when i run fuzzware pipeline, I got a error. [FORKSERVER SETUP] It looks like we are not running under AFL, going for single input

[emorasoul]

when i run fuzzware pipeline, I got a error.

[04-25 09:52:38 INFO] run_target.py - Running target with config path: /home/user/fuzzware/targets/application/config.yml input path: /home/user/fuzzware/targets/application/fuzzware-project/.empty_input Extra args: ['-v']

add_mmio_region called! hooking 0x40000000 - 0x60000000 [FORKSERVER SETUP] It looks like we are not running under AFL, going for single input

[ 0x00040000 ] INVALID FETCH: addr= 0x0000000000040000 [ERROR] Emulation stopped using just the prefix input (8: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)) [ERROR] Could not retrieve the number of required ticks during discovery forking [04-25 09:52:39 ERROR] pipeline.py - Failed to perform emulator dry run: Emulator status code != 0

config.yml 1 include: 2 - ./cortexm_memory.yml 3 4 memory_map: 5 sram: 6 base_addr: 0x510000 7 permissions: rwx 8 size: 0x10000 9 text: 10 base_addr: 0x14080000 11 file: ./app.bin 12 permissions: r-x 13 size: 0x800000 14 is_entry: False 15 entry_point: 0x80BFC 16 use_timers: false 17 use_nvic: false 18 use_systick: false

[Scepticz]

Hi emorasoul,

this looks to me like firmware expects code to be executed at 0x40000, but there is no code mapped there.

This could have different reasons:

1. The firmware expects the flash image to be mirrored to address 0x40000
2. There is another piece of (ROM?) code which is located at that address
3. The address at 0x14080000 for the flash image is actually not the correct one.

What you can do to get more information on what is going on in the emulator, you can use:

fuzzware emu -c config.yml -v -d -M *.bin

This will run the target with tracing enabled.

Best Tobi