when run runTest,how to debug qemu
Frankenstein-bit opened this issue · 1 comments
hi,i am trying to make some change to the project.But i do not know how to debug the qemu.when i use runTest script to start the Test .i can not get the qemu output ,i only get the afltest output.can you tell me how to find the problem in qemu?
here is what i get:
use command runTest inputs:
[ 1.747389] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ 5
[ 1.777170] Key type big_key registered
[ 1.786744] sr 1:0:0:0: [sr0] scsi3-mmc drive: 4x/4x cd/rw xa/form2 tray
[ 1.787125] cdrom: Uniform CD-ROM driver Revision: 3.20
[ 1.797968] sr 1:0:0:0: Attached scsi generic sg0 type 5
[ 1.802640] Key type encrypted registered
[ 1.802839] AppArmor: AppArmor sha1 policy hashing enabled
[ 1.803437] ima: No TPM chip found, activating TPM-bypass!
[ 1.803690] ima: Allocated hash algorithm: sha1
[ 1.806613] No architecture policies found
[ 1.807150] evm: Initialising EVM extended attributes:
[ 1.807283] evm: security.selinux
[ 1.807377] evm: security.SMACK64
[ 1.807458] evm: security.SMACK64EXEC
[ 1.807543] evm: security.SMACK64TRANSMUTE
[ 1.807641] evm: security.SMACK64MMAP
[ 1.807726] evm: security.apparmor
[ 1.807809] evm: security.ima
[ 1.807878] evm: security.capability
[ 1.807972] evm: HMAC attrs: 0x1
[ 1.814425] PM: Magic number: 13:597:28
[ 1.816200] rtc_cmos 00:00: setting system clock to 2021-03-17T13:02:42 UTC)
[ 1.839485] Freeing unused decrypted memory: 2040K
[ 1.847477] Freeing unused kernel image memory: 2660K
[ 1.847844] Write protecting the kernel read-only data: 22528k
[ 1.851320] Freeing unused kernel image memory: 2012K
[ 1.853148] Freeing unused kernel image memory: 1660K
[ 1.935417] x86/mm: Checked W+X mappings: passed, no W+X pages found.
[ 1.936142] Run /init as init process
this is another.this is a mark.pid 109090: startForkServer
ttttpid 109090: startForkServer
start up afl forkserver!
Input from inputs/ at time 1615986163.234739
test running in pid 109094
**
ERROR:/home/f/Desktop/triqemu4.2/TriforceAFL/qemu_mode/qemu/tcg/tcg.c:781:tcg_)
test ended with status 6
0 edges
fork server ended with status 200
boot time: 2.70
test time: 0.01
total time: 2.71
tests: 1
execs/sec: 115.21
use command ./runFuzz -M 10
f@ubuntu:~/Desktop/triqemu4.2/TriforceLinuxSyscallFuzzer$ ./runFuzz -M 10
make: 'inputs' is up to date.
make: 'fuzzRoot.cpio.gz' is up to date.
afl-fuzz 2.06b by lcamtuf@google.com
[+] You have 2 CPU cores and 1 runnable tasks (utilization: 50%).
[+] Try parallel jobs - see docs/parallel_fuzzing.txt.
[] Checking core_pattern...
[] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[] Deleting old session data...
[+] Output dir cleanup successful.
[] Scanning 'inputs'...
[+] No auto-generated dictionary tokens to reuse.
[] Creating hard links for all input files...
[] Validating target binary...
[] Attempting dry run with 'id:000000,orig:ex1'...
[] Spinning up the fork server...
[+] All right - fork server is up.
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000001,orig:ex2'...
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000002,orig:ex3'...
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000003,orig:ex4'...
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000004,orig:ex5'...
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000005,orig:ex6'...
[!] WARNING: Test case results in a crash (skipping)
[] Attempting dry run with 'id:000006,orig:ex7'...
[!] WARNING: Test case results in a crash (skipping)
[-] PROGRAM ABORT : All test cases time out or crash, giving up!
Location : perform_dry_run(), afl-fuzz.c:2725
f@ubuntu:~/Desktop/triqemu4.2/TriforceLinuxSyscallFuzzer$
It seems i am not familier with this project and gdb