alwin.berger/FRET-qemu
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity
109,688 Commits 13 Branches 3 Tags
Commit Graph

109688 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alwin Berger
f34ff05687 allow interrupts from multiple sources eval_24-11-11 2024-09-05 15:20:06 +02:00
Alwin Berger
deb5286724 re-introduce native breakpoints 2024-06-19 13:41:54 +02:00
Alwin Berger
febb739d00 WIP: work around iothread lock 2024-06-18 15:57:32 +02:00
Alwin Berger
34b08c8b88 move instrumentation to hook file 2024-06-18 15:57:11 +02:00
Alwin Berger
b67c9ae8ab add libafl_qemu_read_user_sp_unchecked 2024-06-17 13:24:52 +02:00
Alwin Berger
cc3a167325 read shift for timers, bump interrupt count 2024-06-17 13:22:51 +02:00
Alwin Berger
5d197af578 fix jump instrumentation 2024-06-17 13:22:51 +02:00
Alwin Berger
84b71625c3 fix jmp instrumentation 2024-06-17 13:22:51 +02:00
Alwin Berger
628d42b3d2 simple standalone injection test 2024-06-17 13:22:49 +02:00
Alwin Berger
bf32147f75 fix build 2024-06-17 13:21:50 +02:00
Alwin Berger
6a2fd62d9b fix jmp instrumentation 2024-06-17 13:20:38 +02:00
Alwin Berger
5d62727055 fix build 2024-06-17 13:20:38 +02:00
Alwin Berger
ccf6a6fb48 add standalone debugging config 2024-06-17 13:20:38 +02:00
Alwin Berger
3f4c6753dc fuzz multiple interrupts 2024-06-17 13:11:17 +02:00
Alwin Berger
017bfd65c5 add interrupt injection 2024-06-17 13:11:17 +02:00
Alwin Berger
0e78e303bb add jmp instrumentation 2024-06-17 13:11:17 +02:00
Romain Malmain
9d2197b73b
Better typed syx snapshot check result (#74) 
* better typed snapshot check

* edit compile_commands.json to use the real compiler
 2024-05-22 18:49:59 +02:00
Romain Malmain
9f3e2399ee
QEMU host page size getter (#73) 
* QEMU host page size getter
* Rename to sync_exit
 2024-05-06 18:07:38 +02:00
Sebastien Foucher
a14f8eae8e
Unset object to free memory space allocated (memory leak) (#72) 
* Unset object to free memory space allocated (memory leak in fast snapshot implementation for libafl)

---------

Co-authored-by: Sebastien Foucher <sebastien.foucher@se.com>
Co-authored-by: Romain Malmain <romain.malmain@pm.me>
 2024-05-04 13:41:10 +02:00
saibotk
3ebc96e013
Fixed invalid addresses in read hooks (#70) 
* fix read hooks returning potentially wrong address
 2024-05-03 11:27:56 +02:00
Romain Malmain
538e6b02c3
use qemu primitives to perform gdb rw (#71) 2024-05-02 00:17:01 +02:00
cube0x8
ddbe5be01f add a flag for edge TB so we can unlink it completely (#53) 
* add a flag for edge TB so we can unlink it completely

* Call tb_phys_invalidate on edge's TBs. Added libafl code comments

* Edge flag is now applied to cflags instead of flags

---------

Co-authored-by: Romain Malmain <romain.malmain@pm.me>
 2024-05-01 16:15:52 +02:00
Romain Malmain
9ae713913e Cancel workflow for concurrent workflow runs (#69) 2024-05-01 16:15:52 +02:00
cube0x8
43302cdc39 Fixed qemu usermode snapshot (#66) 
* Fixed qemu usermode snapshot

---------

Co-authored-by: Romain Malmain <romain.malmain@pm.me>
 2024-05-01 16:15:52 +02:00
Romain Malmain
c6d56fc94c Intercept source files in linker_interceptor.py (#68) 2024-05-01 16:15:52 +02:00
Romain Malmain
7c3c7877d8 Update to QEMU 9.0.0 (#67) 
* Update to QEMU v9.0.0

