Trouble fuzzing

[Zelphyr]

I set up redqueen on ubuntu 16.04, I tried to fuzz the binary who in the lava directory with the commands given in the README and it worked well. So I tried to fuzz the other binaries (uniq, base64 and md5sum), I packed them the same way I did with who, I got the address range with the 2nd instruction and executed the 3rd with it and ... Either it finds almost no path ending up with 0/X in Pending and the number of cycle getting quite high pretty fast or it starts working well and about 5 min into fuzzing I get this from the log : [QEMU] FAIL RECV: Z (Exp: R) So I'm guessing I'm doing something wrong, anyone has an idea on what it is ? I tried to play with the arguments but I just can't make it work ...

Those are the command lines I used (in the kAFL-Fuzzer directory) :

$ python ~/redqueen/kAFL-Fuzzer/kafl_user_prepare.py --recompile -args=/A -file=/A ~/redqueen/Evaluation/lava/binaries/uniq ~/redqueen/Evaluation/lava/packed/ m64
$ python kafl_info.py Kernel  \
~/redqueen/Target-Components/linux_initramfs/bzImage-linux-4.15-rc7 \
~/redqueen/Target-Components/linux_initramfs/init.cpio.gz \
~/redqueen/Evaluation/lava/packed/uniq_info \
500

Which gave me the range 0x400000 - 0x40a000 so I executed this input :

$ python kafl_fuzz.py Kernel \
~/redqueen/Target-Components/linux_initramfs/bzImage-linux-4.15-rc7 \
~/redqueen/Target-Components/linux_initramfs/init.cpio.gz \
~/redqueen/Evaluation/lava/packed/uniq_fuzz  \
500 \
~/redqueen/Evaluation/lava/seeds \
/tmp/kafl_workdir -ip0 0x400000 - 0x40a000 -t10 -hammer_jmp_tables -n -D -r -l -v -p1```

[Kyle-Kyle]

did you solve the issue eventually? I'm facing the same issue at the moment. Any help is appreciated