report an error to the front-end in case the agent fails to initialize the fuzzing loop

2022-01-11 03:07:30 +01:00 · 2022-01-11 03:07:30 +01:00 · 73b5a07740
commit 73b5a07740
parent f11ee28978
1 changed files with 12 additions and 18 deletions
--- a/nyx/hypercall/hypercall.c
+++ b/nyx/hypercall/hypercall.c
@ -511,7 +511,7 @@ static void handle_hypercall_kafl_panic(struct kvm_run *run, CPUState *cpu, uint
 			//assert(0);
 		}
 #endif
-		if(fast_reload_snapshot_exists(get_fast_reload_snapshot())){
+		if(fast_reload_snapshot_exists(get_fast_reload_snapshot()) && GET_GLOBAL_STATE()->in_fuzzing_mode){
 			if(hypercall_arg & 0x8000000000000000ULL){
@ -538,13 +538,10 @@ static void handle_hypercall_kafl_panic(struct kvm_run *run, CPUState *cpu, uint
 			}
 			synchronization_lock_crash_found();
 			//synchronization_stop_vm_crash(cpu);
 		} else{
-			fprintf(stderr, "Panic detected during initialization of stage 1 or stage 2 loader (%lx)\n", hypercall_arg);
+			#define AGENT_HAS_CRASHED_REPORT "Agent has crashed before initializing the fuzzing loop..."
-			abort();
+			set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, (char*)AGENT_HAS_CRASHED_REPORT, strlen(AGENT_HAS_CRASHED_REPORT));
-			//hypercall_snd_char(KAFL_PROTO_CRASH);
+			synchronization_lock();
 			QEMU_PT_PRINTF_DEBUG("Protocol - SEND: KAFL_PROTO_CRASH");
 		}
 	}
 }
@ -695,20 +692,17 @@ static void handle_hypercall_kafl_create_tmp_snapshot(struct kvm_run *run, CPUSt
 }
 static void handle_hypercall_kafl_panic_extended(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg){
-		if(fast_reload_snapshot_exists(get_fast_reload_snapshot())){
+		if(fast_reload_snapshot_exists(get_fast_reload_snapshot()) && GET_GLOBAL_STATE()->in_fuzzing_mode){
 			read_virtual_memory(hypercall_arg, (uint8_t*)hprintf_buffer, HPRINTF_SIZE, cpu);
 			set_crash_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, hprintf_buffer, strlen(hprintf_buffer));
 			synchronization_lock_crash_found();
 		} else{
-      read_virtual_memory(hypercall_arg, (uint8_t*)hprintf_buffer, HPRINTF_SIZE, cpu);
+      		read_virtual_memory(hypercall_arg, (uint8_t*)hprintf_buffer, HPRINTF_SIZE, cpu);
-			fprintf(stderr, "Panic detected during initialization of stage 1 or stage 2 loader\n");
+			char* report = NULL;
-			fprintf(stderr, "REASON:\n%s\n", hprintf_buffer);
+			assert(asprintf(&report, "Agent has crashed before initializing the fuzzing loop: %s", hprintf_buffer) != -1);
-			abort();
+		
-			QEMU_PT_PRINTF(CORE_PREFIX, "Panic detected during initialization of stage 1 or stage 2 loader");
+			set_abort_reason_auxiliary_buffer(GET_GLOBAL_STATE()->auxilary_buffer, report, strlen(report));
-			//hypercall_snd_char(KAFL_PROTO_CRASH);
+			synchronization_lock();
 			QEMU_PT_PRINTF_DEBUG("Protocol - SEND: KAFL_PROTO_CRASH");
 			//read_virtual_memory(hypercall_arg, (uint8_t*)hprintf_buffer, HPRINTF_SIZE, cpu);
 			//fprintf(stderr, "-> %s\n", hprintf_buffer);
 		}
 }
@ -1042,7 +1036,7 @@ static void handle_hypercall_kafl_dump_file(struct kvm_run *run, CPUState *cpu,
 static void handle_hypercall_kafl_persist_page_past_snapshot(struct kvm_run *run, CPUState *cpu, uint64_t hypercall_arg){
 	CPUX86State *env = &(X86_CPU(cpu))->env;
 	kvm_arch_get_registers_fast(cpu);
-	hwaddr phys_addr = (hwaddr) get_paging_phys_addr(cpu, env->cr[3], hypercall_arg&(~0xFFF), NULL);
+	hwaddr phys_addr = (hwaddr) get_paging_phys_addr(cpu, env->cr[3], hypercall_arg&(~0xFFF));
 	assert(phys_addr != 0xffffffffffffffffULL);
 	fast_reload_blacklist_page(get_fast_reload_snapshot(), phys_addr);
 }