search

microsoft / onefuzz

A self-hosted Fuzzing-As-A-Service platform
MIT License
2.82k stars 199 forks source link

Exclude ASAN runtime from minimized stacktrace #3336

Open Porges opened 1 year ago

Porges commented 1 year ago

Starts to address #3335.

On Linux, the ASAN runtime was being excluded via module name; on Windows this was not done, but ASAN functions were excluded by function name. However, when symbols are not available this doesn't function properly, so we also need to exclude by module name.

Also add a bunch of testcases generated by the LibFuzzer integration-test sample included in OneFuzz.

codecov-commenter commented 1 year ago

Codecov Report

Merging #3336 (a9ac78e) into main (62c3f07) will increase coverage by 0.00%. The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #3336   +/-   ##
=======================================
  Coverage   31.83%   31.84%           
=======================================
  Files         307      307           
  Lines       37358    37361    +3     
=======================================
+ Hits        11894    11897    +3     
  Misses      25464    25464
Files Changed Coverage Δ
src/agent/libclusterfuzz/src/lib.rs 100.00% <100.00%> (ø)
src/agent/stacktrace-parser/src/asan.rs 100.00% <100.00%> (ø)
src/agent/stacktrace-parser/src/dotnet.rs 100.00% <100.00%> (ø)
Porges commented 1 year ago

@tevoinea Is this going to make debugging asan bugs harder since we're going to filter it out of the stack trace? Or do we still keep the whole unfiltered stack trace anyway?

We keep both around. However, I'll start using the top stack frame in #3337.

We do also use the minimized stack hash for deduplication, so this has the potential to re-file existing bugs.