Fuzzing won't start
355 views
Skip to first unread message
Turyal Neeshat
Jul 5, 2021, 9:10:10 AM7/5/21
to syzk...@googlegroups.com
Hello,
I am trying to run syzkaller with Qemu and linux x86_64 kernel on ubuntu 20.04 as you can see I have been running it for 2 hours but fuzzing won't start
This is the image of the terminal containing 2 things that failed in the startup
I need help , can you tell me as to what the issue is? I have followed the setup guide
Looking forward to your response
Regards,
Turyal Neeshat
Dmitry Vyukov
Jul 6, 2021, 2:10:15 AM7/6/21
to Turyal Neeshat, syzk...@googlegroups.com
On Mon, Jul 5, 2021 at 3:10 PM Turyal Neeshat <2210...@lums.edu.pk> wrote:
>
> Hello,
> I am trying to run syzkaller with Qemu and linux x86_64 kernel on ubuntu 20.04 as you can see I have been running it for 2 hours but fuzzing won't start
>
>
> Hello,
> I am trying to run syzkaller with Qemu and linux x86_64 kernel on ubuntu 20.04 as you can see I have been running it for 2 hours but fuzzing won't start
>
> This is the image of the terminal containing 2 things that failed in the startup
>
>
> I need help , can you tell me as to what the issue is? I have followed the setup guide
>
> Looking forward to your response
> Regards,
> Turyal Neeshat
Hi Turyal,
>
> Looking forward to your response
> Regards,
> Turyal Neeshat
It looks like the kernel you are trying to use with syzkaller is not working.
Can you boot it/ssh into it without syzkaller? If it does not work w/o
syzkaller, then there is no point in trying to run it with syzkaller.
Maybe you can try the syzbot config that is known to work with v5.13:
https://github.com/google/syzkaller/blob/master/dashboard/config/linux/upstream-apparmor-kasan.config
Dmitry Vyukov
Jul 6, 2021, 5:55:44 AM7/6/21
to Turyal Neeshat, syzkaller
> I am able to boot/ssh into it without syzkaller, the qemu machine runs
+syzkaller mailing list
If it works w/o syzkaller, then you can compare the qemu/ssh command
lines with what syzkaller uses. You can see them if you start
syz-manager with -debug flag.
> Are you saying I just change the config file and try again or do I get another kernel version?
If the kernel works w/o syzkaller, then I guess you need to change
something in how qemu is started by syzkaller (qemu args, or kernel
command line).
> I followed the setup on the GitHub, what should I do differently
I guess they got outdated. If you figure out what needs to be fixed,
please send a PR with an update.
> Get Outlook for Android
> ________________________________
> From: Dmitry Vyukov <dvy...@google.com>
> Sent: Tuesday, July 6, 2021 11:10:01 AM
> To: Turyal Neeshat <2210...@lums.edu.pk>
> Cc: syzk...@googlegroups.com <syzk...@googlegroups.com>
> Subject: Re: Fuzzing won't start
+syzkaller mailing list
If it works w/o syzkaller, then you can compare the qemu/ssh command
lines with what syzkaller uses. You can see them if you start
syz-manager with -debug flag.
> Are you saying I just change the config file and try again or do I get another kernel version?
If the kernel works w/o syzkaller, then I guess you need to change
something in how qemu is started by syzkaller (qemu args, or kernel
command line).
> I followed the setup on the GitHub, what should I do differently
I guess they got outdated. If you figure out what needs to be fixed,
please send a PR with an update.
> Get Outlook for Android
> ________________________________
> From: Dmitry Vyukov <dvy...@google.com>
> Sent: Tuesday, July 6, 2021 11:10:01 AM
> To: Turyal Neeshat <2210...@lums.edu.pk>
> Cc: syzk...@googlegroups.com <syzk...@googlegroups.com>
> Subject: Re: Fuzzing won't start
Aleksandr Nogikh
Jul 6, 2021, 9:44:27 AM7/6/21
to Dmitry Vyukov, Turyal Neeshat, syzkaller
Hi Turyal,
You can try to add the following line to your syzkaller manager config file:
"cmdline": "net.ifnames=0",
Note that this parameter should go into the "vm" section, e.g.
"vm": {
"count": 4,
"kernel": "$KERNEL/arch/x86/boot/bzImage",
"cmdline": "net.ifnames=0",
"cpu": 2,
"mem": 2048
}
Alternatively, you can add the following two lines to your .config file:
CONFIG_CMDLINE_BOOL=y
CONFIG_CMDLINE="net.ifnames=0"
Then recompile the Linux kernel and start syzkaller again.
--
Best Regards,
Aleksandr
> --
> You received this message because you are subscribed to the Google Groups "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller/CACT4Y%2BYZR9a9JFNb2oE3e7%2Bf-yrzhdNrwnunUC3BVKh%2Bg-o5YQ%40mail.gmail.com.
You can try to add the following line to your syzkaller manager config file:
"cmdline": "net.ifnames=0",
Note that this parameter should go into the "vm" section, e.g.
"vm": {
"count": 4,
"kernel": "$KERNEL/arch/x86/boot/bzImage",
"cmdline": "net.ifnames=0",
"cpu": 2,
"mem": 2048
}
Alternatively, you can add the following two lines to your .config file:
CONFIG_CMDLINE_BOOL=y
CONFIG_CMDLINE="net.ifnames=0"
Then recompile the Linux kernel and start syzkaller again.
--
Best Regards,
Aleksandr
> You received this message because you are subscribed to the Google Groups "syzkaller" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller/CACT4Y%2BYZR9a9JFNb2oE3e7%2Bf-yrzhdNrwnunUC3BVKh%2Bg-o5YQ%40mail.gmail.com.
Turyal Neeshat
Jul 6, 2021, 6:59:45 PM7/6/21
to Dmitry Vyukov, Aleksandr Nogikh, syzkaller
Hello,
Thank you Aleksandr the commands worked, I do have an additional query, where can I find the part of code where syzkaller executes the qemu command (from where is syzkaller passing arguments to qemu)? I need to open an additional ssh port so that I can view
logs while machine is being fuzzed, is that possible?
From: Aleksandr Nogikh <nog...@google.com>
Sent: Tuesday, July 6, 2021 6:44:14 PM
To: Dmitry Vyukov <dvy...@google.com>
Cc: Turyal Neeshat <2210...@lums.edu.pk>; syzkaller <syzk...@googlegroups.com>
Sent: Tuesday, July 6, 2021 6:44:14 PM
To: Dmitry Vyukov <dvy...@google.com>
Cc: Turyal Neeshat <2210...@lums.edu.pk>; syzkaller <syzk...@googlegroups.com>
Dmitry Vyukov
Jul 7, 2021, 1:23:41 AM7/7/21
to Turyal Neeshat, Aleksandr Nogikh, syzkaller
> Thank you Aleksandr the commands worked, I do have an additional query, where can I find the part of code where syzkaller executes the qemu command (from where is syzkaller passing arguments to qemu)? I need to open an additional ssh port so that I can view logs while machine is being fuzzed, is that possible?
Hi Turyal,
It's here:
https://github.com/google/syzkaller/blob/1ba81399e2d03b53a7e631c4ab05f25af1fb1911/vm/qemu/qemu.go
But you can use qemu_args config option for this:
https://github.com/google/syzkaller/blob/1ba81399e2d03b53a7e631c4ab05f25af1fb1911/vm/qemu/qemu.go#L38-L45
Reply all
Reply to author
Forward
0 new messages