New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[fuzzuf-cc] Phase 2: Renewal of forkserver mode #53
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think a large part of changes introduced by this PR is no problem at all.
Accordingly to fuzzuf-cc, some minor issues in this PR should be fixed probably.
Most of the issues are just that unnecessary code is copied from NativeLinuxExecutor and left as it is.
The maintainer of this repository will set up a reviewer for each PR.
PR reviewers should review this PR in terms of the checklist below before moving on to a detailed code review. Please comment on their initial response by filling in the checklist below.
Optional Entries
- The reviewer assigned more reviewers if needed.
- The reviewer noted that it is necessary to break out some of the changes in this PR into other PRs if needed.
- The reviewer noted that the initial response is insufficient if needed.
Mandatory Entries
- The title of this PR summarizes the changes made by this PR properly.
- The target branch of this PR is as intended.
- The reviewer understands the issues in this PR.
- The reviewer plans to review with an appropriate workload based on the importance of this PR.
📝 Performed changes to overcome 歴史的経緯 (historical background)
|
Co-authored-by: Yudai <ptr.yudai+dev@gmail.com>
📝 Additional changes:
|
2504b30
to
00926ad
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
GG
ジージー |
Type of PR
Related Issue
Importance of PR
PR Overview
Concerns (Optional)
Performance
execs_per_sec
): 3298.99, Crashes: 5795 (34 unique)Source Code Quality
FdChannel
.FdChannel
.If possible, I would like reviewers to try the entire process at hand, from instrumentation to fuzzing.
I would like to keep the conventional implementation (
NativeLinuxExecutor
) and the new implementation (LinuxForkServerExecutor
) in parallel for a while.-e native
for the former and-e forkserver
for the latter.Fear of degradation 💣
Known implementation defects 💣
Additional dependencies
Artifacts
Commands to start fuzzing:
$ rm -rf /tmp/fuzzuf-out_dir $ ./build/fuzzuf afl -e forkserver --log_file=fuzzuf.log --in_dir docs/resources/exifutil/fuzz_input/ -- ~/atla/fuzzuf-cc/put/exifutil/fd-exifutil -f @@
Screenshot:
Runtime logs (
fuzzuf.log
)(抜粋):(Reference) No. 6 is SIGABRT, No. 11 is SIGSEGV, and No. 9 is SIGKILL. SIGKILL is the signal when forkserver exits when the PUT execution times out.
Files marked as a crash can reproduce crash as follows:
NOTE: When binary instrumented with fuzzuf-cc is invoked without forkserver client (i.e. when executed directly from the command line), execution is aborted. So crash reproduction was verified with a binary instrumented with afl-gcc.
Optional Entries
Mandatory Entries
Optional Entries
Mandatory Entries
Optional Entries
Mandatory Entries