-devel <xen-devel@lists.xen.org>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Jackson <Ian.Jackson@eu.citrix.com>,
Wei Liu <wei.liu2@citrix.com>, Jan Beulich <JBeulich@suse.com>
Subject: [PATCH 7/8] tools/insn-fuzz: Make use of LLVMFuzzerInitialize()
Date: Mon, 20 Mar 2017 11:19:44 +0000 [thread overview]
Message-ID: <1490008785-6058-8-git-send-email-andrew.cooper3@citrix.com> (raw)
In-Reply-To: <1490008785-6058-1-git-send-email-andrew.cooper3@citrix.com>
libfuzz can perform one-time initialisation by calling LLVMFuzzerInitialize().
Move emul_test_init() into this, to avoid repeating it on every
LLVMFuzzerTestOneInput() call.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
---
CC: Jan Beulich <JBeulich@suse.com>
CC: Ian Jackson <Ian.Jackson@eu.citrix.com>
CC: Wei Liu <wei.liu2@citrix.com>
---
tools/fuzz/x86_instruction_emulator/afl-harness.c | 4 ++++
tools/fuzz/x86_instruction_emulator/fuzz-emul.c | 19 +++++++++++--------
2 files changed, 15 insertions(+), 8 deletions(-)
diff --git a/tools/fuzz/x86_instruction_emulator/afl-harness.c b/tools/fuzz/x86_instruction_emulator/afl-harness.c
index 89d8605..63aff59 100644
--- a/tools/fuzz/x86_instruction_emulator/afl-harness.c
+++ b/tools/fuzz/x86_instruction_emulator/afl-harness.c
@@ -5,6 +5,7 @@
#include <string.h>
#include <getopt.h>
+extern int LLVMFuzzerInitialize(int *argc, char ***argv);
extern int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size);
extern unsigned int fuzz_minimal_input_size(void);
@@ -57,6 +58,9 @@ int main(int argc, char **argv)
else if ( optind != (argc - 1) )
goto usage;
+ if ( LLVMFuzzerInitialize(&argc, &argv) )
+ exit(-1);
+
if ( fp != stdin ) /* If not using stdin, open the provided file. */
{
fp = fopen(argv[optind], "rb");
diff --git a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
index 4b1e324..3b3041d 100644
--- a/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
+++ b/tools/fuzz/x86_instruction_emulator/fuzz-emul.c
@@ -646,9 +646,19 @@ static void sanitize_input(struct x86_emulate_ctxt *ctxt)
}
}
+int LLVMFuzzerInitialize(int *argc, char ***argv)
+{
+ if ( !emul_test_init() )
+ {
+ printf("Warning: Stack could not be made executable (%d).\n", errno);
+ return 1;
+ }
+
+ return 0;
+}
+
int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size)
{
- bool stack_exec;
struct cpu_user_regs regs = {};
struct x86_emulate_ctxt ctxt = {
.regs = ®s,
@@ -657,13 +667,6 @@ int LLVMFuzzerTestOneInput(const uint8_t *data_p, size_t size)
};
int rc;
- stack_exec = emul_test_init();
- if ( !stack_exec )
- {
- printf("Warning: Stack could not be made executable (%d).\n", errno);
- return 1;
- }
-
/* Reset all global state variables */
memset(&input, 0, sizeof(input));
data_index = 0;
--
2.1.4
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-03-20 11:19 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-20 11:19 [PATCH 0/8] Fuzzing misc bugfix and performance improvements Andrew Cooper
2017-03-20 11:19 ` [PATCH 1/8] tools/fuzz: Remove .d files in clean Andrew Cooper
2017-03-20 11:19 ` [PATCH 2/8] tools/fuzz: Use $(CC) for linking the harnesses Andrew Cooper
2017-03-20 11:19 ` [PATCH 3/8] tools/fuzz: Include LLVMFuzzerTestOneInput() in the generated .a Andrew Cooper
2017-03-20 11:19 ` [PATCH 4/8] tools/insn-fuzz: Use shorter filenames Andrew Cooper
2017-03-20 11:19 ` [PATCH 5/8] tools/insn-fuzz: Use getopt() for parsing the command line Andrew Cooper
2017-03-20 11:19 ` [PATCH 6/8] tools/insn-fuzz: Accept fuzzing input on stdin Andrew Cooper
2017-03-20 11:19 ` Andrew Cooper [this message]
2017-03-20 11:19 ` [PATCH 8/8] tools/insn-fuzz: Support AFL's afl-clang-fast mode Andrew Cooper
2017-03-20 15:55 ` [PATCH 0/8] Fuzzing misc bugfix and performance improvements Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1490008785-6058-8-git-send-email-andrew.cooper3@citrix.com \
--to=andrew.cooper3@citrix.com \
--cc=Ian.Jackson@eu.citrix.com \
--cc=JBeulich@suse.com \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).