I use the tool on chrome from google ,it works ok!
but when i use the fuzz.cmd to fuzz chrome that compiled by myself, it quit immediately and outputs as follows..
T+0.3 The application is suspended (First chance exception 0xC0000005)...
┌─ A bug was detected ─────────────────────────────────────────────────────────────────
│ Id @ Location: AVW:Reserved[0xDB399D6C000]@0 24c.e17 @ chrome.exe!chrome_elf.dll!strcmp
│ Source: C:\b\s\w\ir\cache\builder\src\third_party\llvm\compiler-rt\lib\sanitizer_common\sanitizer_common_interceptors.inc @ 440
│ Description: An Access Violation exception happened at 0x42F97714000 while write reserved but unallocated memory at 0x42F97714000-0x11E331480000.
│ Security impact: Potentially exploitable security issue, if the address can be controlled, or memory be allocated at the address rather than reserved.
│ Version: chrome.exe 86.0.4239.0 (x64)
│ chrome_elf.dll 86.0.4239.0 (x64)
│ Bug report: AVW.Reserved[0xDB399D6C000]@0 24c.e17 @ chrome.exe!chrome_elf.dll!strcmp.html (67959 bytes)
└───────────────────────────────────────────────────────────────────────────────
when I exec the chromium in cmd.exe , it can open and works, but output error string:
Since Chrome is crashing with an Access Violation, this does not look like a bug in BugId but instead it is probably a problem in your build. I cannot help you fix your build unfortunately.
I use the tool on chrome from google ,it works ok! but when i use the fuzz.cmd to fuzz chrome that compiled by myself, it quit immediately and outputs as follows..
when I exec the chromium in cmd.exe , it can open and works, but output error string:
C:\Fuzzing>C:\Fuzzing\asan\chrome.exe --enable-experimental-accessibility-features --enable-experimental-canvas-features --enable-experimental-input-view-features --enable-experimental-web-platform-features --enable-logging=stdout --enable-usermedia-screen-capturing --enable-viewport --enable-webgl-draft-extensions --enable-webvr --expose-internals-for-testing --disable-popup-blocking --disable-prompt-on-repost --force-renderer-accessibility --javascript-harmony --js-flags="--expose-gc" --no-sandbox file://C:\Fuzzing\Tests\index.html [0824/153109.956:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153120.971:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153121.518:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153129.018:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153137.615:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153138.443:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [0824/153201.654:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0) [2468:3684:0824/153204.031:ERROR:device_event_log_impl.cc(208)] [15:32:04.019] Bluetooth: bluetooth_adapter_winrt.cc:1076 Getting Default Adapter failed. [0824/153204.578:ERROR:logging_chrome.cc(154)] Invalid logging destination: stdout: 操作成功完成。 (0x0)