SYS-OSS/FRET-LibAFL
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add comments for EmulatorModule trait (#2842)

Browse Source 
* Add comments for EmulatorModule trait

---------

Co-authored-by: h1k0 <h1k0naka@outlook.com>
Co-authored-by: Dongjia "toka" Zhang <tokazerkje@outlook.com>
This commit is contained in:
h1k0 2025-01-17 00:49:22 +08:00 committed by GitHub
parent 93c5adde4d
commit d4add04f87
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
libafl_qemu/src/modules/mod.rs
View File

@ -48,7 +48,41 @@ pub use drcov::{DrCovMetadata, DrCovModule, DrCovModuleBuilder};
pub mod utils;
/// A module for `libafl_qemu`.
/// [`EmulatorModule`] is a trait designed to define modules that interact with the QEMU emulator
/// during fuzzing. [`EmulatorModule`] provides a set of interfaces (hooks) that can be invoked at various stages
/// of the fuzzer's execution.
///
/// The typical sequence of these hooks execution during a fuzzing session is as follows:
/// ```rust,ignore
/// pre_qemu_init()
/// // Qemu initialization (in the Emulator)
/// post_qemu_init()
/// // Harness initialization
/// first_exec()
///
/// // The following loop is executed for every fuzzing iteration
/// pre_exec()
/// // Harness execution
/// post_exec()
/// ```
///
/// It is important to note that all registered [`EmulatorModule`] instances will have their interfaces (hooks)
/// invoked. The order of invocation depends on the order in which the modules were registered.
///
/// Users typically add hooks, monitoring, or other instrumentation to the **fuzzing target** in [`EmulatorModule`]
/// For example:
/// ```rust,ignore
/// fn post_qemu_init<ET>(&mut self, _qemu: Qemu, _emulator_modules: &mut EmulatorModules<ET, I, S>)
/// where
/// ET: EmulatorModuleTuple<I, S>,
/// {
/// // Add a hook before the execution of a syscall in the fuzzing target
/// _emulator_modules.pre_syscalls(Hook::Function(your_syscall_hooks::<ET, I, S>))
/// // ...
/// }
/// ```
/// For more details on adding hooks to the **fuzzing target**, including function signatures,
/// return values, please refer to the [`EmulatorModules`].
// TODO remove 'static when specialization will be stable
pub trait EmulatorModule<I, S>: 'static + Debug {
type ModuleAddressFilter: AddressFilter;