Closed akhikolla closed 2 years ago
Could you help me reproduce the error or point to the code to run the example?
Here I check using valgrind:
> R -d valgrind
x <- matrix(c(0,0,0,0,0), ncol=1)
qsave(x, file="/tmp/temp.qs")
# no error message
Looking at the error message, it points to the destructor of CompressBuffer
class and then to std::vector
. I'm not sure how an address issue is possible there. Is it possibly a false positive?
Any help you can give would be appreciated as I'd like to learn more about fuzz testing.
Hello,
I used qs package to save all my R data types inside of a testharness and In one of those harnesses when I run the code in presence of the sanitizer and libfuzzer I get the following Issue.
I tried to save the following R Numeric matrix in the qs file.
It shows there is an issue with the qread function :
c_qsave(SEXPREC*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, int, int, bool, int) /tmp/RtmpshnRLQ/R.INSTALL9e85cfad4d6a/qs/src/qs_functions.cpp:83:73
The complete sanitizer and fuzzer stack trace:
`==650655==AddressSanitizer CHECK failed: /build/llvm-toolchain-10-yegZYJ/llvm-toolchain-10-10.0.0/compiler-rt/lib/asan/asan_allocator.cpp:142 "((m->chunk_state)) == ((CHUNK_QUARANTINE))" (0x0, 0x3)
0 0x52ce5e in __asan::AsanCheckFailed(char const, int, char const, unsigned long long, unsigned long long) (/home/akhila/fuzzer_packages/fuzzedpackages/Benchmarking/inst/testfiles/chol_LO/libFuzzer_chol_LO/chol_LO_DeepState_TestHarness+0x52ce5e)