search

vanhauser-thc / afl-pin

run AFL with pintool
GNU Affero General Public License v3.0
66 stars 11 forks source link

"Fork server handshake failed" #2

Closed eknoes closed 6 years ago

eknoes commented 6 years ago

For test purposes I wanted to try out your tool with the GNU Binutils strings command. I get the following output:

$ AFL_MEM=none afl-fuzz-pin.sh -forkserver -Q -i afl_in -o afl_out -M fuzzer01 -- strings @@

kernel.core_pattern = core
kernel.randomize_va_space = 0
Running: afl-fuzz -m none -Q -i afl_in -o afl_out -M fuzzer01 -- /home/afl_user/Tools/pin-intel/pin -t /usr/local/lib/pintool/afl-pin.so -forkserver -- ./strings @@
afl-fuzz 2.52b by <lcamtuf@google.com>
[+] You have 12 CPU cores and 5 runnable tasks (utilization: 42%).
[+] Try parallel jobs - see /usr/local/share/doc/afl/parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #4.
[*] Checking core_pattern...
[*] Checking CPU scaling governor...
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'afl_in'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Validating target binary...
[*] Attempting dry run with 'id:000000,orig:elf-32bit'...
[*] Spinning up the fork server...

[-] Hmm, looks like the target binary terminated before we could complete a
    handshake with the injected code. Perhaps there is a horrible bug in the
    fuzzer. Poke <lcamtuf@coredump.cx> for troubleshooting tips.

[-] PROGRAM ABORT : Fork server handshake failed
         Location : init_forkserver(), afl-fuzz.c:2253

I also tried different memory limits, but that changed nothing.

If I understand it correctly by using -forkserver I do not have to additionally instrument the binary.

If I run strings without AFL on the generated test case in fuzzer01/queue, it works as expected.

vanhauser-thc commented 6 years ago

sorry I seem to have missed this issue.

why are you sing the -Q option? you are not running qemu. And just for a start, leave the "-M fuzzer01" option away.

please retry. If it still fails, what is the output if you do: /home/afl_user/Tools/pin-intel/pin -t /usr/local/lib/pintool/afl-pin.so -forkserver -- ./strings /etc/hosts ?

nanshihui commented 6 years ago

the same as me

vanhauser-thc commented 6 years ago

@nanshihui are you using the exact same command line? what are you testing? with this simple "same as me" I can not do anything, sorry .... ....

nanshihui commented 6 years ago

I finally found that i mix up the file in different environment。So i reinstalled it , and did work。