Working Qemu for libafl_qemu Snapshots

When wanting to manually walk in a VM for a snapshot, the devices used in QEMU have to align with the devices available in libafl_qemu. In my case, it was about disabling slirp for guest networks since that is not in the LibAFL version. But this approach should work for other stuff, too. So here is what I did.

Identifying QEMU Flags in the libafl_qemu Source

When we look at this, we can see lots of things getting disabled. These are flags we can use when compiling. So since I had the case of slirp making a problem, let's see how to disable it.

Compiling a Functional QEMU

git clone https://github.com/qemu/qemu
mkdir build
cd build
../configure --disable-slirp
make

The Other Way Around

It might also work to enable features in libafl_qemu, if that is needed. But ofc this is experimental. So we can change the source

This did not work in my case.

By @gbaru in [ Fuzzing ] Sa 30 März 2024
Tags : #fuzzing,