david.venhoff/QEMU-Nyx-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

report KVM_EXIT_SHUTDOWN and UNKNOWN_ERROR as panic events

Browse Source
This commit is contained in:
Steffen Schulz 2020-12-29 01:57:33 +00:00
parent c12c6bd70d
commit 169b084df5
3 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
accel/kvm/kvm-all.c
View File

@ -2562,18 +2562,23 @@ int kvm_cpu_exec(CPUState *cpu)
ret = EXCP_INTERRUPT; ret = EXCP_INTERRUPT;
break; break;
case KVM_EXIT_SHUTDOWN: case KVM_EXIT_SHUTDOWN:
DPRINTF("shutdown\n");
#ifndef QEMU_NYX #ifndef QEMU_NYX
qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
ret = EXCP_INTERRUPT; ret = EXCP_INTERRUPT;
#else #else
fprintf(stderr, "ATTEMPT TO SHUTDOWN MACHINE (KVM_EXIT_SHUTDOWN)!\n");
if(GET_GLOBAL_STATE()->in_fuzzing_mode){ if(GET_GLOBAL_STATE()->in_fuzzing_mode){
#define CONFIG_KVM_EXIT_SHUTODWN_IS_PANIC // consider triple-fault etc as crash?
#ifndef CONFIG_KVM_EXIT_SHUTODWN_IS_PANIC
/* Fuzzing is enabled at this point -> don't exit */ /* Fuzzing is enabled at this point -> don't exit */
fprintf(stderr, "Got KVM_EXIT_SHUTDOWN while in fuzzing mode => reload\n",);
handle_hypercall_kafl_release(run, cpu, (uint64_t)run->hypercall.args[0]); handle_hypercall_kafl_release(run, cpu, (uint64_t)run->hypercall.args[0]);
ret = 0; ret = 0;
} #else
else{ debug_fprintf(stderr "Got KVM_EXIT_SHUTDOWN while in fuzzing mode => panic\n",);
handle_hypercall_kafl_panic(run, cpu, (uint64_t)run->hypercall.args[0]);
ret = 0;
#endif
} else{
qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET); qemu_system_reset_request(SHUTDOWN_CAUSE_GUEST_RESET);
ret = EXCP_INTERRUPT; ret = EXCP_INTERRUPT;
} }
@ -2684,8 +2689,16 @@ int kvm_cpu_exec(CPUState *cpu)
#ifndef QEMU_NYX #ifndef QEMU_NYX
DPRINTF("kvm_arch_handle_exit\n"); DPRINTF("kvm_arch_handle_exit\n");
#else #else
printf("kvm_arch_handle_exit => %d\n", run->exit_reason); #define CONFIG_UNKNOWN_ERROR_IS_PANIC
#ifndef CONFIG_UNKNOWN_ERROR_IS_PANIC
fprintf(stderr, "Unknown exit code (%d) => ABORT\n", run->exit_reason);
assert(false); assert(false);
ret = kvm_arch_handle_exit(cpu, run);
#else
debug_fprintf("kvm_arch_handle_exit(%d) => panic\n", run->exit_reason);
handle_hypercall_kafl_panic(run, cpu, (uint64_t)run->hypercall.args[0]);
ret = 0;
#endif
#endif #endif
ret = kvm_arch_handle_exit(cpu, run); ret = kvm_arch_handle_exit(cpu, run);
break; break;

2
nyx/hypercall/hypercall.c
View File

@ -463,7 +463,7 @@ static void handle_hypercall_kafl_submit_kasan(struct kvm_run *run, CPUState *cp
//#define PANIC_DEBUG //#define PANIC_DEBUG
static void handle_hypercall_kafl_panic(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg){ void handle_hypercall_kafl_panic(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg){
static char reason[1024]; static char reason[1024];
if(hypercall_enabled){ if(hypercall_enabled){
#ifdef PANIC_DEBUG #ifdef PANIC_DEBUG

3
nyx/hypercall/hypercall.h
View File

@ -114,8 +114,7 @@ void hypercall_reload(void);
void handle_hypercall_kafl_acquire(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg); void handle_hypercall_kafl_acquire(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg);
void handle_hypercall_kafl_release(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg); void handle_hypercall_kafl_release(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg);
void handle_hypercall_kafl_panic(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg);
void handle_hypercall_kafl_page_dump_bp(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg, uint64_t page); void handle_hypercall_kafl_page_dump_bp(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg, uint64_t page);