---------

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Peter Xu <peterx@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
Signed-off-by: Zheyu Ma <zheyuma97@gmail.com>
Signed-off-by: Ido Plat <ido.plat@ibm.com>
Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: Markus Armbruster <armbru@redhat.com>
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Signed-off-by: David Hildenbrand <david@redhat.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
Signed-off-by: Gregory Price <gregory.price@memverge.com>
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Lorenz Brun <lorenz@brun.one>
Signed-off-by: Yao Xingtao <yaoxt.fnst@fujitsu.com>
Signed-off-by: Arnaud Minier <arnaud.minier@telecom-paris.fr>
Signed-off-by: Inès Varhol <ines.varhol@telecom-paris.fr>
Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Sven Schnelle <svens@stackframe.org>
Signed-off-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Signed-off-by: Christian Schoenebeck <qemu_oss@crudebyte.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
Signed-off-by: Benjamin Gray <bgray@linux.ibm.com>
Signed-off-by: Avihai Horon <avihaih@nvidia.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Signed-off-by: Joonas Kankaala <joonas.a.kankaala@gmail.com>
Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Zhao Liu <zhao1.liu@intel.com>
Signed-off-by: Glenn Miles <milesg@linux.ibm.com>
Signed-off-by: Oleg Sviridov <oleg.sviridov@red-soft.ru>
Signed-off-by: Artem Chernyshev <artem.chernyshev@red-soft.ru>
Signed-off-by: Yajun Wu <yajunw@nvidia.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Pierre-Clément Tosi <ptosi@google.com>
Signed-off-by: Lei Wang <lei4.wang@intel.com>
Signed-off-by: Wei Wang <wei.w.wang@intel.com>
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Signed-off-by: Wafer <wafer@jaguarmicro.com>
Signed-off-by: Yuxue Liu <yuxue.liu@jaguarmicro.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Signed-off-by: Zack Buhman <zack@buhman.org>
Signed-off-by: Keith Packard <keithp@keithp.com>
Signed-off-by: Yuquan Wang wangyuquan1236@phytium.com.cn
Signed-off-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Signed-off-by: Cindy Lu <lulu@redhat.com>
Co-authored-by: Peter Maydell <peter.maydell@linaro.org>
Co-authored-by: Fabiano Rosas <farosas@suse.de>
Co-authored-by: Peter Xu <peterx@redhat.com>
Co-authored-by: Thomas Huth <thuth@redhat.com>
Co-authored-by: Cédric Le Goater <clg@redhat.com>
Co-authored-by: Zheyu Ma <zheyuma97@gmail.com>
Co-authored-by: Ido Plat <ido.plat@ibm.com>
Co-authored-by: Ilya Leoshkevich <iii@linux.ibm.com>
Co-authored-by: Markus Armbruster <armbru@redhat.com>
Co-authored-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Co-authored-by: Paolo Bonzini <pbonzini@redhat.com>
Co-authored-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>
Co-authored-by: David Hildenbrand <david@redhat.com>
Co-authored-by: Kevin Wolf <kwolf@redhat.com>
Co-authored-by: Stefan Reiter <s.reiter@proxmox.com>
Co-authored-by: Fiona Ebner <f.ebner@proxmox.com>
Co-authored-by: Gregory Price <gregory.price@memverge.com>
Co-authored-by: Lorenz Brun <lorenz@brun.one>
Co-authored-by: Yao Xingtao <yaoxt.fnst@fujitsu.com>
Co-authored-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Co-authored-by: Arnaud Minier <arnaud.minier@telecom-paris.fr>
Co-authored-by: BALATON Zoltan <balaton@eik.bme.hu>
Co-authored-by: Igor Mammedov <imammedo@redhat.com>
Co-authored-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Co-authored-by: Richard Henderson <richard.henderson@linaro.org>
Co-authored-by: Sven Schnelle <svens@stackframe.org>
Co-authored-by: Daniel Henrique Barboza <dbarboza@ventanamicro.com>
Co-authored-by: Helge Deller <deller@kernel.org>
Co-authored-by: Harsh Prateek Bora <harshpb@linux.ibm.com>
Co-authored-by: Benjamin Gray <bgray@linux.ibm.com>
Co-authored-by: Nicholas Piggin <npiggin@gmail.com>
Co-authored-by: Avihai Horon <avihaih@nvidia.com>
Co-authored-by: Michael Tokarev <mjt@tls.msk.ru>
Co-authored-by: Joonas Kankaala <joonas.a.kankaala@gmail.com>
Co-authored-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Co-authored-by: Stefan Weil <sw@weilnetz.de>
Co-authored-by: Dayu Liu <liu.dayu@zte.com.cn>
Co-authored-by: Zhao Liu <zhao1.liu@intel.com>
Co-authored-by: Glenn Miles <milesg@linux.vnet.ibm.com>
Co-authored-by: Artem Chernyshev <artem.chernyshev@red-soft.ru>
Co-authored-by: Yajun Wu <yajunw@nvidia.com>
Co-authored-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Co-authored-by: Pierre-Clément Tosi <ptosi@google.com>
Co-authored-by: Wei Wang <wei.w.wang@intel.com>
Co-authored-by: Martin Hundebøll <martin@geanix.com>
Co-authored-by: Michael S. Tsirkin <mst@redhat.com>
Co-authored-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org>
Co-authored-by: Wafer <wafer@jaguarmicro.com>
Co-authored-by: lyx634449800 <yuxue.liu@jaguarmicro.com>
Co-authored-by: Gerd Hoffmann <kraxel@redhat.com>
Co-authored-by: Nguyen Dinh Phi <phind.uet@gmail.com>
Co-authored-by: Zack Buhman <zack@buhman.org>
Co-authored-by: Keith Packard <keithp@keithp.com>
Co-authored-by: Yuquan Wang <wangyuquan1236@phytium.com.cn>
Co-authored-by: Matheus Tavares Bernardino <quic_mathbern@quicinc.com>
Co-authored-by: Cindy Lu <lulu@redhat.com>
 2024-05-01 16:10:20 +02:00
Romain Malmain
bf82921212
Add missing LibAFL RW callbacks (#65) 
* Add other rw missing callbacks

