Add support for env_logger for qemu binary only fuzzers

AFLplusplus · Jan 6, 2025 · f20ef48 · f20ef48
1 parent 742773b
commit f20ef48
Show file tree

Hide file tree

Showing 8 changed files with 25 additions and 19 deletions.
diff --git a/fuzzers/binary_only/qemu_cmin/Cargo.toml b/fuzzers/binary_only/qemu_cmin/Cargo.toml
@@ -31,6 +31,7 @@ vergen-git2 = "1.0.1"
 
 [dependencies]
 clap = { version = "4.5.18", features = ["derive", "string"] }
+env_logger = { version = "0.11.5" }
 libafl = { path = "../../../libafl" }
 libafl_bolts = { path = "../../../libafl_bolts" }
 libafl_qemu = { path = "../../../libafl_qemu", features = ["usermode"] }

diff --git a/fuzzers/binary_only/qemu_cmin/src/fuzzer.rs b/fuzzers/binary_only/qemu_cmin/src/fuzzer.rs
@@ -95,6 +95,7 @@ pub struct FuzzerOptions {
 pub const MAX_INPUT_SIZE: usize = 1048576; // 1MB
 
 pub fn fuzz() -> Result<(), Error> {
+    env_logger::init();
     let mut options = FuzzerOptions::parse();
 
     let corpus_dir = PathBuf::from(options.input);
@@ -107,10 +108,10 @@ pub fn fuzz() -> Result<(), Error> {
         .expect("Failed to read dir entry");
 
     let program = env::args().next().unwrap();
-    log::debug!("Program: {program:}");
+    log::info!("Program: {program:}");
 
     options.args.insert(0, program);
-    log::debug!("ARGS: {:#?}", options.args);
+    log::info!("ARGS: {:#?}", options.args);
 
     env::remove_var("LD_LIBRARY_PATH");
     let qemu = Qemu::init(&options.args).unwrap();
@@ -121,21 +122,21 @@ pub fn fuzz() -> Result<(), Error> {
     let test_one_input_ptr = elf
         .resolve_symbol("LLVMFuzzerTestOneInput", qemu.load_addr())
         .expect("Symbol LLVMFuzzerTestOneInput not found");
-    log::debug!("LLVMFuzzerTestOneInput @ {test_one_input_ptr:#x}");
+    log::info!("LLVMFuzzerTestOneInput @ {test_one_input_ptr:#x}");
 
     qemu.entry_break(test_one_input_ptr);
 
     let pc: GuestReg = qemu.read_reg(Regs::Pc).unwrap();
-    log::debug!("Break at {pc:#x}");
+    log::info!("Break at {pc:#x}");
 
     let ret_addr: GuestAddr = qemu.read_return_address().unwrap();
-    log::debug!("Return address = {ret_addr:#x}");
+    log::info!("Return address = {ret_addr:#x}");
     qemu.set_breakpoint(ret_addr);
 
     let input_addr = qemu
         .map_private(0, MAX_INPUT_SIZE, MmapPerms::ReadWrite)
         .unwrap();
-    log::debug!("Placing input at {input_addr:#x}");
+    log::info!("Placing input at {input_addr:#x}");
 
     let stack_ptr: GuestAddr = qemu.read_reg(Regs::Sp).unwrap();
 

diff --git a/fuzzers/binary_only/qemu_coverage/Cargo.toml b/fuzzers/binary_only/qemu_coverage/Cargo.toml
@@ -31,6 +31,7 @@ vergen-git2 = "1.0.1"
 
 [dependencies]
 clap = { version = "4.5.18", features = ["derive", "string"] }
+env_logger = { version = "0.11.5" }
 libafl = { path = "../../../libafl" }
 libafl_bolts = { path = "../../../libafl_bolts" }
 libafl_qemu = { path = "../../../libafl_qemu", features = ["usermode"] }

diff --git a/fuzzers/binary_only/qemu_coverage/src/fuzzer.rs b/fuzzers/binary_only/qemu_coverage/src/fuzzer.rs
@@ -102,6 +102,7 @@ pub struct FuzzerOptions {
 pub const MAX_INPUT_SIZE: usize = 1048576; // 1MB
 
 pub fn fuzz() {
+    env_logger::init();
     let mut options = FuzzerOptions::parse();
 
     let corpus_files = options
@@ -116,10 +117,10 @@ pub fn fuzz() {
     let files_per_core = (num_files as f64 / num_cores as f64).ceil() as usize;
 
     let program = env::args().next().unwrap();
-    log::debug!("Program: {program:}");
+    log::info!("Program: {program:}");
 
     options.args.insert(0, program);
-    log::debug!("ARGS: {:#?}", options.args);
+    log::info!("ARGS: {:#?}", options.args);
 
     env::remove_var("LD_LIBRARY_PATH");
 
