diff options
| author | ReimersS <sebastian.reimers@tum.de> | 2025-10-31 09:30:25 +0000 |
|---|---|---|
| committer | ReimersS <sebastian.reimers@tum.de> | 2025-11-04 09:37:02 +0000 |
| commit | 1cac72b8753bf7a5cce5d6b9342aade42773f249 (patch) | |
| tree | a565f331dc468f9f5f6dd70b4fba01ef6f2fd967 /README.md | |
| parent | 752d17da37963d64c4896167a9178e14b743cc36 (diff) | |
| download | focaccia-1cac72b8753bf7a5cce5d6b9342aade42773f249.tar.gz focaccia-1cac72b8753bf7a5cce5d6b9342aade42773f249.zip | |
Cosmetic changes & README sr/plugin
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/README.md b/README.md index 94e6889..68033d9 100644 --- a/README.md +++ b/README.md @@ -29,7 +29,7 @@ It will take a while to compile. ### QEMU A number of additional tools are included to simplify use when validating QEMU: -`capture-transforms`, `convert-log`, `validate-qemu`. They enable the following workflow. +`capture-transforms`, `convert-log`, `validate-qemu`, `validation_server`. They enable the following workflow. ```bash capture-transforms -o oracle.trace bug.out @@ -37,6 +37,16 @@ qemu-x86_64 -g 12345 bug.out & validate-qemu --symb-trace oracle.trace localhost 12345 ``` +Alternatively if you have access to the focaccia QEMU plugin: + +```bash +validation_server.py --symb-trace oracle.trace --use-socket=/tmp/focaccia.sock --guest_arch=<arch> +``` +After you see `Listening for QEMU Plugin connection at /tmp/focaccia.sock...` you can start QEMU like this: +```bash +qemu-<arch> [-one-insn-per-tb] --plugin build/contrib/plugins/libfocaccia.so <bug.out> +``` + Using this workflow, Focaccia can determine whether a mistranslation occured in that particular QEMU run. ### Box64 |