Struct libafl_qemu::emu::Emulator

impl Emulator

pub fn new( args: &[String], env: &[(String, String)] ) -> Result<Emulator, EmuError>

pub fn mappings(&self) -> GuestMaps ⓘ

This function gets the memory mappings from the emulator.

pub fn write_reg<R, T>(&self, reg: R, val: T) -> Result<(), String>where T: Num + PartialOrd + Copy, R: Into<i32>,

pub fn read_reg<R, T>(&self, reg: R) -> Result<T, String>where T: Num + PartialOrd + Copy, R: Into<i32>,

pub fn set_breakpoint(&self, addr: GuestAddr)

pub fn remove_breakpoint(&self, addr: GuestAddr)

pub fn set_hook( &self, addr: GuestAddr, callback: extern "C" fn(_: GuestAddr, _: u64), data: u64, invalidate_block: bool ) -> usize

pub fn remove_hook(&self, addr: GuestAddr, invalidate_block: bool) -> usize

pub unsafe fn run(&self)

This function will run the emulator until the next breakpoint, or until finish.

Safety

Should, in general, be safe to call. Of course, the emulated target is not contained securely and can corrupt state or interact with the operating system.

pub fn binary_path<'a>(&self) -> &'a str

pub fn load_addr(&self) -> GuestAddr

pub fn get_brk(&self) -> GuestAddr

pub fn set_brk(&self, brk: GuestAddr)

pub fn get_mmap_start(&self) -> GuestAddr

pub fn set_mmap_start(&self, start: GuestAddr)

pub fn map_private( &self, addr: GuestAddr, size: usize, perms: MmapPerms ) -> Result<GuestAddr, String>

pub fn map_fixed( &self, addr: GuestAddr, size: usize, perms: MmapPerms ) -> Result<GuestAddr, String>

pub fn mprotect( &self, addr: GuestAddr, size: usize, perms: MmapPerms ) -> Result<(), String>

pub fn unmap(&self, addr: GuestAddr, size: usize) -> Result<(), String>

pub fn flush_jit(&self)

pub fn add_edge_hooks( &self, gen: Option<extern "C" fn(_: GuestAddr, _: GuestAddr, _: u64) -> u64>, exec: Option<extern "C" fn(_: u64, _: u64)>, data: u64 )

pub fn add_block_hooks( &self, gen: Option<extern "C" fn(_: GuestAddr, _: u64) -> u64>, exec: Option<extern "C" fn(_: u64, _: u64)>, data: u64 )

pub fn add_read_hooks( &self, gen: Option<extern "C" fn(_: GuestAddr, _: MemAccessInfo, _: u64) -> u64>, exec1: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec2: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec4: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec8: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec_n: Option<extern "C" fn(_: u64, _: GuestAddr, _: usize, _: u64)>, data: u64 )

pub fn add_write_hooks( &self, gen: Option<extern "C" fn(_: GuestAddr, _: MemAccessInfo, _: u64) -> u64>, exec1: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec2: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec4: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec8: Option<extern "C" fn(_: u64, _: GuestAddr, _: u64)>, exec_n: Option<extern "C" fn(_: u64, _: GuestAddr, _: usize, _: u64)>, data: u64 )

pub fn add_cmp_hooks( &self, gen: Option<extern "C" fn(_: GuestAddr, _: usize, _: u64) -> u64>, exec1: Option<extern "C" fn(_: u64, _: u8, _: u8, _: u64)>, exec2: Option<extern "C" fn(_: u64, _: u16, _: u16, _: u64)>, exec4: Option<extern "C" fn(_: u64, _: u32, _: u32, _: u64)>, exec8: Option<extern "C" fn(_: u64, _: u64, _: u64, _: u64)>, data: u64 )

pub fn add_backdoor_hook( &self, exec: extern "C" fn(_: GuestAddr, _: u64), data: u64 )

pub fn set_on_thread_hook(&self, hook: extern "C" fn(tid: u32))

pub fn set_pre_syscall_hook( &self, hook: extern "C" fn(_: i32, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64) -> SyscallHookResult )

pub fn set_post_syscall_hook( &self, hook: extern "C" fn(_: u64, _: i32, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64, _: u64) -> u64 )

pub fn add_gdb_cmd(&self, callback: Box<dyn FnMut(&Self, &str) -> bool>)

pub fn gdb_reply(&self, output: &str)

Trait Implementations§

impl Clone for Emulator

fn clone(&self) -> Emulator

Returns a copy of the value. Read more

1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for Emulator

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

impl RefUnwindSafe for Emulator

impl Send for Emulator

impl Sync for Emulator

impl Unpin for Emulator

impl UnwindSafe for Emulator

Blanket Implementations§

impl<T> Any for Twhere T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for Twhere T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for Twhere T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into for Twhere U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<Tail, T> Prepend<T> for Tail

type PreprendResult = Tail

The Resulting [TupleList], of an Prepend::prepend() call, including the prepended entry.

fn prepend(self, value: T) -> (T, <Tail as Prepend<T>>::PreprendResult)

Prepend a value to this tuple, returning a new tuple with prepended value.

impl<T> ToOwned for Twhere T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom for Twhere U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom>::Error>

Performs the conversion.

impl<T, U> TryInto for Twhere U: TryFrom<T>,

type Error = >::Error

The type returned in the event of a conversion error.