search

google / AFL

american fuzzy lop - a security-oriented fuzzer
https://lcamtuf.coredump.cx/afl/
Apache License 2.0
3.56k stars 625 forks source link

Using my own instrumentation #125

Closed fatimahkj closed 3 years ago

fatimahkj commented 3 years ago

Hi, I compile afl-clang with my own LLVM pass, when I run the fuzzer I get this problem while I'm sure my CORPUS is simple Screenshot from 2020-12-01 15-20-26

I used this command for running the fuzzer afl-fuzz -i /CORPUS -o /AFL_Results -m none a.out

I used then :

afl-fuzz -i /CORPUS -o /AFL_Results -m none -t 1000+ a.out but I got [-] PROGRAM ABORT : All test cases time out, giving up!

Is there a possible way to force AFL to work! Also, is the problem actually from my instrumented program or the problem with my CORPUS?

PS. before the instrumentation AFL worked on the same set of inputs!

Thanks

jonathanmetzman commented 3 years ago

Not really sure what's the cause here. But I suspect the issue is too target specific for me to know what's going on. Maybe add something like print statements to see how far in the target your testcase is getting. I personally use system("echo hi1 > /tmp/log") since AFL doesn't let you see the target's output.

I'd also try profiling the target on the same input without AFL. You can use the perf tool for this.