* Fix mapping iterator

* LibAFL guard
 2024-04-24 10:57:25 +02:00
Romain Malmain
125b77cbc3
Support native TCG vector read/write operations in LibAFL hooks (#64) 
* Support rw vector operations
 2024-04-19 11:11:34 +02:00
Romain Malmain
46273983f3
Update QEMU to v8.2.2 (#63) 
* Merge with QEMU v8.2.2
 2024-04-18 11:53:28 +02:00
Romain Malmain
2edf778b1c
Add utils (#62) 
* add utils file
* user only guard.
 2024-04-17 18:08:38 +02:00
Romain Malmain
c9519ee8b6
Add RPATH to linker_interceptor.py (#61) 
* Add check for __LIBAFL_QEMU_CONFIGURE in configure script.
* Use regex in linker_interceptor.py to detect shared libraries
* Add a rpath section to linkinfo.json
* Update configure
 2024-04-16 10:12:31 +02:00
Romain Malmain
50b0c90e0a
Moving libafl related files in dedicating folders (#60) 
* Restructuration of libafl dirs. Formatting + export of maps struct and functions.

* Fix wrong header path.

* Fix misc path
 2024-04-11 16:45:36 +02:00
Romain Malmain
e99b9da658
Add tcg_env to backdoor callback (#58) 
* Add tcg_env to backdoor callback.
Remove useless backslashes.

* update self-hosted to qemu-specific runner (#57)

* Change parameter order in backdoor

* Revert "Revert "Implement user-space QEMU ASAN (#45)" (#56)" (#59)

This reverts commit 821ad471430360c4eed644d07d59f0d603ef23f6.

---------

Co-authored-by: Andrea Fioraldi <andreafioraldi@gmail.com>
 2024-04-11 14:52:11 +02:00
Andrea Fioraldi
0b7b1f1480
Revert "Revert "Implement user-space QEMU ASAN (#45)" (#56)" (#59) 
This reverts commit 821ad471430360c4eed644d07d59f0d603ef23f6.
 2024-04-11 13:58:30 +02:00
Romain Malmain
ce4dbbc513
update self-hosted to qemu-specific runner (#57) 2024-04-09 19:50:55 +02:00
Andrea Fioraldi
821ad47143
Revert "Implement user-space QEMU ASAN (#45)" (#56) 
This reverts commit fd6a2f3cce4b0de2ad48703f7c93f9813c96b12c.
 2024-04-07 16:07:55 +02:00
Andrea Fioraldi
f1e48d694c
Fix userspace GuestMaps (#55) 
* Fix userspace GuestMaps

* fix
 2024-04-07 15:53:59 +02:00
WorksButNotTested
fd6a2f3cce
Implement user-space QEMU ASAN (#45) 2024-03-16 15:44:04 +01:00
Romain Malmain
12025d58fe
fix missing LibAFL markers (#54) 2024-03-14 18:19:47 +01:00
Romain Malmain
131dca34d4
Create Github actions (#51) 
* initial workflow

* fix: wrong container path.

