WinAFL Internal Crash at PC 0x5a1a456e

[rmachnee]

I received the attached pop up error while testing offsets.

using the following command line: ........\Users\operator\Desktop\RachaelWinAFL\dynamorio-master\bin32\drrun.exe -c ........\Users\operator\Desktop\RachaelWinAFL\winafl-master\build32\bin\Release\winafl.dll -debug -target_module FuzzProgram.exe -target_offset 0xD6F339 -coverage_module FuzzProgram.exe -fuzz_iterations 10 -- "FuzzProgram.exe"

I am running out of the FuzzProgram folder as it reads from many different files. I have found one offset that this doesnt occur out of 20ish, however, that offset isnt the correct one for fuzzing coverage.

Any insight into what could be causing this?

[ifratric]

Such errors usually indicate either incorrect usage or incompatibility between the target and DynamoRIO.

To diagnose the first type of issue, use debug mode as explained in https://github.com/googleprojectzero/winafl/blob/master/readme_dr.md

For the second type of issue, try using TinyInst mode instead of DynamoRIO (note: some flags have different names in TinyInst mode)

[ifratric]

Ah, sorry, I see this is an error already with the Debug mode. Would try TinyInst and see if that runs without issues.

[rmachnee]

I will try with TinyInst.

What would cause an incompatibility issue between the target and DynamoRIO?

[J-jaeyoung]

I faced a similar issue, but I resolved it by using a different version of DynamoRIO. This is the version I use most often with the latest winafl.

[rmachnee]

@J-jaeyoung I tried this and am no longer seeing the pop up but in the command prompt I am seeing a similar error of: WinAFL internal crash at PC 0x5ad958ff.

Have you had similar issues?

[J-jaeyoung]

If you encounter similar errors while using drrun.exe -t drcov -- <options>, it might be an issue with DynamoRIO. If that's the case, I recommend not using DynamoRIO and considering alternatives like TinyInst or Intel PT.