Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

hi, i am not sure what does host payload size too large means? #305

Open
uiop7774 opened this issue Jan 30, 2025 · 3 comments
Open

hi, i am not sure what does host payload size too large means? #305

uiop7774 opened this issue Jan 30, 2025 · 3 comments

Comments

@uiop7774
Copy link

uiop7774 commented Jan 30, 2025
edited
Loading

so i am currently trying to fuzz nf_table,
i've done the test_script, agent.sh, but when i try to run the kafl, it shows:

Image

i don't know where i need to start debugging.
thanks in advance!
@Wenzel
Copy link
Contributor

Wenzel commented Jan 30, 2025

Hi @uiop7774

this is a message that originates from a habort call like this:
https://github.com/IntelLabs/kafl.targets/blob/master/linux-user/fs_fuzzer/src/fs_fuzzer.c#L94

You have a mismatch between the payload configured in your harness agent and the size reported by the host fuzzer.
This is a safety check to ensure they match.

The default fuzzer payload size is configured here:
https://github.com/IntelLabs/kafl.fuzzer/blob/master/kafl_fuzzer/common/config/default_settings.yaml#L17

@uiop7774
Copy link
Author

uiop7774 commented Feb 3, 2025

hi @Wenzel thanks for the reply!!!
i've solved this problem, however i immediately meet another problem.

Image
in the above snapshot, i've added some debugging output, but the main problem is that the libxdc_init() is not working.
i.e. the "Worker-00 WTF error occurred: Guest ABORT: libxdc_init() has failed ..."

however, i can not find anything that has to do with libxdc_init() in python code, so i figured it's the problem of c code,
anyway then i go check out what does libxdc do, it turns out to be the intel PT technology.

so i begin my debug process:

Image
i checked my host's /dev/shm/kafl_james/serial_00.log(above image), i can clearly see that my test script is running in the guest, and the agent_init() runs successfully, but the test script crash when it should get payload from the host.

then i go check why my DVKM, fs_fuzzer is working correctly but my own test script is failing.
so, after my debugging step, i found that the possible problem is the kernel.

in DVKM, the kernel is
Image

in fs_fuzzer, the kernel is
Image

but for my own test setup, i used my compiled linux kernel(from source)
Image

i am now wondering whether it is because my kernel is compiled without any libxdc configuration, so that the libxdc_init() is not running, can you confirm my suspicion?

thanks

@Wenzel
Copy link
Contributor

Wenzel commented Feb 18, 2025

Hi @uiop7774
happy to hear that you solved your payload issue ! 🎉

The libxdc_init() has failed is located in QEMU.
Also, the target (kernel image) has nothing to do with libxdc.

I'm not certain as to why libxdc fails, and the library doesn't contain meaningful error messages unfortunately.
Any way i can repro this error reliably ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Wenzel @uiop7774