* fix: build run command.

* test: list directory.

* test: list directory.

* fix: add checkout action.

* add setup scripts and instructions.
 2024-03-14 13:55:52 +01:00
Romain Malmain
f282d6aef5
fix: conditional compilation of syx-related code in block-backend.c. 2024-03-08 11:13:02 +01:00
Romain Malmain
465f2c77af
Merge pull request #49 from AFLplusplus/readme_patches 
Fixed small details in README.
 2024-02-21 11:11:04 +01:00
Romain Malmain
b277ea2a62
Fixed small details in README. 2024-02-21 11:07:57 +01:00
Romain Malmain
bd87179082
Merge pull request #48 from AFLplusplus/domenukk-patch-1 
Refer to LibAFL in README.md
 2024-02-21 11:03:07 +01:00
Dominik Maier
22cfb142de
Refer to LibAFL in the readme 2024-02-20 14:49:50 +01:00
Andrea Fioraldi
194b3a987c
Merge pull request #47 from cube0x8/qemu_snapshot_typeconf 
Avoid type confusion on interval tree root node when creating snapshot
 2024-02-07 15:13:43 +01:00
cube
0c51581329 avoid type confusion on interval tree root node when creating snapshot 2024-02-05 10:51:03 +01:00
Romain Malmain
75d15d54f4 release 
-----BEGIN PGP SIGNATURE-----
 
 iQFDBAABCAAtFiEEe3O61ovnosKJMUsicBtPaxppPlkFAmW3ieYPHG1qdEB0bHMu
 bXNrLnJ1AAoJEHAbT2saaT5ZZoQH/3W/nem8F8SvhsBJSYxe6PBgWzoNNgkPRalq
 x/HshsYDg7DOuA3qutmnnoUH7jlxubhtzQaiM/mTAKX4YQZ+ysubvu6Nh5A8iEWb
 zTHUFY8fpn+oPs8snuHcbu9GltgN2K750w7PXasCkctmJF0TfxmGnAlF5+KPLott
 7Wl9IldiDuOFGCH/Oyz+YVvz48D7cNLeSz06LrQZ5XWLaKnJHXj80VydX0qSUf6I
 begK/pMISBpJX+CSTcLuH/eA3sFxbgze8puWqU6XOZ6QSOhrI2l5t0a0JFY2KQUp
 pz7QvBLhgM3/gbBhwzf5dU2Ym8scZwAR2bmL6feKDBu1aRmX8Lo=
 =UPmI
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iHUEABYKAB0WIQSq9xYmtep25y1RrMYC5KE/dBVGigUCZcCn6wAKCRAC5KE/dBVG
 ihCjAQCMfVzZ0NI8dci+aO5nJYqtvJ62FHExxNMEavyTT42M9QEApMF7DrnNb7yi
 1zAYBOB7liOGNq0RMJqq0c9onkaOOQk=
 =804i
 -----END PGP SIGNATURE-----

Merge tag 'v8.2.1'

 release
 2024-02-05 10:18:33 +01:00
Michael Tokarev
f48c205fb4 Update version for 8.2.1 release 
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
 2024-01-29 14:20:06 +03:00
Peter Maydell
45b3ce5e83 target/arm: Fix incorrect aa64_tidcp1 feature check 
A typo in the implementation of isar_feature_aa64_tidcp1() means we
were checking the field in the wrong ID register, so we might have
provided the feature on CPUs that don't have it and not provided
it on CPUs that should have it. Correct this bug.

Cc: qemu-stable@nongnu.org
Fixes: 9cd0c0dec97be9 "target/arm: Implement FEAT_TIDCP1"
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2120
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-id: 20240123160333.958841-1-peter.maydell@linaro.org
(cherry picked from commit ee0a2e3c9d2991a11c13ffadb15e4d0add43c257)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
 2024-01-27 18:11:49 +03:00