fuzzilli icon indicating copy to clipboard operation
fuzzilli copied to clipboard

Published 20 hours ago verified publisher icon googleprojectzero

Help needed with running fuzzilli

Open OrenGitHub opened this issue 3 years ago • 6 comments

Hi, when I run fuzzilli according to the instructions here, I get:

$ swift run FuzzilliCli --profile=v8 --storagePath=/home/oren/Downloads/AAA --inspect=all ./input.js
[0/0] Build complete!
[REPRL] Script execution failed: Did not receive HELO message from child: Permission denied. Retrying in 1 second...
[REPRL] Script execution failed again: Did not receive HELO message from child: Permission denied. Giving up
[LibCoverage] Coverage bitmap size could not be determined, is the engine instrumentation working properly?

So I guess I'm missing something (?) any help would be very much appreciated, thanks !

OrenGitHub avatar Jan 30 '22 08:01 OrenGitHub

Hi! You are missing /path/to/jsshell (from step 5). It should look something like this for fuzzing e.g. v8:

> swift run FuzzilliCli --profile=v8 --storagePath=/home/oren/Downloads/AAA --inspect=all /path/to/v8_checkout/out/fuzzbuild/d8

saelo avatar Feb 14 '22 17:02 saelo

Hey I'm having the same issue with it for JSC.... I did pass in JSC (compiled with the patch) but have the exact same output. Any thoughts?

0x41c avatar Apr 01 '22 00:04 0x41c

Running jsc with the --reprl flag outputs:

"write(REPRL_CWFD, helo, 4) == 4" failed

Which I assume is quite the issue lol.

0x41c avatar Apr 01 '22 00:04 0x41c

I think running a "fuzzilli" build of JSC outside of Fuzzilli is not supported and is expected to crash (because certain file descriptors aren't setup properly). You can use this tool though to verify that REPRL support works properly in the target engine.

saelo avatar Apr 07 '22 12:04 saelo

Thanks, I'll try that out!

0x41c avatar Apr 07 '22 20:04 0x41c

Yeah so I tried it out, and it has verified that REPL support does not seem to be working as seen here. https://github.com/googleprojectzero/fuzzilli/blob/3f0d246a47f39e066ab560f3bb23e2fe47a25850/Sources/REPRLRun/main.swift#L98 I'm not sure where it's going wrong because iirc I applied the patch correctly, but maybe something has changed... ?

0x41c avatar Apr 08 '22 17:04 0x41c

I'll close this issue since JSC support appears to be working fine for me. Feel free to reopen though if there are still problems.

saelo avatar Feb 02 '23 15:02 saelo 

$ swift run REPRLRun /tmp/jerryscript-8ba0d1b6ee/build/bin/jerry
Building for debugging...
Build complete! (0.20s)
Script execution failed, REPRL support does not appear to be working

I'm trying on JerryScript and get the same error, so maybe the support on JerryScript is still buggy?

zhangxiaosa avatar Jul 02 '23 02:07 zhangxiaosa