search

nautilus-fuzz / nautilus

A grammar based feedback Fuzzer
MIT License
413 stars 63 forks source link

shm_id "No space left on device" #65

Open bendrissou opened 1 week ago

bendrissou commented 1 week ago

I have tried running Nautilus on both Mac OS and Ubuntun, but its crashing.

Running target/release/fuzzer -o findings -- ./test '@@' [2024-07-01] 12:44:07 Starting Fuzzing... thread 'fuzzer_1' panicked at forksrv/src/lib.rs:192:17: shm_id "No space left on device" note: run with RUST_BACKTRACE=1 environment variable to display a backtrace Segmentation fault

Are there any memory requirements?

eqv commented 1 week ago

This is most likely due to the fact that you are using a too-recent release of AFL++'s compiler and/or the size of your bitmap in the configuration doesn't match the size of the bitmap produced by the target. PLease first make sure to set the bitmap size to the right value in the config, and if that doesn't work, try using an older compiler. @vanhauser-thc might know which compiler/version works :)

vanhauser-thc commented 1 week ago

Compile with AFL_LLVM_INSTRUMENT=CLASSIC and run with AFL_OLD_FORKSERVER=1 Needs current GitHub state

bendrissou commented 1 week ago

Thank you for your replies. @vanhauser-thc , how to run with AFL_OLD_FORKSERVER=1 in Nautilus? I believe Nautilus has its own forking process. The run command is:

cargo run --release -- -o findings -- ./test @@
vanhauser-thc commented 1 week ago

You just set the environment variable

bendrissou commented 1 week ago 
AFL_LLVM_INSTRUMENT=CLASSIC afl-clang-fast test.c -o test
export AFL_OLD_FORKSERVER=1
cargo run --release -- -o findings -- ./test @@

Still getting the same error:

thread 'fuzzer_1' panicked at forksrv/src/lib.rs:192:17:
shm_id "No space left on device"
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Segmentation fault
vanhauser-thc commented 1 week ago

when did you update afl++ from github, recompiled and installed?

bendrissou commented 1 week ago

Just now. I cloned, recompiled and reinstalled. But the error persists. Can you please reproduce at your end?

bendrissou commented 1 week ago

@vanhauser-thc can you confirm the bug please? Does the issue exist in older versions of afl++.

bendrissou commented 1 week ago

Just tested commit 1ffb1b6 (6 months old) and it works.

vanhauser-thc commented 1 week ago

weird you are right it does not work with the current state. (@eqv do not merge the PR yet then) It works when using afl-gcc, but that is a horrible solution.