Nyx hypercall API support for LibAFL QEMU #2801
Conversation
| @@ -5,6 +5,7 @@ authors = ["Romain Malmain <[email protected]>"] | |||
| edition = "2021" | |||
|
|
|||
| [features] | |||
| nyx = [] | |||
There was a problem hiding this comment.
Time to add some comments here to explain the features? We're using this for the other crates.
Specifically, I would explain that this adds API compatibility but isn't doing the same as nyx
There was a problem hiding this comment.
makes sense, didn't know about this crate.
There was a problem hiding this comment.
maybe we should put the precision in the nyx module doc then, this feature is only for the example fuzzer.
libafl_qemu/src/modules/utils/mod.rs
Outdated
| /// Fast hash function for 64 bits integers minimizing collisions. | ||
| /// Adapted from <https://xorshift.di.unimi.it/splitmix64.c> | ||
| #[must_use] | ||
| pub fn hash_me(mut x: u64) -> u64 { |
There was a problem hiding this comment.
I would either use the hashing function from libafl_bolts here, or move this guy to bolts
There was a problem hiding this comment.
i checked quickly the xxh implementation, i think they have better hashing properties but require more ops.
we use it for some performance-critical things, i'd prefer to keep it as-is for now before we can do proper benchmarking. i can add it to bolts if it makes more sense as a faster alternative to std.
There was a problem hiding this comment.
I don't get why you want to hash a 64 bit value to a 64 bit variable anyway? Isn't the best hash ... the value itself? It's a perfect 1:1 mapping :D
There was a problem hiding this comment.
because the 64 bit values in the input space are usually very close to each other, which means they are more likely to collide than hashed (unbiased) values in the bitmap.
i didn't measure this precisely, though.
fix bug in kernel harness
rmalmain
changed the title
* Nyx hypercall API support * fix linux kernel fuzzer * hash_me -> hash_64_fast * fix multiple bug in kernel harness * do not check libmozjpeg's C files format.
| #[cfg(any(cpu_target = "i386", cpu_target = "x86_64"))] | ||
| pub mod nyx; |
There was a problem hiding this comment.
Hello, can we have a proper feature for this?
There was a problem hiding this comment.
yes, it's already implemented in #3366. btw, it's better to open a new issue than comment on a closed pr. it's not really easy to notice the new comments otherwise
it does not support all API calls yet, but now it should be easy to add remaining ones by following the same pattern.
minimal linux kernel example runs locally.