Manishearth
commented
4 years ago Also, given that our use of Arbitrary is nicely hidden, without this feature users of Arbitrary basically have to figure this out themselves.
Closed Manishearth closed 4 years ago
Manishearth
commented
4 years ago Also, given that our use of Arbitrary is nicely hidden, without this feature users of Arbitrary basically have to figure this out themselves.
Manishearth
commented
4 years ago That said, it would be nice if cargo fuzz had a mode for debugging where it could be called with a file and a fuzz target and it feeds the file to the fuzz target via Arbitrary.
Shnatsel
commented
4 years ago https://github.com/rust-fuzz/honggfuzz-rs provides a mode where it runs the binary with a specific input in debug mode. You can invoke that with one command after discovering the issue in release mode.
Manishearth
commented
4 years ago @fitzgen ultimately what do you think we should do here? Once https://github.com/rust-fuzz/libfuzzer-sys/pull/51 lands , the approach in #48 won't work anymore, but we can add that hook a bit differently to make it work again. Alternatively, we can parse the output in cargo-fuzz to get the artifact path and re-invoke it in a "format" mode.
fitzgen
commented
4 years ago Alternatively, we can parse the output in cargo-fuzz to get the artifact path and re-invoke it in a "format" mode.
I think this approach makes sense.
fitzgen
commented
4 years ago Fixed in #53
Currently we just output the string as a list of bytes and as a string, but given that we use Arbitrary types it would be nice if we could Debug the output whenever possible.
This would need https://github.com/rust-fuzz/libfuzzer-sys/issues/46 and another patch to libfuzzer to support custom formatters.