Closed Volker-Weissmann closed 2 years ago
Hey Volker, thanks for bringing this to our attention. I wasn't able to recreate this locally, even using the 2.0.9 atheris release. Can we assume you've tried following the steps at https://github.com/google/atheris/blob/master/README.md#why-am-i-getting-no-interesting-inputs-were-found? Also, I still see the warnings from the issue title when using atheris 2.0.9, do you believe these warnings are directly related to the error, and if so why?
$ python fuzzing_example.py
INFO: Instrumenting struct
INFO: Instrumenting _struct
WARNING: It looks like this module is imported by a custom loader. Atheris has experimental support for this. However
, it may be incompatible with certain libraries. If you experience unusual errors or poor coverage collection, try at
heris.instrument_all() instead, add enable_loader_override=False to instrument_imports(), or file an issue on GitHub.
INFO: Instrumenting example_library
INFO: Using built-in libfuzzer
WARNING: Failed to find function "__sanitizer_acquire_crash_state".
WARNING: Failed to find function "__sanitizer_print_stack_trace".
WARNING: Failed to find function "__sanitizer_set_death_callback".
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 832493877
INFO: -max_len is not provided; libFuzzer will not generate inputs larger than 4096 bytes
INFO: A corpus is not provided, starting from an empty corpus
#2 INITED cov: 2 ft: 2 corp: 1/1b exec/s: 0 rss: 35Mb
#4 NEW cov: 5 ft: 5 corp: 2/5b lim: 4 exec/s: 0 rss: 35Mb L: 4/4 MS: 2 InsertByte-CopyPart-
=== Uncaught Python exception: ===
RuntimeError: Number was seventeen!
Traceback (most recent call last):
File "/usr/local/google/home/aidenhall/ath-github-test/src/example_fuzzers/fuzzing_example.py", line 45, in TestOne
Input
example_library.CodeBeingFuzzed(number)
File "/usr/local/google/home/aidenhall/ath-github-test/src/example_fuzzers/example_library.py", line 19, in CodeBei
ngFuzzed
raise RuntimeError('Number was seventeen!')
==2239698== ERROR: libFuzzer: fuzz target exited
SUMMARY: libFuzzer: fuzz target exited
MS: 3 ChangeBit-CMP-ChangeBit- DE: "\x01\x00\x00\x00"-; base unit: be07e0bd43fa2e40026f7b6b972ce6ed62b4b5b0
0x11,0x0,0x0,0x0,
\x11\x00\x00\x00
artifact_prefix='./'; Test unit written to ./crash-498bcbf6cbffcc8dd2623f388d81f44cfad1014d
Base64: EQAAAA==
Turns out, I'm just really, really stupid. The example in your Readme works fine, what does not work is this old blogpost (unless you add @atheris.instrument_func).
I tried to reproduce the example, but failed:
Building from source shows the same problem.
System Information:
OS: ArchLinux
The llvm fuzzer seems to be working: