Xen project Mailing List

Re: [Xen-devel] [PATCH 01/14] fuzz/x86_emulate: Remove redundant AFL hook

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>

From: George Dunlap <george.dunlap@xxxxxxxxxx>

Date: Fri, 22 Sep 2017 16:47:30 +0100

Cc: xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxx>

Delivery-date: Fri, 22 Sep 2017 15:48:07 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Fri, Aug 25, 2017 at 6:37 PM, Andrew Cooper <andrew.cooper3@xxxxxxxxxx> wrote: > On 25/08/17 17:43, George Dunlap wrote: >> You don't need __AFL_INIT if you have __AFL_LOOP. >> >> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx> > > Really? Is that covered in any documentation? > > I got the contrary impression from whichever version of AFL I was using > when I put this in, and a quick look over the afl-fuzz source doesn't > appear to equate them in any way. Trying to answer the feof() question, I dug into llvm mode a bit more. They are independent features but they can be used together: that is, if you compile with afl-clang-fast, you always get a forkserver. If you specify the location with __AFL_INIT, that's where the forkserver get started; otherwise, it's somewhere before main() is called. When __AFL_LOOP(N) is present, it will execute the loop N times before calling exit(); at which point, the forkserver will fork another instance (either before main(), or at __AFL_INIT). So you don't *need* __AFL_INIT; and the amount of time it will save isn't much (the initialization every 1000 iterations), but I suppose we might as well keep it. -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.