mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
247ab240c2
qemu/scripts
History
Qiuhao Li 247ab240c2 fuzz: remove IO commands iteratively 
Now we use a one-time scan and remove strategy in the minimizer,
which is not suitable for timing dependent instructions.

For example, instruction A will indicate an address where the config
chunk locates, and instruction B will make the configuration active.
If we have the following instruction sequence:

...
A1
B1
A2
B2
...

A2 and B2 are the actual instructions that trigger the bug.

If we scan from top to bottom, after we remove A1, the behavior of B1
might be unknowable, including not to crash the program. But we will
successfully remove B1 later cause A2 and B2 will crash the process
anyway:

...
A1
A2
B2
...

Now one more trimming will remove A1.

In the perfect case, we would need to be able to remove A and B (or C!) at
the same time. But for now, let's just add a loop around the minimizer.

Since we only remove instructions, this iterative algorithm is converging.

Tested with Bug 1908062.

Signed-off-by: Qiuhao Li <Qiuhao.Li@outlook.com>
Reviewed-by: Alexander Bulekov <alxndr@bu.edu>
Tested-by: Alexander Bulekov <alxndr@bu.edu>
Message-Id: <SYCPR01MB350263004448040ACCB9A9F1FCAB0@SYCPR01MB3502.ausprd01.prod.outlook.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
2021-01-11 14:59:21 +01:00
..
ci scripts/ci: clean up default args logic a little 2020-11-23 09:48:25 +00:00
coccinelle scripts/coccinelle: New script to remove unnecessary timer_del() calls 2021-01-08 15:13:38 +00:00
codeconverter scripts/codeconverter: Update to latest version 2020-09-18 14:12:32 -04:00
coverity-scan Remove texinfo dependency from docker and CI configs 2020-09-29 17:55:39 +02:00
kvm scripts/kvm/vmxcap: Use Python 3 interpreter and add pseudo-main() 2020-05-31 13:56:46 +02:00
modules scripts/modules/module_block: Use Python 3 interpreter & add pseudo-main 2020-05-31 13:56:46 +02:00
oss-fuzz fuzz: remove IO commands iteratively 2021-01-11 14:59:21 +01:00
performance scripts/performance: Add dissect.py script 2020-07-14 22:22:22 +02:00
qapi qapi/visit.py: add type hint annotations 2020-10-10 11:37:49 +02:00
qemu-guest-agent qemu-guest-agent: freeze-hook to ignore dpkg files as well 2018-08-23 18:46:25 +02:00
qemugdb scripts/qemugdb: Remove shebang header 2020-05-31 13:56:46 +02:00
qmp scripts/qmp: delete 'qmp' script 2020-10-27 11:11:06 +01:00
simplebench scripts/simplebench: add bench_prealloc.py 2020-12-18 12:35:55 +01:00
tracetool tracetool: show trace-events filename/lineno in fmt string errors 2021-01-04 14:24:58 +00:00
travis travis: add gcovr summary for GCOV build 2018-07-05 15:59:41 +01:00
analyse-9p-simpletrace.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00
analyse-locks-simpletrace.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00
analyze-inclusions Move target-* CPU file into a target/ folder 2016-12-20 21:52:12 +01:00
analyze-migration.py nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
archive-source.sh build-sys: add meson submodule 2020-08-21 06:30:06 -04:00
block-coroutine-wrapper.py scripts: add block-coroutine-wrapper.py 2020-10-05 10:59:06 +01:00
check_sparse.py meson: move sparse detection to Meson and rewrite check_sparse.py 2020-10-04 18:36:23 +02:00
checkpatch.pl scripts: fix error from checkpatch.pl when no commits are found 2020-10-27 09:53:50 +00:00
clean-header-guards.pl scripts/: fix some comment spelling errors 2020-09-17 20:37:55 +02:00
clean-includes meson: rename included C source files to .c.inc 2020-08-21 06:18:30 -04:00
cleanup-trace-events.pl scripts/cleanup-trace-events: Emit files in alphabetical order 2020-09-09 17:17:00 +01:00
cocci-macro-file.h compiler.h: remove QEMU_GNUC_PREREQ 2020-12-15 12:53:15 -05:00
