-
-
Notifications
You must be signed in to change notification settings - Fork 329
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
qemu: Add QemuConfig to set qemu args via a struct #2339
Conversation
3903120
to
44536d8
Compare
8ca1cd3
to
fd66199
Compare
Also, I just thought about it but we could have a look at the debug flags for systemmode ( |
5b9bc5f
to
5b10934
Compare
ad626a4
to
ea428d1
Compare
.no_graphic(true) | ||
.snapshot(true) | ||
.drives([qemu_config::Drive::builder() | ||
.interface(qemu_config::DriveInterface::none) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Stupid questions without understanding the details:
Do you actually need to specify none
here? And, if so, could Option::None
make sense?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you actually need to specify none here?
I'd say yes because, in Qemu, none
is not the default interface
And, if so, could Option::None make sense?
mm I don't think so
#[allow(non_camel_case_types)] | ||
#[derive(Debug, strum_macros::Display, Clone)] | ||
#[strum(prefix = "-monitor ")] | ||
pub enum Monitor { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Monitor and Serial have exactly the same values, It'd make sense to combine them to OutputKind
or similar.
Also, what's the difference of none and null?
Also, shouldn't enums be CamelCase?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Monitor and Serial have exactly the same values, It'd make sense to combine them to
OutputKind
or similar.
It's not clear to me how you would deduplicate it, can you elaborate more?
Also, what's the difference of none and null?
They are 2 different settings in qemu, basically none
means no device at all while null
is discard its output. https://www.qemu.org/docs/master/system/invocation.html
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes with the prefix hack I guess you can not
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah you could have a common enum and then implement From
for the individual enums but it might be overcomplicated without clear benefit
8ccc39f
to
6398310
Compare
@rmalmain Finished `dev` profile [optimized + debuginfo] target(s) in 4m 06s
[cargo-make] INFO - Running Task: test
+ cd /__w/LibAFL/LibAFL/fuzzers/qemu/qemu_launcher
Profile: dev
+ echo Profile: dev
+ cd injection_test
+ make
gcc -g -o static sqltest.c -l sqlite3 -lm -static -lpthread -ldl
/usr/bin/ld: /usr/lib/gcc/x86_64-linux-gnu/11/../../../x86_64-linux-gnu/libsqlite3.a(os_unix.o): in function `unixDlOpen':
(.text+0x8ad): warning: Using 'dlopen' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking
gcc -g -o sqltest sqltest.c -l sqlite3 -lm -lpthread
+ mkdir in
+ echo aaaaaaaaaa
+ find /__w/LibAFL/LibAFL/target/x86_64 -name qemu_launcher
+ timeout 10s /__w/LibAFL/LibAFL/target/x86_64/debug/qemu_launcher -o out -i in -j ../injections.toml -v -- ./static
+ true
+ grep -Ei found.*injection fuzz.log
+ [ -z ]
+ echo Fuzzer does not generate any testcases or any crashes
Fuzzer does not generate any testcases or any crashes
+ echo Logs:
Logs:
+ cat fuzz.log
+ exit 1
Error while executing command, exit code: 1
Error: Process completed with exit code 1. |
looks good to me by now, should we merge once the fix pr is merged? |
No description provided.