cmeister2
commented
2 years ago Thanks for the report! I'll try and look into it shortly.
Open shao-hua-li opened 2 years ago
cmeister2
commented
2 years ago Thanks for the report! I'll try and look into it shortly.
shao-hua-li
commented
2 years ago Thanks for the report! I'll try and look into it shortly.
BTW, I disabled all sanitizers when compiling.
cmeister2
commented
2 years ago @shao-hua-li I've tried to build the fuzzers using docker's gcc:11 image and I'm struggling to get there; mostly having issues in building curl itself statically.
Did you have to do anything radical to get this building on your local system?
shao-hua-li
commented
2 years ago @shao-hua-li I've tried to build the fuzzers using docker's gcc:11 image and I'm struggling to get there; mostly having issues in building curl itself statically.
Did you have to do anything radical to get this building on your local system?
Hi, I did the following:
gcc and g++mainline.sh and compiled standalone_fuzz_target_runner.cc to libstandaloneengine.acmeister2
commented
2 years ago I don't appear to be able to reproduce this using docker versions of gcc-11 and clang-13. The only potential difference here is that the 3 line multistate macro call in multi.c is attributed to line 2028 in gcc, and 2030 in clang.
--- diff_line_number.gcc11.txt 2021-12-16 13:52:34.335167312 +0000
+++ diff_line_number.clang13.txt 2021-12-16 14:17:14.783114645 +0000
@@ -1,20 +1,20 @@
-* STATE: INIT => CONNECT handle 0x1908288; line 1835 (connection #-5000)
+* STATE: INIT => CONNECT handle 0x622000000108; line 1835 (connection #-5000)
* Connecting to hostname: 127.0.1.127
* Added connection 0. The cache now contains 1 members
* family0 == v4, family1 == v6
* Trying 127.0.1.127:80...
* Could not set TCP_NODELAY: Operation not supported
-* STATE: CONNECT => CONNECTING handle 0x1908288; line 1896 (connection #0)
+* STATE: CONNECT => CONNECTING handle 0x622000000108; line 1896 (connection #0)
* Connected to 127.0.1.127 () port 80 (#0)
-* STATE: CONNECTING => PROTOCONNECT handle 0x1908288; line 2028 (connection #0)
-* STATE: PROTOCONNECT => DO handle 0x1908288; line 2051 (connection #0)
+* STATE: CONNECTING => PROTOCONNECT handle 0x622000000108; line 2030 (connection #0)
+* STATE: PROTOCONNECT => DO handle 0x622000000108; line 2051 (connection #0)
> GET / HTTP/1.1
Host: 127.0.0.1
Accept: */*
-Accept-Encoding: deflate, gzip, br
+Accept-Encoding: deflate, gzip
-* STATE: DO => DID handle 0x1908288; line 2147 (connection #0)
-* STATE: DID => PERFORMING handle 0x1908288; line 2266 (connection #0)
+* STATE: DO => DID handle 0x622000000108; line 2147 (connection #0)
+* STATE: DID => PERFORMING handle 0x622000000108; line 2266 (connection #0)
* Mark bundle as not supporting multiuse
* HTTP 1.1 or later with persistent connection
< HTTP/1.1 200 OK
@@ -23,11 +23,11 @@
< Content-Length: 110
< Content-Encoding: gzip
<
-* STATE: PERFORMING => DONE handle 0x1908288; line 2465 (connection #0)
+* STATE: PERFORMING => DONE handle 0x622000000108; line 2465 (connection #0)
* multi_done: status: 0 prem: 0 done: 0
* Connection #0 to host 127.0.1.127 left intact
-* Expire cleared (transfer 0x1908288)
-[./diff_line_number] Opened.. Read 278 bytes, fuzzing.. TLV: type 1 length 17
+* Expire cleared (transfer 0x622000000108)
+[../diff_line_number] Opened.. Read 278 bytes, fuzzing.. TLV: type 1 length 17
Check length of data: 23
Remaining length of data: 278
TLV: type 2 length 243If that is the same result as yours - I don't think there's much we can do about it. I don't know if __LINE__ behaviour is defined differently in both compilers.
shao-hua-li
commented
2 years ago Hi, I also observed that the Accept-Encoding:xxx were different between them.
Hi there,
I compiled
curl-fuzzerusing./mainline.shwithgcc11andclang13separately. I found that for some inputs, the two compiledcurl_fuzzerwould emit different results.Let
curl_fuzzer_gcc11denotegcc11compiledcurl_fuzzer;curl_fuzzer_clang13denoteclang13compiled one. Reproduce as follows: