Closed saarshah closed 5 years ago
Hi @saarshah, Thank you for filling a bug report! I think I see your issue but next time please include a lot more information about your environment like:
rustc --version
cargo --version
RUST_BACKTRACE=full
I can see that the panic happened at https://github.com/rust-fuzz/honggfuzz-rs/blob/master/build.rs#L38
So there is a problem while executing make -C honggfuzz clean
, it says it can't find the clean target.
This make target is situated in a git submodule and it looks like it's not there. So the way you copied the source code didn't include this submodule.
I'm guessing you downloaded the source code using github's "Download as Zip" feature, or some broken version of git.
I recommend you try again using git clone https://github.com/rust-fuzz/honggfuzz-rs.git
.
Please report back to me if it worked :-)
rustc --version rustc 1.37.0-nightly (de7c4e423 2019-06-23) cargo --version cargo 1.37.0-nightly (807429e1b 2019-06-11) WSL : Ubuntu 18.04.2 LTS
Yes, i did Download as Zip. But now I try as per your direction which produced following error with RUST_BACKTRACE=full cargo hfuzz run example
/usr/bin/ld.gold
Compiling honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
error: failed to run custom build command for honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
Caused by:
process didn't exit successfully: /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/build/honggfuzz-e77bf1f3f654a6c3/build-script-build
(exit code: 101)
--- stdout
make: Entering directory '/mnt/c/Users/Ali/honggfuzz-rs/honggfuzz'
make: Leaving directory '/mnt/c/Users/Ali/honggfuzz-rs/honggfuzz'
--- stderr
make: *** No rule to make target 'clean'. Stop.
thread 'main' panicked at 'assertion failed: status.success()', /mnt/c/Users/Ali/honggfuzz-rs/build.rs:38:5
stack backtrace:
0: 0x7faf2741247b - backtrace::backtrace::libunwind::trace::h907ce7383424b07e
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.29/src/backtrace/libunwind.rs:88
1: 0x7faf2741247b - backtrace::backtrace::trace_unsynchronized::h88fba92b89048c46
at /cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.29/src/backtrace/mod.rs:66
2: 0x7faf2741247b - std::sys_common::backtrace::_print::h444e3aebae6724ea
at src/libstd/sys_common/backtrace.rs:47
3: 0x7faf2741247b - std::sys_common::backtrace::print::ha32c28a57fbd003b
at src/libstd/sys_common/backtrace.rs:36
4: 0x7faf2741247b - std::panicking::default_hook::{{closure}}::h5d874eb9c8e3c56f
at src/libstd/panicking.rs:198
5: 0x7faf27412157 - std::panicking::default_hook::h6912fef7d6db35f6
at src/libstd/panicking.rs:212
6: 0x7faf27412b40 - std::panicking::rust_panic_with_hook::h4ebb8e96e7fb9cfe
at src/libstd/panicking.rs:475
7: 0x7faf27406b35 - std::panicking::begin_panic::hfbbd1551687fd56a
8: 0x7faf27405fba - build_script_build::main::h93660b4b83eae34f
9: 0x7faf27405093 - std::rt::lang_start::{{closure}}::h68635e64660c1d51
10: 0x7faf27412593 - std::rt::lang_start_internal::{{closure}}::hb6db46c9377a73b3
at src/libstd/rt.rs:49
11: 0x7faf27412593 - std::panicking::try::do_call::h97abfd988ac056d1
at src/libstd/panicking.rs:294
12: 0x7faf274188aa - __rust_maybe_catch_panic
at src/libpanic_unwind/lib.rs:82
13: 0x7faf2741304d - std::panicking::try::h207cbec7645b2654
at src/libstd/panicking.rs:273
14: 0x7faf2741304d - std::panic::catch_unwind::h771b969ecd53353d
at src/libstd/panic.rs:388
15: 0x7faf2741304d - std::rt::lang_start_internal::h2cdd60760f380778
at src/libstd/rt.rs:48
16: 0x7faf27406192 - main
17: 0x7faf263c1b97 - __libc_start_main
18: 0x7faf27404f2a - _start
19: 0x0 -
Thank for the details!
You still have exactly the same error... So the submodule is still not initialized.
This is very probably not a bug in my project or something lacking in my instructions but probably something going weird with your setup.
Git is supposed to automatically initialize submodules but on your setup, it doesn't, maybe you could try to do it manually: git submodule update --init
in the honggfuzz-rs directory.
If the subdirectory honggfuzz
is still empty, you can still download manually its content at https://github.com/google/honggfuzz
.
When the source code of the upstream honggfuzz project will correctly be in the honggfuzz directory, everything should work fine.
After git submodule update --init
.. it started to work.. but with this output.. I think still not working..
Persistent signature found in 'hfuzz_target/x86_64-unknown-linux-gnu/release/example'. Enabling persistent fuzzing mode
cmdline:'hfuzz_target/x86_64-unknown-linux-gnu/release/example', bin:'hfuzz_target/x86_64-unknown-linux-gnu/release/example' inputDir:'hfuzz_workspace/example/input', fuzzStdin:false, mutationsPerRun:6, externalCommand:'', timeout:10, mutationsMax:0, threadsMax:4
------------------------[ 0 days 00 hrs 00 mins 00 secs ]----------------------
Iterations : 3
Mode [1/3] : Feedback Driven Dry Run
Target : hfuzz_target/x86_64-unknown-linux-gnu/release/example
Threads : 4, CPUs: 8, CPU%: 17% [2%/CPU]
Speed : 230/sec [avg: 0]
Crashes : 0 [unique: 0, blacklist: 0, verified: 0]
Timeouts : 0 [10 sec]
Corpus Size : 0, max: 8,192 bytes, init: 1 files
Cov Update : 0 days 00 hrs 00 mins 00 secs ago
Coverage : edge: 0 pc: 0 cmp: 0
---------------------------------- [ LOGS ] ------------------/ honggfuzz 1.9 /-
[2019-06-27T17:36:09+0800][W][21] sanitizers_AddFlag():111 The 'ASAN_OPTIONS' envar is already set. Not overriding it!
Entering phase 1/3: Dry Run
Launched new fuzzing thread, no. #0
Launched new fuzzing thread, no. #1
Launched new fuzzing thread, no. #2
Launched new fuzzing thread, no. #3
[2019-06-27T17:36:09+0800][W][21] input_setSize():62 ftruncate(run->dynamicFileFd=6, sz=1): Invalid argument
Entering phase 2/3: Switching to Dynamic Main (Feedback Driven Mode)
Persistent mode: Launched new persistent pid=32
[2019-06-27T17:36:09+0800][F][21] arch_checkWait():208 waitpid() failed: Invalid argument
[2019-06-27T17:36:09+0800][F][32] HonggfuzzFetchData():49 readFromFd(fd=1023, size=8) failed, received=0 bytes
Ok, it really looks like a bug or incomplete feature in WSL. Could you please give me the exact version of your windows version and if possible WSL? Also, could you please run the script test.sh at the root of the project and copy paste its output? Thank you
Window 10 Pro. 1903. (OS Build 18362.175) . WSL, I think is tied with windows , but I could found to exact version of WSL (actually, I don't know how to do !)
