-
-
Notifications
You must be signed in to change notification settings - Fork 292
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Second round of usermode snapshot fixes #2140
Second round of usermode snapshot fixes #2140
Conversation
@@ -73,6 +73,12 @@ pub struct MappingInfo { | |||
pub size: usize, | |||
} | |||
|
|||
pub enum IntervalSnapshotFilter { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if this is something we should expose like this.
It's great to have this around for debugging or dirty fix as last resort, but I'm scared people rely too much on this instead of reporting bugs in the snapshot systems.
Also, it would be nice to have this work generically with the IsSnapshotManager
maybe? I didn't implement the trait for usermode snapshot yet, but I guess it could be the right moment to do so.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or maybe we could emit a warning when using this asking to issue a bug report or something similar?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You could add a #[deprecated]
flag that will show at compile time? (But feels a bit funny to add a new API as deprecated)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I doesn't seem there is another way to issue warnings at compile time in stable, I guess it's a good alternative
Sorry for being late but I couldn't get on it last week. Btw, what if we
just keep the deny list and that's it? Or we could just pass a simple
vector of GuestAddr without using filters at all.
…On Sun, 12 May 2024, 16:53 Romain Malmain, ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In libafl_qemu/src/helpers/snapshot.rs
<#2140 (comment)>:
> @@ -73,6 +73,12 @@ pub struct MappingInfo {
pub size: usize,
}
+pub enum IntervalSnapshotFilter {
I doesn't seem there is another way to issue warnings at compile time in
stable, I guess it's a good alternative
—
Reply to this email directly, view it on GitHub
<#2140 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABGW4SJWQ3MNN3A3ZUAFYUTZB5X6JAVCNFSM6AAAAABHGWCZ5SVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDANJRGM4DEOBSG4>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
@rmalmain merge? |
To be more clear, these are two alternatives:
|
Let's keep it as it is. I'm not sure it's good practice to use this filter still, but most likely if you use it in the first place means you know what you're doing. We can always add a warning or only enable this in debug mode in the future if the feature is abused later on. |
Just add a comment to the snapshot filter that bugs should be reported? |
Good idea
…On Tue, 21 May 2024, 12:27 Dominik Maier, ***@***.***> wrote:
Just add a comment to the snapshot filter that bugs should be reported?
—
Reply to this email directly, view it on GitHub
<#2140 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABGW4SL36W54ERO6PGJT42LZDMHQBAVCNFSM6AAAAABHGWCZ5SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMRSGE4DENJRGY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sounds good |
trace_mmap_snapshot
: now we hook brk and change the mappings in the interval tree based on the brk return valuesIntervalSnapshotFilter
forQemuSnapshotHelper
: we can createDenyList
andAllowList
with memory address ranges to respectively filter out, or include, memory areas in the snapshot. For example, if you want to exclude the mutated input buffer from the snapshot or include specific memory areas that are not being traced by read/write callbacks etc.