coverity-model.c coverity-model: Fix replay_get_byte() 2018-07-05 15:09:52 +02:00
decodetree.py overall/alpha tcg cpus|hppa: Fix Lesser GPL version number 2020-11-15 16:43:54 +01:00
device-crash-test device-crash-test: Check if path is actually an executable file 2020-11-09 18:34:21 +01:00
disas-objdump.pl scripts: Switch to more portable Perl shebang 2017-05-10 10:19:24 +03:00
dump-guest-memory.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00
extract-vsssdk-headers Add a script to extract VSS SDK headers on POSIX system 2013-09-09 14:17:56 -05:00
feature_to_c.sh meson: cpu-emu 2020-08-21 06:30:39 -04:00
fix-multiline-comments.sh scripts: add script to convert multiline comments into 4-line format 2019-01-11 15:46:55 +01:00
gensyscalls.sh linux-user: update syscall_nr.h to Linux 5.9-rc7 2020-10-26 11:39:23 +01:00
get_maintainer.pl softmmu: move vl.c to softmmu/ 2020-02-22 08:26:47 +00:00
git-submodule.sh git: Make submodule check only needed modules 2020-02-13 11:31:58 +01:00
git.orderfile scripts/git.orderfile: Keep files with .inc extension sorted 2020-12-15 12:53:16 -05:00
hxtool meson: generate hxtool files 2020-08-21 06:30:14 -04:00
hxtool-conv.pl scripts/hxtool-conv: Archive script used in qemu-options.hx conversion 2020-03-06 10:05:24 +00:00
kernel-doc scripts: kernel-doc: remove unnecessary change wrt Linux 2020-12-10 12:15:25 -05:00
make-release make-release: pull in edk2 submodules so we can build it from tarballs 2019-10-07 14:54:45 +02:00
meson.build meson: install scripts/qemu-trace-stap 2020-09-01 01:51:52 -04:00
minikconf.py meson: infrastructure for building emulators 2020-08-21 06:30:17 -04:00
mtest2make.py build: replace ninjatool with ninja 2020-10-17 10:45:51 -04:00
nsis.py meson: Fix argument for makensis (build regression) 2020-11-18 09:28:55 +01:00
qapi-gen.py qapi: move generator entrypoint into package 2020-10-10 11:37:47 +02:00
qemu-binfmt-conf.sh scripts/qemu-binfmt-conf: Update for sparc64 2019-11-06 13:28:27 +01:00
qemu-gdb.py scripts/qemu-gdb: Use Python 3 interpreter 2020-05-31 13:56:46 +02:00
qemu-trace-stap trace: update qemu-trace-stap to Python 3 2020-01-13 16:42:20 +00:00
qemu-version.sh build-sys: fix git version from -version 2020-10-12 11:50:23 -04:00
refresh-pxe-roms.sh roms: rewrite scripts/refresh-pxe-roms.sh 2013-09-30 09:44:35 +02:00
render_block_graph.py python/qmp.py: re-absorb MonitorResponseError 2020-07-14 22:22:22 +02:00
replay-dump.py nomaintainer: Fix Lesser GPL version number 2020-11-15 17:04:40 +01:00
shaderinclude.pl scripts: Switch to more portable Perl shebang 2017-05-10 10:19:24 +03:00
show-fixed-bugs.sh show-fixed-bugs.sh: Modern shell scripting (use $() instead of ``) 2018-10-16 18:34:19 +02:00
signrom.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00
simpletrace.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00
switch-timer-api scripts: Switch to more portable Perl shebang 2017-05-10 10:19:24 +03:00
tap-driver.pl scripts: improve message when TAP based tests fail 2020-07-10 19:26:55 -04:00
tap-merge.pl tap: flush STDOUT on newline 2019-02-05 16:50:16 +01:00
test-driver.py mtest2make: hide output of successful tests 2020-09-08 07:17:09 +02:00
tracetool.py tracetool: add output filename command-line argument 2021-01-04 14:24:58 +00:00
u2f-setup-gen.py scripts: Add u2f-setup-gen script 2020-08-31 08:23:39 +02:00
undefsym.py build: fix macOS --enable-modules build 2020-10-22 11:53:52 -04:00
update-linux-headers.sh update-linux-headers: Add vfio_zdev.h 2020-11-01 12:30:51 -07:00
update-mips-syscall-args.sh linux-user,mips: update syscall-args-o32.c.inc 2020-03-20 16:02:00 +01:00
update-syscalltbl.sh linux-user, scripts: add a script to update syscall.tbl 2020-03-20 16:02:00 +01:00
vmstate-static-checker.py drop "from __future__ import print_function" 2020-02-07 15:15:16 +01:00