and here is output of ./test.sh , when I am at root of the honggfuzz-rs
saarshah@DESKTOP-FUC97DB:/mnt/c/Users/Ali/honggfuzz-rs$ ./test.sh
#!/bin/sh -ve
export RUST_BACKTRACE=full
git submodule update --init
cargo uninstall honggfuzz 2>/dev/null || true
cargo clean
cargo update
Updating crates.io index
# install cargo subcommands
cargo install --path . --force --verbose
Installing honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
Updating crates.io index
Compiling honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
Compiling arbitrary v0.2.0
Running `rustc --crate-name build_script_build build.rs --color always --crate-type bin --emit=dep-info,link -C opt-level=3 -C metadata=83704961d5675069 -C extra-filename=-83704961d5675069 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/target/release/build/honggfuzz-83704961d5675069 -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps`
Running `rustc --crate-name arbitrary /home/saarshah/.cargo/registry/src/github.com-1ecc6299db9ec823/arbitrary-0.2.0/src/lib.rs --color always --crate-type lib --emit=dep-info,metadata,link -C opt-level=3 -C metadata=bf85066c27e7b967 -C extra-filename=-bf85066c27e7b967 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/target/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps --cap-lints allow`
Running `/mnt/c/Users/Ali/honggfuzz-rs/target/release/build/honggfuzz-83704961d5675069/build-script-build`
Running `rustc --crate-name honggfuzz src/lib.rs --color always --crate-type lib --emit=dep-info,metadata,link -C opt-level=3 -C metadata=17559389b8368c04 -C extra-filename=-17559389b8368c04 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/target/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps --extern arbitrary=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps/libarbitrary-bf85066c27e7b967.rlib`
Running `rustc --crate-name cargo_honggfuzz src/bin/cargo-honggfuzz.rs --color always --crate-type bin --emit=dep-info,link -C opt-level=3 -C metadata=602ae1fa1413daa4 -C extra-filename=-602ae1fa1413daa4 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/target/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps --extern arbitrary=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps/libarbitrary-bf85066c27e7b967.rlib --extern honggfuzz=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps/libhonggfuzz-17559389b8368c04.rlib`
Running `rustc --crate-name cargo_hfuzz src/bin/cargo-hfuzz.rs --color always --crate-type bin --emit=dep-info,link -C opt-level=3 -C metadata=52238c7c29d9da4e -C extra-filename=-52238c7c29d9da4e --out-dir /mnt/c/Users/Ali/honggfuzz-rs/target/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps --extern arbitrary=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps/libarbitrary-bf85066c27e7b967.rlib --extern honggfuzz=/mnt/c/Users/Ali/honggfuzz-rs/target/release/deps/libhonggfuzz-17559389b8368c04.rlib`
Finished release [optimized] target(s) in 5.13s
Installing /home/saarshah/.cargo/bin/cargo-hfuzz
Installing /home/saarshah/.cargo/bin/cargo-honggfuzz
Installed package `honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)` (executables `cargo-hfuzz`, `cargo-honggfuzz`)
cargo hfuzz version
cargo-hfuzz 0.5.45
cd example
# run test.sh without sanitizers
RUSTFLAGS="" ./test.sh
#!/bin/sh -ve
export RUST_BACKTRACE=full
cargo clean
cargo update
Updating crates.io index
# run commands from this directory to check that they correctly find the root crate directory
[ -d subdirectory ] && rmdir subdirectory
mkdir subdirectory
cd subdirectory
cargo hfuzz clean
cd ..
# build example with instrumentation
cd subdirectory
cargo hfuzz build --verbose
/usr/bin/ld.gold
Compiling honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
Compiling lazy_static v1.3.0
Compiling arbitrary v0.2.0
Running `rustc --crate-name build_script_build /mnt/c/Users/Ali/honggfuzz-rs/build.rs --color always --crate-type bin --emit=dep-info,link -C opt-level=3 -C metadata=e77bf1f3f654a6c3 -C extra-filename=-e77bf1f3f654a6c3 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/build/honggfuzz-e77bf1f3f654a6c3 -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/deps`
Running `rustc --crate-name lazy_static /home/saarshah/.cargo/registry/src/github.com-1ecc6299db9ec823/lazy_static-1.3.0/src/lib.rs --color always --crate-type lib --emit=dep-info,metadata,link -C opt-level=3 -C metadata=0105bc1acaf20534 -C extra-filename=-0105bc1acaf20534 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps --target x86_64-unknown-linux-gnu -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/deps --cap-lints allow --cfg fuzzing -C debug-assertions -C overflow_checks -C opt-level=3 -C target-cpu=native -C debuginfo=0 -C passes=sancov -C llvm-args=-sanitizer-coverage-level=4 -C llvm-args=-sanitizer-coverage-trace-pc-guard -C llvm-args=-sanitizer-coverage-prune-blocks=0 -C llvm-args=-sanitizer-coverage-trace-divs -C llvm-args=-sanitizer-coverage-trace-compares -Clink-arg=-fuse-ld=gold`
Running `rustc --crate-name arbitrary /home/saarshah/.cargo/registry/src/github.com-1ecc6299db9ec823/arbitrary-0.2.0/src/lib.rs --color always --crate-type lib --emit=dep-info,metadata,link -C opt-level=3 -C metadata=53c56fe8ff53f4b0 -C extra-filename=-53c56fe8ff53f4b0 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps --target x86_64-unknown-linux-gnu -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/deps --cap-lints allow --cfg fuzzing -C debug-assertions -C overflow_checks -C opt-level=3 -C target-cpu=native -C debuginfo=0 -C passes=sancov -C llvm-args=-sanitizer-coverage-level=4 -C llvm-args=-sanitizer-coverage-trace-pc-guard -C llvm-args=-sanitizer-coverage-prune-blocks=0 -C llvm-args=-sanitizer-coverage-trace-divs -C llvm-args=-sanitizer-coverage-trace-compares -Clink-arg=-fuse-ld=gold`
Running `/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/build/honggfuzz-e77bf1f3f654a6c3/build-script-build`
Running `rustc --crate-name honggfuzz /mnt/c/Users/Ali/honggfuzz-rs/src/lib.rs --color always --crate-type lib --emit=dep-info,metadata,link -C opt-level=3 -C metadata=68c7a4e984b54e8d -C extra-filename=-68c7a4e984b54e8d --out-dir /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps --target x86_64-unknown-linux-gnu -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/deps --extern arbitrary=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps/libarbitrary-53c56fe8ff53f4b0.rlib --extern lazy_static=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps/liblazy_static-0105bc1acaf20534.rlib --cfg fuzzing -C debug-assertions -C overflow_checks -C opt-level=3 -C target-cpu=native -C debuginfo=0 -C passes=sancov -C llvm-args=-sanitizer-coverage-level=4 -C llvm-args=-sanitizer-coverage-trace-pc-guard -C llvm-args=-sanitizer-coverage-prune-blocks=0 -C llvm-args=-sanitizer-coverage-trace-divs -C llvm-args=-sanitizer-coverage-trace-compares -Clink-arg=-fuse-ld=gold -L native=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/build/honggfuzz-f40ec432855dceda/out -l static=hfuzz`
Compiling example v0.0.0 (/mnt/c/Users/Ali/honggfuzz-rs/example)
Running `rustc --crate-name example src/main.rs --color always --crate-type bin --emit=dep-info,link -C opt-level=3 -C metadata=6aaae76aa72c5a80 -C extra-filename=-6aaae76aa72c5a80 --out-dir /mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps --target x86_64-unknown-linux-gnu -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps -L dependency=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/deps --extern honggfuzz=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/deps/libhonggfuzz-68c7a4e984b54e8d.rlib --cfg fuzzing -C debug-assertions -C overflow_checks -C opt-level=3 -C target-cpu=native -C debuginfo=0 -C passes=sancov -C llvm-args=-sanitizer-coverage-level=4 -C llvm-args=-sanitizer-coverage-trace-pc-guard -C llvm-args=-sanitizer-coverage-prune-blocks=0 -C llvm-args=-sanitizer-coverage-trace-divs -C llvm-args=-sanitizer-coverage-trace-compares -Clink-arg=-fuse-ld=gold -L native=/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/x86_64-unknown-linux-gnu/release/build/honggfuzz-f40ec432855dceda/out`
Finished release [optimized] target(s) in 5.65s
cd ..
# clean and prepare hfuzz_workspace
workspace="hfuzz_workspace/example"
rm -rf $workspace
mkdir -p $workspace/input
# fuzz exemple
cd subdirectory
HFUZZ_RUN_ARGS="-v -N 10000000 --run_time 120 --exit_upon_crash" cargo hfuzz run example
/usr/bin/ld.gold
Finished release [optimized] target(s) in 0.57s
Persistent signature found in 'hfuzz_target/x86_64-unknown-linux-gnu/release/example'. Enabling persistent fuzzing mode
cmdline:'hfuzz_target/x86_64-unknown-linux-gnu/release/example', bin:'hfuzz_target/x86_64-unknown-linux-gnu/release/example' inputDir:'hfuzz_workspace/example/input', fuzzStdin:false, mutationsPerRun:6, externalCommand:'', timeout:10, mutationsMax:10000000, threadsMax:4
[2019-06-28T11:26:25+0800][W][686] input_getDirStatsAndRewind():122 No usable files in the input directory 'hfuzz_workspace/example/input'
[2019-06-28T11:26:25+0800][W][686] sanitizers_AddFlag():111 The 'ASAN_OPTIONS' envar is already set. Not overriding it!
