Debugging tips #2048
Merged
Debugging tips #2048
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
anything to add? |
|
Lets move it to the book |
domenukk
reviewed
Apr 14, 2024
DEBUGGING.md
Outdated
| This file answers some commmon questions that arise when you are writing a fuzzer using LibAFL. | ||
|
|
||
| ## Q. My fuzzer crashed but the stack trace is useless. | ||
| You can enable `errors_backtrace` feature of `libafl` crate. With this the stacktrace is meaningful. |
There was a problem hiding this comment.
the errors_backtrace feature of the libafl_bolts crate
domenukk
reviewed
Apr 14, 2024
DEBUGGING.md
Outdated
| Try running the fuzzer with `introspection` feature of `libafl`. This will show how much time is spent on each module of your fuzzer. | ||
|
|
||
| ## Q. I still have problems with my fuzzer. | ||
| Finally, if you really have no idea what is going on, run your fuzzer with logger enabled. (You can use `env_logger`, `SimpleStdoutLogger`, `SimpleStderrLogger` from `libafl_bolts`) (Don't forget to enable stdout and stderr), and you can open an issue or ask us in Discord. |
There was a problem hiding this comment.
We should provide an example or link to a fuzzer that uses it
domenukk
reviewed
Apr 14, 2024
DEBUGGING.md
Outdated
| First, verify that your stdout and stderr are not redirected to `/dev/null`. If you get the log, then it should either fall into the previous 2 cases. Either the fuzzer crashed because you didn't have the initial seeds, or the coverage feedback is not working. | ||
|
|
||
| ## Q. My fuzzer is slow. | ||
| Try running the fuzzer with `introspection` feature of `libafl`. This will show how much time is spent on each module of your fuzzer. |
There was a problem hiding this comment.
the ... feature of the ... crate
There was a problem hiding this comment.
A hyperlink here to the introspection feature would be nice that shows what it does
DEBUGGING.md
Outdated
| You can enable `errors_backtrace` feature of `libafl` crate. With this the stacktrace is meaningful. | ||
|
|
||
| ## Q. I started the fuzzer but the corpus count is 0. | ||
| Unless the initial corpus is loaded with the "load_initial_inputs_forced" function, we only store the interesting inputs, which is the inputs that triggered the feedback. So this usually means that your input was not interesting or your target was simply not propoerly implemented. |
There was a problem hiding this comment.
Suggested change
| Unless the initial corpus is loaded with the "load_initial_inputs_forced" function, we only store the interesting inputs, which is the inputs that triggered the feedback. So this usually means that your input was not interesting or your target was simply not propoerly implemented. | |
| Unless the initial corpus is loaded with the "load_initial_inputs_forced" function, we only store the interesting inputs, which is the inputs that triggered the feedback. So this usually means that your input was not interesting or your target was simply not properly implemented. |
There was a problem hiding this comment.
A solution/debugging tip for either scenario would go a long way:
- How to confirm that my input was not interesting?
- How to check if target is not properly implemented. This one can be tricky but common pit falls could be mentioned at least.
DEBUGGING.md
Outdated
| Try running the fuzzer with `introspection` feature of `libafl`. This will show how much time is spent on each module of your fuzzer. | ||
|
|
||
| ## Q. I still have problems with my fuzzer. | ||
| Finally, if you really have no idea what is going on, run your fuzzer with logger enabled. (You can use `env_logger`, `SimpleStdoutLogger`, `SimpleStderrLogger` from `libafl_bolts`) (Don't forget to enable stdout and stderr), and you can open an issue or ask us in Discord. |
There was a problem hiding this comment.
Suggested change
| Finally, if you really have no idea what is going on, run your fuzzer with logger enabled. (You can use `env_logger`, `SimpleStdoutLogger`, `SimpleStderrLogger` from `libafl_bolts`) (Don't forget to enable stdout and stderr), and you can open an issue or ask us in Discord. | |
| Finally, if you really have no idea what is going on, run your fuzzer with logging enabled. (You can use `env_logger`, `SimpleStdoutLogger`, `SimpleStderrLogger` from `libafl_bolts`) (Don't forget to enable stdout and stderr), and you can open an issue or ask us in Discord. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.