Replies: 4 comments 7 replies
-
Yes, there is (usually) no need to interact with an emulator via IPC. |
Beta Was this translation helpful? Give feedback.
-
The other advantage that I have in mind is to expose some hooks from QEMU to Rust and implement all that we need in Rust. |
Beta Was this translation helpful? Give feedback.
-
If you want to contribute, the first step is to patch QEMU to be a library or to include a static Rust library (that will include libafl) in the final QEMU binary. Then you can code a simple program that sets some breakpoints using the API that I coded and run the target. |
Beta Was this translation helpful? Give feedback.
-
Update: There is now a QEMU/LibAFL integration that uses QEMU as a library and supports various hooks. |
Beta Was this translation helpful? Give feedback.
-
Hi @domenukk and @andreafioraldi and all the AFLplusplus gang 🎊
I saw the "Proposed projects" issue and the qemu-libafl-bridge project and was curious to how you were planning to implement the QEMU integration. Currently most implementations I know use QEMU as a black box communicating with it over pipes and shared memory, but the code in qemu-libafl-bridge looked more like an integrated implementation where the fuzzer (LibAFL) might do step by step instrumentation. I would love to help implement a QEMU mode and was interested to how you were thinking to implement this
P.S.
this is my first time using Discussions on GitHub so I hope this is the right place for this discussion
Beta Was this translation helpful? Give feedback.
All reactions