Entering phase 1/3: Dry Run
Launched new fuzzing thread, no. #0
Launched new fuzzing thread, no. #1
Launched new fuzzing thread, no. #2
Launched new fuzzing thread, no. #3
[2019-06-28T11:26:25+0800][W][686] input_getNext():138 No useful files in the input directory
Entering phase 2/3: Switching to Dynamic Main (Feedback Driven Mode)
[2019-06-28T11:26:25+0800][W][686] input_getNext():138 No useful files in the input directory
[2019-06-28T11:26:25+0800][W][686] input_getNext():138 No useful files in the input directory
[2019-06-28T11:26:25+0800][W][686] input_getNext():138 No useful files in the input directory
Entering phase 3/3: Dynamic Main (Feedback Driven Mode)
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=6, sz=1): Invalid argument
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=7, sz=1): Invalid argument
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=8, sz=1): Invalid argument
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=9, sz=1): Invalid argument
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=6, sz=2): Invalid argument
Persistent mode: Launched new persistent pid=697
Persistent mode: Launched new persistent pid=698
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=9, sz=2): Invalid argument
[2019-06-28T11:26:25+0800][W][686] input_setSize():62 ftruncate(run->dynamicFileFd=6, sz=3): Invalid argument
[2019-06-28T11:26:25+0800][F][686] arch_checkWait():208 waitpid() failed: Invalid argument
saarshah@DESKTOP-FUC97DB:/mnt/c/Users/Ali/honggfuzz-rs$ [2019-06-28T11:26:25+0800][F][697] [2019-06-28T11:26:25+0800][F][698] [2019-06-28T11:26:25+0800][F][699] HonggfuzzFetchData():49 HonggfuzzFetchData():49 HonggfuzzFetchData():49 readFromFd(fd=1023, size=8) failed, received=0 bytesreadFromFd(fd=1023, size=8) failed, received=0 bytesreadFromFd(fd=1023, size=8) failed, received=0 bytes
[2019-06-28T11:26:25+0800][F][700] HonggfuzzFetchData():39 writeToFd(size=1, readyTag) failed
Thanks for the details, I think this is related to https://github.com/microsoft/WSL/issues/902. So it looks like it's a bug in WSL1 and the good news is that it'll be fixed in WSL2 :-)
The bug is triggered in the upstream project https://github.com/google/honggfuzz so I can't really directly apply a workaround myself but I also don't want to bother the upstream developer as WSL1 will be deprecated soon anyway..
So I think I'll close as "wontfix" because the issue is neither in honggfuzz
nor in honggfuzz-rs
and will anyway solve itself with WSL2.
If you are motived, it would be interesting if you could test WSL2 to verify that it works, but it's almost certain it does as WSL2 is using lower level virtualization.
Hi, I've just ran into the same problem. Do think that you could perhaps put some kind of warning stating that honggfuzz-rs does not work on WSL(1)?
I have followed the guidance provided here, but could not succeeded with following error..
error: failed to run custom build command for
honggfuzz v0.5.45 (/mnt/c/Users/Ali/honggfuzz-rs)
Caused by: process didn't exit successfully:
/mnt/c/Users/Ali/honggfuzz-rs/example/hfuzz_target/release/build/honggfuzz-e77bf1f3f654a6c3/build-script-build
(exit code: 101) --- stdout make: Entering directory '/mnt/c/Users/Ali/honggfuzz-rs/honggfuzz' make: Leaving directory '/mnt/c/Users/Ali/honggfuzz-rs/honggfuzz'--- stderr make: *** No rule to make target 'clean'. Stop. thread 'main' panicked at 'assertion failed: status.success()', /mnt/c/Users/Ali/honggfuzz-rs/build.rs:38:5 note: run with
RUST_BACKTRACE=1
environment variable to display a backtrace.warning: build failed, waiting for other jobs to finish... error: build failed