Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PROGRAM ABORT : Test case 'id_000000' results in a crash #424

Closed
hxm-cpp opened this issue Nov 28, 2023 · 3 comments
Closed

PROGRAM ABORT : Test case 'id_000000' results in a crash #424

hxm-cpp opened this issue Nov 28, 2023 · 3 comments

Comments

@hxm-cpp
Copy link
Contributor

hxm-cpp commented Nov 28, 2023 

E:\dev\winafl\build64\bin\Debug>afl-fuzz.exe -i in -o out -D E:\dev\DynamoRIO-Windows-7.91.18278-0\bin64 -t 20000 -- -coverage_module test.exe -fuzz_iterations 5000 -target_module test.exe -target_method "test_target" -nargs 2 -- test.exe @@
WinAFL 1.17 by <ifratric@google.com>
Based on AFL 2.43b by <lcamtuf@google.com>
[+] You have 16 CPU cores with average utilization of 4%.
[+] Try parallel jobs - see afl_docs\parallel_fuzzing.txt.
[*] Checking CPU core loadout...
[+] Found a free CPU core, binding to #0.
[+] Process affinity is set to 1.
[*] Setting up output directories...
[+] Output directory exists but deemed OK to reuse.
[*] Deleting old session data...
[+] Output dir cleanup successful.
[*] Scanning 'in'...
[+] No auto-generated dictionary tokens to reuse.
[*] Creating hard links for all input files...
[*] Attempting dry run with 'id_000000'...

[-] Oops, the program crashed with one of the test cases provided. There are
    several possible explanations:

    - The test case causes known crashes under normal working conditions. If
      so, please remove it. The fuzzer should be seeded with interesting
      inputs - but not ones that cause an outright crash.

    - Least likely, there is a horrible bug in the fuzzer. If other options
      fail, poke <lcamtuf@coredump.cx> for troubleshooting tips.

[-] PROGRAM ABORT : Test case 'id_000000' results in a crash
         Location : perform_dry_run(), E:\dev\winafl\afl-fuzz.c:3321

i tested with almost all dynamoRio versions i get same output error. winafl got compiled correctly tho and debug mode using drrun works too, here is a debug example
afl.test_gdiplus.exe.16724.0000.proc.log
@hxm-cpp
Copy link
Contributor Author

hxm-cpp commented Nov 28, 2023

fixed : the error was on windows version.

@hxm-cpp hxm-cpp closed this as completed Nov 28, 2023
@hxm-cpp
Copy link
Contributor Author

hxm-cpp commented Nov 28, 2023

actually no, even on vmware on newer windows i still got same dam error. weird part is :
when i give random offset
afl-fuzz.exe -i in -o out -D E:\dev\DynamoRIO-Windows-10.0.19683\bin64 -t 20000 -- -coverage_module test.exe -fuzz_iterations 5000 -target_module test.exe -target_offset 0x1000 -nargs 2 -- test.exe @@
it works.

but when giving the fucntion offset i'm targeting it ends up on

[-] The program took more than 20000 ms to process one of the initial test cases.
    In WinAFL, this error could also mean incorrect instrumentation params.
    Please make sure instrumentation runs correctly using the debug mode
    (see the README) before attempting to run afl-fuzz.

[-] PROGRAM ABORT : Test case 'id_000000' results in a timeout
         Location : perform_dry_run(), E:\dev\winafl\afl-fuzz.c:3254

@hxm-cpp hxm-cpp reopened this Nov 28, 2023
@hxm-cpp
Copy link
Contributor Author

hxm-cpp commented Nov 28, 2023

i see where i misunderstood it, stop calling it offset and instead write RVA.

@hxm-cpp hxm-cpp closed this as completed Jan 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hxm-cpp