Qemu arm launcher #708
Qemu arm launcher #708
Conversation
| @@ -2,6 +2,7 @@ | |||
| [env] | |||
| FUZZER_NAME='libpng_harness' | |||
| PROJECT_DIR = { script = ["pwd"] } | |||
| CROSS_CC = "arm-linux-gnueabi-gcc" | |||
There was a problem hiding this comment.
We could probably try to patch build.rs of libafl_qemu to figure this binary out by itself
There was a problem hiding this comment.
I agree that hardcoding the CROSS_CC is not a good idea. The problem is that this fuzzer needs a CROSS_CC to function. Figuring out which cross_cc is installed is hard and also systems might have multiple cross_cc installed.
Especially for the github workflows it needs to be set.
There was a problem hiding this comment.
For the scope of this PR it's more than fine, I was thinking in general
There was a problem hiding this comment.
You are right, that would be great. I also thought about it, but there are just so many cross_cc. Already for arm on ubuntu using apt you might have arm-none-eabi-gcc, arm-linux-gnueabi-gcc and arm-linux-gnueabihf-gcc installed. Not even speaking about other targets then arm32 or manually installed cross_cc. I think it is impossible to pick the correct one for the user or do you have any idea on how to?
|
@andreafioraldi Yesterday before merging your qemu full-system changes into this branch, everything compiled just fine. Now I get a lot of linker errors, because libqemu-partially-linked.o has undefined references. The |
|
Which undefined references? |
|
You can probably recreate it by doing |
|
@andreafioraldi after a long search I found the reason. In your commit #692 you change the libafl_qemu_bridge commit used from "03e283c85800496b60fb757d68a7df2821fb7a90" to "03fad12e801581536cd10830073acfce69e381fe". Unfortunately, the new one has a tiny mistake for 32-bit emulation targets. I will make a PR in libafl_qemu_bridge (AFLplusplus/qemu-libafl-bridge#10) and as soon as that is merged, this PR should hopefully also work. What is weird is that the |
|
Merged, please update the commit hash to
ebda58f3e94a82f769890814339295b467f16680 in build_linux.rs in this PR
Il giorno mer 27 lug 2022 alle ore 18:17 Patrick Gersch <
***@***.***> ha scritto:
… @andreafioraldi <https://github.com/andreafioraldi> after a long search I
found the reason. In your commit #692
<#692> you change the
libafl_qemu_bridge commit used from
"03e283c85800496b60fb757d68a7df2821fb7a90" to
"03fad12e801581536cd10830073acfce69e381fe". Unfortunately, the new one has
a tiny mistake for 32-bit emulation targets. I will make a PR in
libafl_qemu_bridge and as soon as that is merged, this PR should hopefully
also work. What is weird is that the libafl_qemu/build_linux.rs asks for
the .status() when doing make in libafl_qemu_bridge and even though the
make fails, status returns OK. I could not figure out why that is the case.
—
Reply to this email directly, view it on GitHub
<#708 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AD3LJ6VII47XFWQBY7NIEGTVWFOKFANCNFSM54MAFRLQ>
.
You are receiving this because you were mentioned.Message ID:
***@***.***>
|
|
Does anyone know how to get the arm GCC dependency on mac to work? I have no experience with mac or how to get the github workflow to function. |
|
it is fixed now, can you merge main into your branch? |
|
Thanks! |
* Adding qemu_arm_launcher crate * Trying to fix qemu arm usermode * Cargo fmt * Adding CROSS_CC env * Remove hardcoded arm-linux-gnueabi-gcc and replace by CROSS_CC * Adding arm-linux-gnueabi-gcc to github workflows for ubuntu * Fixing typo in apt install package * Resetting LR after each fuzzing emulation * Cargo fmt after merge conflict * Using GuestAddr * Compiling, running and running with artificial crash detection * Adding dependencies for github workflow to cross compile for arm * Fixing github workflow for ubuntu fuzzer * arm-linux-binutils for mac in github workflows * Qemu does not work for mac, no need to compile qemu_arm_launcher harness for it
Providing a fuzzer crate for the arm qemu linux usermode based on the qemu_launcher fuzzer.