-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fuzz: generate a proper backtrace #5343
Comments
can it be simply solved by adding a RUST_BACKTRACE=1 env variable into CICD.yml? |
I run the below command ❯ RUST_BACKTRACE=1 cargo +nightly fuzz run fuzz_date -- -max_total_time=60 -detect_leaks=0
For more information, try '--help'.
thread '<unnamed>' panicked at /home/arch/.cargo/registry/src/index.crates.io-6f17d22bba15001f/chrono-0.4.31/src/duration.rs:121:13:
Duration::seconds out of bounds
stack backtrace:
0: rust_begin_unwind
at /rustc/ca2b74f1ae5075d62e223c0a91574a1fc3f51c7c/library/std/src/panicking.rs:619:5
1: core::panicking::panic_fmt
at /rustc/ca2b74f1ae5075d62e223c0a91574a1fc3f51c7c/library/core/src/panicking.rs:72:14
2: chrono::duration::Duration::hours
3: parse_datetime::parse_relative_time::parse_relative_time_at_date
4: parse_datetime::parse_relative_time::parse_relative_time
5: parse_datetime::parse_datetime_at_date
6: uu_date::uumain::uumain
7: uu_date::uumain
8: fuzz_date::_::__libfuzzer_sys_run
9: rust_fuzzer_test_input
10: std::panicking::try::do_call
11: __rust_try
12: LLVMFuzzerTestOneInput
13: _ZN6fuzzer6Fuzzer15ExecuteCallbackEPKhm
14: _ZN6fuzzer6Fuzzer6RunOneEPKhmbPNS_9InputInfoEbPb
15: _ZN6fuzzer6Fuzzer16MutateAndTestOneEv
16: _ZN6fuzzer6Fuzzer4LoopERSt6vectorINS_9SizedFileESaIS2_EE
17: _ZN6fuzzer12FuzzerDriverEPiPPPcPFiPKhmE
18: main
19: <unknown>
20: __libc_start_main
21: _start
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
==4043709== ERROR: libFuzzer: deadly signal
#0 0x560153f38ea1 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc09ea1) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#1 0x5601553037b9 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fd47b9) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#2 0x56015531bbe5 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fecbe5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#3 0x7f5f1f83e70f (/usr/lib/libc.so.6+0x3e70f) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#4 0x7f5f1f88e83b (/usr/lib/libc.so.6+0x8e83b) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#5 0x7f5f1f83e667 (/usr/lib/libc.so.6+0x3e667) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#6 0x7f5f1f8264b7 (/usr/lib/libc.so.6+0x264b7) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#7 0x5601553928f6 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20638f6) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#8 0x560153e8f816 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb60816) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#9 0x5601552e9dd4 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fbadd4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#10 0x5601553869b2 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20579b2) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#11 0x5601553866e5 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20576e5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#12 0x5601553837b5 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20547b5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#13 0x560155386471 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x2057471) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#14 0x560153e92ea4 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb63ea4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#15 0x560154037270 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd08270) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#16 0x5601540421c3 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd131c3) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#17 0x56015404000f (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd1100f) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#18 0x560153f79d58 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc4ad58) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#19 0x560153fc6b21 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc97b21) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#20 0x560153fc4380 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc95380) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#21 0x560153fd9f87 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xcaaf87) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#22 0x560153fd9580 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xcaa580) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#23 0x5601552e4bb8 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fb5bb8) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#24 0x5601552e9ff7 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fbaff7) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#25 0x5601552e91c1 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fba1c1) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#26 0x56015531c119 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fed119) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#27 0x560155323545 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff4545) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#28 0x56015532454a (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff554a) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#29 0x5601553253f7 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff63f7) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#30 0x5601552fc34b (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fcd34b) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#31 0x560153e937f2 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb647f2) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
#32 0x7f5f1f827ccf (/usr/lib/libc.so.6+0x27ccf) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#33 0x7f5f1f827d89 (/usr/lib/libc.so.6+0x27d89) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
#34 0x560153e939b4 (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb649b4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
NOTE: libFuzzer has rudimentary signal handlers.
Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 1 CopyPart-; base unit: 8fed895ff418dffb9ae58f8fc6383d48149f37a6
0x0,0x2d,0x64,0x72,0x6c,0x65,0x75,0x72,0x2d,0x32,0x3a,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x68,0x6c,0x70,
\000-drleur-2:22222222222222hlp
artifact_prefix='/home/arch/code/tommady/coreutils/fuzz/artifacts/fuzz_date/'; Test unit written to /home/arch/code/tommady/coreutils/fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943
Base64: AC1kcmxldXItMjoyMjIyMjIyMjIyMjIyMmhscA==
────────────────────────────────────────────────────────────────────────────────
Failing input:
fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943
Output of `std::fmt::Debug`:
[0, 45, 100, 114, 108, 101, 117, 114, 45, 50, 58, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 104, 108, 112]
Reproduce with:
cargo fuzz run fuzz_date fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943
Minimize test case with:
cargo fuzz tmin fuzz_date fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943
────────────────────────────────────────────────────────────────────────────────
Error: Fuzz target exited with exit status: 77 is this the acceptable display you want? |
nope, it should provide the function name and positions |
usually, the issue is that the build is done in release mode and not debug |
So I guess we want a fuzz profile which is like release with debuginfo? That should be easy to do. |
can it can be seen here:
#5311
the backtrace doesn't contain any debug information
Seems that we should build in debug mode in the CI:
"fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc03481"
Probably this line:
https://github.com/uutils/coreutils/blob/main/.github/workflows/fuzzing.yml#L29
The text was updated successfully, but these errors were encountered: