Second round of usermode snapshot fixes #2140
Conversation
| @@ -73,6 +73,12 @@ pub struct MappingInfo { | |||
| pub size: usize, | |||
| } | |||
|
|
|||
| pub enum IntervalSnapshotFilter { | |||
There was a problem hiding this comment.
I'm not sure if this is something we should expose like this.
It's great to have this around for debugging or dirty fix as last resort, but I'm scared people rely too much on this instead of reporting bugs in the snapshot systems.
Also, it would be nice to have this work generically with the IsSnapshotManager maybe? I didn't implement the trait for usermode snapshot yet, but I guess it could be the right moment to do so.
There was a problem hiding this comment.
Or maybe we could emit a warning when using this asking to issue a bug report or something similar?
There was a problem hiding this comment.
You could add a #[deprecated] flag that will show at compile time? (But feels a bit funny to add a new API as deprecated)
There was a problem hiding this comment.
I doesn't seem there is another way to issue warnings at compile time in stable, I guess it's a good alternative
|
Sorry for being late but I couldn't get on it last week. Btw, what if we
just keep the deny list and that's it? Or we could just pass a simple
vector of GuestAddr without using filters at all.
…On Sun, 12 May 2024, 16:53 Romain Malmain, ***@***.***> wrote:
***@***.**** commented on this pull request.
------------------------------
In libafl_qemu/src/helpers/snapshot.rs
<#2140 (comment)>:
> @@ -73,6 +73,12 @@ pub struct MappingInfo {
pub size: usize,
}
+pub enum IntervalSnapshotFilter {
I doesn't seem there is another way to issue warnings at compile time in
stable, I guess it's a good alternative
—
Reply to this email directly, view it on GitHub
<#2140 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABGW4SJWQ3MNN3A3ZUAFYUTZB5X6JAVCNFSM6AAAAABHGWCZ5SVHI2DSMVQWIX3LMV43YUDVNRWFEZLROVSXG5CSMV3GSZLXHMZDANJRGM4DEOBSG4>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
@rmalmain merge? |
|
To be more clear, these are two alternatives:
|
|
Let's keep it as it is. I'm not sure it's good practice to use this filter still, but most likely if you use it in the first place means you know what you're doing. We can always add a warning or only enable this in debug mode in the future if the feature is abused later on. |
|
Just add a comment to the snapshot filter that bugs should be reported? |
|
Good idea
…On Tue, 21 May 2024, 12:27 Dominik Maier, ***@***.***> wrote:
Just add a comment to the snapshot filter that bugs should be reported?
—
Reply to this email directly, view it on GitHub
<#2140 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABGW4SL36W54ERO6PGJT42LZDMHQBAVCNFSM6AAAAABHGWCZ5SVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMRSGE4DENJRGY>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
|
Sounds good |
trace_mmap_snapshot: now we hook brk and change the mappings in the interval tree based on the brk return valuesIntervalSnapshotFilterforQemuSnapshotHelper: we can createDenyListandAllowListwith memory address ranges to respectively filter out, or include, memory areas in the snapshot. For example, if you want to exclude the mutated input buffer from the snapshot or include specific memory areas that are not being traced by read/write callbacks etc.