QEMU mode for different architectures does not work!!
1,075 views
Skip to first unread message
sadulla...@gmail.com
Jun 18, 2017, 11:29:11 PM6/18/17
to afl-users
Hi,
I started playing with afl last week and it seems pretty useful. Thanks for this great tool. I am able to configure qemu for x86_64 architecture by just running the build_qemu_support.sh script without specifying target architecture. However, If I set target architecture, for instance if I set CPU_TARGET as i386, and runs the build_qemu_support.sh, it returns me:
......
[+] Successfully created '../afl-qemu-trace'.
[*] Testing the build...
[-] Error: afl-qemu-trace instrumentation doesn't seem to work!
All I did was to add one line into your script that specify cpu target, i.e. CPU_TARGET=i386
My uname -a results:
Linux ubuntu 4.8.0-54-generic #57~16.04.1-Ubuntu SMP x86_64 GNU/Linux
Am I missing something? I looked for different questions in group but none of them actually solved my problem.
Thanks in advance
Sadullah
sadulla...@gmail.com
Jun 19, 2017, 12:41:31 AM6/19/17
to afl-users
Hi again,
I actually noticed my fault. I was setting CPU_TARGET too late in the script which leads me this error. Currently, I am getting:
......
[+] Successfully created '../afl-qemu-trace'.
[!] Note: can't test instrumentation when CPU_TARGET set.
[+] All set, you can now (hopefully) use the -Q mode in afl-fuzz!
The problem is that I am not able to use -Q mode in afl-fuzz. It returns this error:
[-] PROGRAM ABORT : Fork server handshake failed
Location : init_forkserver(), afl-fuzz.c:2251
I again checked the group posts, here are some the tricks that I tried to run in Q mode:
setting AFL_NO_FORKSRV=1
running afl-fuzz with -m none
running afl-showmap to get detailed error which returns me:
-- Program output begins --
Unable to reserve 0xf7000000 bytes of virtual address space for use as guest address space (check your virtual memory ulimit setting or reserve less using -R option)
-- Program output ends --
[-] PROGRAM ABORT : No instrumentation detected
Location : main(), afl-showmap.c:755
I also fine tune -m option to run my program. I tried bunch of different parameters, none of them seemed to work.
By the way, I configured QEMU for i386 and compiled my simple c program using gcc -m32 -static command.
Thanks,
Sadullah
Michal Zalewski
Jun 19, 2017, 1:33:08 AM6/19/17
to afl-users
> running afl-showmap to get detailed error which returns me:
>
> -- Program output begins -- Unable to reserve 0xf7000000 bytes of virtual
> address space for use as guest address space (check your virtual memory
> ulimit setting or reserve less using -R option) -- Program output ends --
> [-] PROGRAM ABORT : No instrumentation detected Location : main(),
> afl-showmap.c:755
Try afl-showmap -m none (and then the remaining parameters, including -Q).
>
> -- Program output begins -- Unable to reserve 0xf7000000 bytes of virtual
> address space for use as guest address space (check your virtual memory
> ulimit setting or reserve less using -R option) -- Program output ends --
> [-] PROGRAM ABORT : No instrumentation detected Location : main(),
> afl-showmap.c:755
/mz
sadulla...@gmail.com
Jun 19, 2017, 4:30:56 AM6/19/17
to afl-users
Thanks a lot. It worked successfully after using -m none at the beginning.
Sadullah
Reply all
Reply to author
Forward
0 new messages