@@ -131,12 +132,12 @@ pub fn fuzz() {
     let test_one_input_ptr = elf
         .resolve_symbol("LLVMFuzzerTestOneInput", qemu.load_addr())
         .expect("Symbol LLVMFuzzerTestOneInput not found");
-    log::debug!("LLVMFuzzerTestOneInput @ {test_one_input_ptr:#x}");
+    log::info!("LLVMFuzzerTestOneInput @ {test_one_input_ptr:#x}");
 
     qemu.entry_break(test_one_input_ptr);
 
     for m in qemu.mappings() {
-        log::debug!(
+        log::info!(
             "Mapping: 0x{:016x}-0x{:016x}, {}",
             m.start(),
             m.end(),
@@ -145,17 +146,17 @@ pub fn fuzz() {
     }
 
     let pc: GuestReg = qemu.read_reg(Regs::Pc).unwrap();
-    log::debug!("Break at {pc:#x}");
+    log::info!("Break at {pc:#x}");
 
     let ret_addr: GuestAddr = qemu.read_return_address().unwrap();
-    log::debug!("Return address = {ret_addr:#x}");
+    log::info!("Return address = {ret_addr:#x}");
 
     qemu.set_breakpoint(ret_addr);
 
     let input_addr = qemu
         .map_private(0, MAX_INPUT_SIZE, MmapPerms::ReadWrite)
         .unwrap();
-    log::debug!("Placing input at {input_addr:#x}");
+    log::info!("Placing input at {input_addr:#x}");
 
     let stack_ptr: GuestAddr = qemu.read_reg(Regs::Sp).unwrap();
 
@@ -267,10 +268,10 @@ pub fn fuzz() {
                     println!("Failed to load initial corpus at {:?}", &options.input_dir);
                     process::exit(0);
                 });
-            log::debug!("We imported {} inputs from disk.", state.corpus().count());
+            log::info!("We imported {} inputs from disk.", state.corpus().count());
         }
 
-        log::debug!("Processed {} inputs from disk.", files.len());
+        log::info!("Processed {} inputs from disk.", files.len());
 
         mgr.send_exiting()?;
         Err(Error::ShuttingDown)?

diff --git a/fuzzers/binary_only/qemu_launcher/Cargo.toml b/fuzzers/binary_only/qemu_launcher/Cargo.toml
@@ -42,6 +42,7 @@ vergen-git2 = "1.0.1"
 
 [dependencies]
 clap = { version = "4.5.18", features = ["derive", "string"] }
+env_logger = { version = "0.11.5" }
 libafl = { path = "../../../libafl", features = ["tui_monitor"] }
 libafl_bolts = { path = "../../../libafl_bolts", features = [
   "errors_backtrace",

diff --git a/fuzzers/binary_only/qemu_launcher/src/client.rs b/fuzzers/binary_only/qemu_launcher/src/client.rs
@@ -67,11 +67,11 @@ impl Client<'_> {
         let core_id = client_description.core_id();
         let mut args = self.args()?;
         Harness::edit_args(&mut args);
-        log::debug!("ARGS: {:#?}", args);
+        log::info!("ARGS: {:#?}", args);
 
         let mut env = self.env();
         Harness::edit_env(&mut env);
-        log::debug!("ENV: {:#?}", env);
+        log::info!("ENV: {:#?}", env);
 
         let is_asan = self.options.is_asan_core(core_id);
         let is_asan_guest = self.options.is_asan_guest_core(core_id);

diff --git a/fuzzers/binary_only/qemu_launcher/src/fuzzer.rs b/fuzzers/binary_only/qemu_launcher/src/fuzzer.rs
@@ -34,6 +34,7 @@ pub struct Fuzzer {
 
 impl Fuzzer {
     pub fn new() -> Fuzzer {
+        env_logger::init();
         let options = FuzzerOptions::parse();
         options.validate();
         Fuzzer { options }

diff --git a/fuzzers/binary_only/qemu_launcher/src/harness.rs b/fuzzers/binary_only/qemu_launcher/src/harness.rs
@@ -43,14 +43,14 @@ impl Harness {
     /// Initialize the emulator, run to the entrypoint (or jump there) and return the [`Harness`] struct
     pub fn init(qemu: Qemu) -> Result<Harness, Error> {
         let start_pc = Self::start_pc(qemu)?;
-        log::debug!("start_pc @ {start_pc:#x}");
+        log::info!("start_pc @ {start_pc:#x}");
 
         qemu.entry_break(start_pc);
 
         let ret_addr: GuestAddr = qemu
             .read_return_address()
             .map_err(|e| Error::unknown(format!("Failed to read return address: {e:?}")))?;
-        log::debug!("ret_addr = {ret_addr:#x}");
+        log::info!("ret_addr = {ret_addr:#x}");
         qemu.set_breakpoint(ret_addr);
 
         let input_addr = qemu