report.crash_site returns frame 0 of the stack. Sometimes its not relevant

microsoft / onefuzz

A self-hosted Fuzzing-As-A-Service platform

MIT License

2.82k stars 199 forks source link

report.crash_site returns frame 0 of the stack. Sometimes its not relevant #3335

Open mgreisen opened 1 year ago

mgreisen commented 1 year ago

When returning the crash_site we should do some analysis and walk the frame down to what's relevant removing asan code.

AB#162904

Porges commented 1 year ago

What we call crash_site is really (in most cases) currently the SUMMARY line given to us by ASan.

This generally has the format "AddressSanitizer: {fault_type} ({top_frame})".

If we want to point to a relevant stack frame instead of the one that ASan reports, we could instead generate our own in a very similar format: "{crash_finder}: {fault_type} ({top_frame_of_minimized_stack})". This should reduce the amount of churn during changeover between the old and new formats.