s2e-env
s2e-env copied to clipboard
S2E
libs2e is missing KVM debug features
Hi, I used ./launch-s2e.sh debug, and run inside gdb, but it gives me
s2e-block: dirty sectors on close:0
s2e-block: dirty after restore: 640 (ro=0)
s2e-block: wasted sectors: 1792
KVM: entry failed, hardware error 0x80000021
If you're running a guest on an Intel machine without unrestricted mode
support, the failure can be most likely due to the guest entering an invalid
state for Intel VT. For example, the guest maybe running in big real mode
which is not supported on less recent Intel processors.
EAX=00000000 EBX=00000002 ECX=ffffffff EDX=b7772878
ESI=bfa07f94 EDI=bfa08f14 EBP=00000000 ESP=bf9f7ee0
EIP=080487d0 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
CS =0073 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
DS =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
FS =0000 00000000 00000000 00000000
GS =0033 b75c7940 ffffffff 00d0f300 DPL=3 DS [-WA]
LDT=0000 00000000 00000000 00008200 DPL=0 LDT
TR =0080 cfdf07c0 0000206b 00008900 DPL=0 TSS32-avl
GDT= cfded000 000000ff
IDT= fffba000 000007ff
CR0=8005003b CR2=b76352c0 CR3=0f8e1000 CR4=000006b0
DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000
DR6=ffff0ff0 DR7=00000400
EFER=0000000000000000
Code=50 8e 04 08 e8 ab fd ff ff 83 c4 10 90 90 90 90 90 90 90 90 <31> c0 0f 3f 00 00 00 00 00 00 00 00 85 c0 74 f0 83 ec 0c 68 70 8e 04 08 e8 83 fd ff ff 83
I used qemu's -s option to attach gdb to s2e, as written in this doc.
I modified launch-s2e.sh script as follows, and remotely attach it.
LD_PRELOAD=$LIBS2E $QEMU -S -s $DRIVE \
-k en-us $GRAPHICS -monitor null -m 256M -enable-kvm \
-serial file:serial.txt -net none -net nic,model=e1000 \
-loadvm ready $*
But it gives me
libs2e: unknown KVM VCPU IOCTL vcpu 234238 request=0x4048ae9b arg=0x7ffc4a80b5a0 ret=0xffffffff
libs2e: unknown KVM VCPU IOCTL vcpu 234238 request=0x4048ae9b arg=0x7ffc4a80b5a0 ret=0xffffffff
The first problem looks like that it is related to kernel. Currently, I am using Ubuntu 14.04. What's OS in the development machine? 16.04?
Thanks.
It looks similar to https://github.com/S2E/s2e-env/issues/57 - I.e. a KVM feature is missing from libs2e On Sat, 4 Nov 2017 at 8:44 am, INSU YUN [email protected] wrote:
Hi, I used ./launch-s2e.sh debug, and run inside gdb, but it gives me
s2e-block: dirty sectors on close:0 s2e-block: dirty after restore: 640 (ro=0) s2e-block: wasted sectors: 1792 KVM: entry failed, hardware error 0x80000021
If you're running a guest on an Intel machine without unrestricted mode support, the failure can be most likely due to the guest entering an invalid state for Intel VT. For example, the guest maybe running in big real mode which is not supported on less recent Intel processors.
EAX=00000000 EBX=00000002 ECX=ffffffff EDX=b7772878 ESI=bfa07f94 EDI=bfa08f14 EBP=00000000 ESP=bf9f7ee0 EIP=080487d0 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0073 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =007b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 00000000 00000000 GS =0033 b75c7940 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 00000000 00008200 DPL=0 LDT TR =0080 cfdf07c0 0000206b 00008900 DPL=0 TSS32-avl GDT= cfded000 000000ff IDT= fffba000 000007ff CR0=8005003b CR2=b76352c0 CR3=0f8e1000 CR4=000006b0 DR0=00000000 DR1=00000000 DR2=00000000 DR3=00000000 DR6=ffff0ff0 DR7=00000400 EFER=0000000000000000 Code=50 8e 04 08 e8 ab fd ff ff 83 c4 10 90 90 90 90 90 90 90 90 <31> c0 0f 3f 00 00 00 00 00 00 00 00 85 c0 74 f0 83 ec 0c 68 70 8e 04 08 e8 83 fd ff ff 83
I used qemu's -s option to attach gdb to s2e, as written in this doc https://github.com/S2E/s2e-old/blob/master/docs/Howtos/Debugging.rst.
