search

rust-fuzz / targets

🎯 A collection of fuzzing targets written in Rust.
Creative Commons Zero v1.0 Universal
105 stars 21 forks source link

libfuzzer integration doesn't seem to be working #128

Open frewsxcv opened 6 years ago

frewsxcv commented 6 years ago

cargo run -v target pulldown_cmark_read --fuzzer libfuzzer on master:

     Running `/Users/corey/dev/targets/target/x86_64-apple-darwin/debug/pulldown_cmark_read  /Users/corey/dev/targets/fuzzer-libfuzzer/corpus-pulldown_cmark_read /Users/corey/dev/targets/common/seeds/pulldown_cmark_read`
WARNING: Failed to find function "__sanitizer_print_stack_trace". Reason dlsym(RTLD_DEFAULT, __sanitizer_print_stack_trace): symbol not found.
WARNING: Failed to find function "__sanitizer_set_death_callback". Reason dlsym(RTLD_DEFAULT, __sanitizer_set_death_callback): symbol not found.
INFO: Seed: 20030479
INFO: Loaded 1 modules   (12902 guards): 12902 [0x10bfc9360, 0x10bfd5cf8), 
No such directory: ; exiting
Fuzzer quit

cargo run -v target pulldown_cmark_read --fuzzer libfuzzer on master after running cargo update -p libfuzzer-sys:

     Running `/Users/corey/dev/targets/target/x86_64-apple-darwin/debug/pulldown_cmark_read  /Users/corey/dev/targets/fuzzer-libfuzzer/corpus-pulldown_cmark_read /Users/corey/dev/targets/common/seeds/pulldown_cmark_read`
WARNING: Failed to find function "__sanitizer_acquire_crash_state". Reason dlsym(RTLD_DEFAULT, __sanitizer_acquire_crash_state): symbol not found.
WARNING: Failed to find function "__sanitizer_print_stack_trace". Reason dlsym(RTLD_DEFAULT, __sanitizer_print_stack_trace): symbol not found.
WARNING: Failed to find function "__sanitizer_set_death_callback". Reason dlsym(RTLD_DEFAULT, __sanitizer_set_death_callback): symbol not found.
INFO: Seed: 962144173
INFO: Loaded 1 modules   (12902 guards): 12902 [0x10bf82520, 0x10bf8eeb8), 
No such file or directory: ; exiting
Fuzzer quit

I noticed the rust-fuzz/cargo-fuzz libfuzzer flags don't match the rust-fuzz/targets libfuzzer flags. I made the rust-fuzz/targets flags match the other ones, which got rid of the symbol not found errors, but I still hit the No such file or directory: ; exiting error. No idea where this is coming from.

frewsxcv commented 6 years ago

Also the Rust + libfuzzer integration is working for me for other crates, just not this one.

evverx commented 3 years ago

Judging by "No such file or directory: ; exiting" it seems to be the same issue I ran into and fixed in https://github.com/rust-fuzz/targets/pull/138. There I started to pass -max_total_time=0 instead of an empty string to make libFuzzer stop treating that argument as a directory.