Marcin Kozlowski

@vanhauser-thc thank you. Compiled it with NDK toolchain. Seems to work. Have now fpicker and AFL++ running on the device and/or emulator. Will try to run fpicker in AFL++ proxy...

Hmmmm Tried with 2 different targets, including the `test` from example. Looked good until crash :/ Any idea why Frida (Frida Server) gets access violation? What can I try? @ttdennis...

Weird is that it works in active mode (frida server, agent/harness), but not when in AFL++ mode :/

Per Frida dev(s): "you're most likely not keeping a memory allocation alive. E.g. the JS value returned by Memory.alloc() must stay alive for as long as the memory area is...

I think this line is causing the violation: https://github.com/ttdennis/fpicker/blob/20fce17eed18c97b52567a2f8484c1cc1fa5a05e/harness/fuzzer.js#L143 Without it, it goes further but the target segfaults and AFL++ shows no instrumentation???? ``` [*] Spinning up the fork server......

Issue is with Shared memory I think: It find the shmat function (using preloaded lib) `05-10 09:30:23.724 15654 15655 I fpicker : [JS]: shmat_addr: 0x7fb6ae076c` But then shm add is...

Did some changes Now it errors here: ``` 05-10 13:13:43.673 20770 20770 I fpicker : - metrics: disabled 05-10 13:13:43.673 20770 20770 I fpicker : 05-10 13:13:43.673 20770 20770 I...

Actually getting closer ... ``` 05-10 15:46:36.655 23472 23472 I fpicker : - out_dir: (null) 05-10 15:46:36.655 23472 23472 I fpicker : - metrics: disabled 05-10 15:46:36.655 23472 23472 I...

@vanhauser-thc thanks for your help so far :) OK, got it to work (the shared memory part), but still there is access violation ``` 05-10 16:22:15.616 24566 24566 I fpicker...

Thank you @domenukk Very insightful. I think I made it to work!!!!  Looks good to me. Great stuff all cc @ttdennis @vanhauser-thc @domenukk