I modified launch-s2e.sh script as follows, and remotely attach it.
LD_PRELOAD=$LIBS2E $QEMU -S -s $DRIVE
-k en-us $GRAPHICS -monitor null -m 256M -enable-kvm
-serial file:serial.txt -net none -net nic,model=e1000
-loadvm ready $*But it gives me
libs2e: unknown KVM VCPU IOCTL vcpu 234238 request=0x4048ae9b arg=0x7ffc4a80b5a0 ret=0xffffffff libs2e: unknown KVM VCPU IOCTL vcpu 234238 request=0x4048ae9b arg=0x7ffc4a80b5a0 ret=0xffffffff
The first problem looks like that it is related to kernel. Currently, I am using Ubuntu 14.04. What's OS in the development machine? 16.04?
Thanks.
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/S2E/s2e-env/issues/60, or mute the thread https://github.com/notifications/unsubscribe-auth/AIOhknS0VllqtEmTuYFrwsoPrz3Fpmreks5sy5BhgaJpZM4QRvXx .
Yep. The doc is for the old S2E, this feature is missing for now. I remember @VPaulV was working on it.
Looks like it was lost somewhere behind the commits when we were migrating to another repository. As far as I remember to make it work there should be implemented only one or two functions. Could you show a backtrace?
Does this have progress? I forgot this one. @VPaulV Are you asking for backtrace to me?
@VPaulV the backtrace in my case:
[New Thread 0x15554f213700 (LWP 8002)]
Warning: vlan 0 is not connected to host network
s2e-block: dirty sectors on close:0
s2e-block: dirty after restore: 624 (ro=0)
s2e-block: wasted sectors: 1552
KVM: entry failed, hardware error 0x80000021
If you're running a guest on an Intel machine without unrestricted mode
support, the failure can be most likely due to the guest entering an invalid
state for Intel VT. For example, the guest maybe running in big real mode
which is not supported on less recent Intel processors.
EAX=00000000 EBX=00000002 ECX=ffffffff EDX=f7739878
ESI=ff7fe574 EDI=ff7fff10 EBP=00000000 ESP=ff7ee4c0
EIP=080487d0 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA]
SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA]
FS =0000 00000000 00000000 00000000
GS =0063 f758e940 ffffffff 00d0f300 DPL=3 DS [-WA]
LDT=0000 00000000 00000000 00008200 DPL=0 LDT
TR =0040 0fc14ec0 00002087 00008900 DPL=0 TSS64-avl
GDT= ffff88000fc09000 0000007f
IDT= ffffffffff57b000 00000fff
CR0=80050033 CR2=00007fdafa2ab000 CR3=000000000da8e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
Code=40 8e 04 08 e8 ab fd ff ff 83 c4 10 90 90 90 90 90 90 90 90 <31> c0 0f 3f 00 00 00 00 00 00 00 00 85 c0 74 f0 83 ec 0c 68 60 8e 04 08 e8 83 fd ff ff 83
^C
Thread 1 "qemu-system-x86" received signal SIGINT, Interrupt.
0x00001555533a75d3 in select () at ../sysdeps/unix/syscall-template.S:84
84 ../sysdeps/unix/syscall-template.S: No such file or directory.
(gdb) bt
#0 0x00001555533a75d3 in select () at ../sysdeps/unix/syscall-template.S:84
#1 0x00005555556cedce in os_host_main_loop_wait (timeout=1000)
at /home/ckx/aegpro-s2e/source/s2e/qemu/main-loop.c:304
#2 0x00005555556cef14 in main_loop_wait (nonblocking=0)
at /home/ckx/aegpro-s2e/source/s2e/qemu/main-loop.c:486
#3 0x00005555556c287d in main_loop ()
at /home/ckx/aegpro-s2e/source/s2e/qemu/vl.c:1579
#4 0x00005555556c9327 in main (argc=18, argv=0x7fffffffdb58,
envp=0x7fffffffdbf0) at /home/ckx/aegpro-s2e/source/s2e/qemu/vl.c:3777
debug exec stuck at
s2eget ./bootstrap.sh
like that:
Would you have some suggestion ?
Unfortunately no. The backlog is so large I don't have time to fix everything. Whoever needs it will need to get their hands dirty :) I'll be very happy to provide feedback and review the pull requests.
Thx @vitalych. As per https://github.com/S2E/s2e-env/issues/60#issuecomment-347469167 looks like there was some incomplete work that didn't find its way into git - can you share?