AFLplusplus: afl-cmin crashes and pollutes terminal
afl-cmin fails to minimize huge amount of samples and pollutes terminal with afl-showmap output (raw coverage maps?).
steps to reproduce:
- fuzz python3 with input scripts (
afl-fuzz ... -- ./python3 -s @@) for a few days to get bunch of samples. in my case i had 8 afl-fuzz instances. - put all the samples in a single directory. e.g.
find out -type f -path "*/queue/id*" cp -t samples {} +in my case i had 26136 samples (sizes vary from 1 byte to 30 Kb) - run afl-cmin:
export AFL_MAP_SIZE=100585 # value reported by calling fuzz target afl-cmin -i samples -o samples_cmin -m none -- ./python3 -s @@
here is what happens in my terminal in a few minutes:
another example:
(note awk error in lower right corner)
exit code of afl-cmin is 2
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 23 (23 by maintainers)
@vanhauser-thc, your fix with https://github.com/AFLplusplus/AFLplusplus/commit/338f1ae2f85dffe7daa88fa78cd1d078a986d0d5 works! Thanks.
When using version prior to that commit one may use gawk instead of mawk to mitigate the issue.
OK I checked this out after I finally had some time … the afl-cmin awk script triggers a bug in mawk where a
print ""will dump stack or heap memory, and because of control characters printed its all gibberish. I removed thatprint ""and then for me it works without that weird output being printed now. the bug seems to come together with too much output it collects for a file descriptor to write into … because if I remove files from the input directory the issue does not exist either. or when using gawk.I added redirection detection to the afl-cmin script, but since i am on vacation from tomorrow on, i cannot do more investigation now.
Sure thing @hexcoder- samples_for_issue_1428.tar.gz