[FUZZ] Beaconfuzz_v2 crash-d45a1df87dfe426660e79ef2a93d6daeff86d635 in attester_slashing

[Daft-Wullie]

I've identified a fuzzer crash and am contributing to the security of Ethereum 2!

I've done and provided the following:

• [x] Checked to see if any other [FUZZ] issue already refers to that crasher
• [x] Attached the crashing input (either attached to the issue as a .zip or .gz, or as a link to a file sharing service)
• [x] Noted the beacon-fuzz version or commit used.
• [x] Provided crash output
• [x] Noted the command or fuzzer used to generate the crash
• [x] Name of the original crash file
• [x] (Optional but optimal) Checked if the crash can be consistently replicated by re-running the input.

Info to Reproduce

• Command run: e.g. make fuzz_attester-slashing-struct

• Crasher file name: crash-d45a1df87dfe426660e79ef2a93d6daeff86d635 crash-d45a1df87dfe426660e79ef2a93d6daeff86d635.zip

• Client exercised: nimbus(?)

• Fuzzing engine used (if applicable): libfuzzer

Crash output and stacktrace

     Running `fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing -artifact_prefix=/root/beacon-fuzz/beaconfuzz_v2/fuzz/artifacts/struct_attester_slashing/ fuzz/artifacts/struct_attester_slashing/crash-d45a1df87dfe426660e79ef2a93d6daeff86d635`
INFO: Seed: 3867144800
INFO: Loaded 1 modules   (201889 inline 8-bit counters): 201889 [0x55be5050e241, 0x55be5053f6e2),
INFO: Loaded 1 PC tables (201889 PCs): 201889 [0x55be5053f6e8,0x55be508540f8),
fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing: Running 1 inputs 1 time(s) each.
Running: fuzz/artifacts/struct_attester_slashing/crash-d45a1df87dfe426660e79ef2a93d6daeff86d635
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Could not get rough time result: no reply     prefix=roughtime
ERRO[0018] Failed to calculate roughtime offset          error="no valid responses" prefix=roughtime
thread '<unnamed>' panicked at 'assertion failed: `(left == right)`
  left: `false`,
 right: `true`', /root/beacon-fuzz/beaconfuzz_v2/libs/eth2clientsfuzz/src/attester_slashing.rs:39:17
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Traceback (most recent call last, using override)
/root/nim-beacon-chain/vendor/nimbus-build-system/vendor/Nim/lib/system/excpt.nim(614) signalHandler
SIGABRT: Abnormal termination.
==266335== ERROR: libFuzzer: fuzz target exited
    #0 0x55be4ce8d901  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xc0c901)
    #1 0x55be4f35d620  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30dc620)
    #2 0x55be4f36846b  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30e746b)
    #3 0x7f7cbe54da26  (/lib/x86_64-linux-gnu/libc.so.6+0x49a26)
    #4 0x7f7cbe54dbdf  (/lib/x86_64-linux-gnu/libc.so.6+0x49bdf)
    #5 0x55be4d0ce6f7  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xe4d6f7)
    #6 0x7f7cbe54a20f  (/lib/x86_64-linux-gnu/libc.so.6+0x4620f)
    #7 0x7f7cbe54a18a  (/lib/x86_64-linux-gnu/libc.so.6+0x4618a)
    #8 0x7f7cbe529858  (/lib/x86_64-linux-gnu/libc.so.6+0x25858)
    #9 0x55be4f40e076  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x318d076)
    #10 0x55be4f3f7105  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x3176105)
    #11 0x55be4f32c8c6  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30ab8c6)
    #12 0x55be4f3fe417  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x317d417)
    #13 0x55be4f3fdfc8  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x317cfc8)
    #14 0x55be4f3f93fb  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x31783fb)
    #15 0x55be4f3fdf88  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x317cf88)
    #16 0x55be4f3fdf3a  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x317cf3a)
    #17 0x55be4cfad801  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xd2c801)
    #18 0x55be4cf3d8e3  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xcbc8e3)
    #19 0x55be4f32c8f0  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30ab8f0)
    #20 0x55be4f32c54f  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30ab54f)
    #21 0x55be4f3688cc  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30e78cc)
    #22 0x55be4f32f509  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30ae509)
    #23 0x55be4f339302  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0x30b8302)
    #24 0x55be4ce0a4b6  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xb894b6)
    #25 0x7f7cbe52b0b2  (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
    #26 0x55be4ce0a65d  (/root/beacon-fuzz/beaconfuzz_v2/fuzz/target/x86_64-unknown-linux-gnu/release/struct_attester_slashing+0xb8965d)

SUMMARY: libFuzzer: fuzz target exited

Your Environment

• Fuzzer ran: Beaconfuzz_v2
• Version/Commit used: latest
• Operating System and version: Ubuntu 20.04

[Daft-Wullie]

highly likely that this is a duplicate of #61 but since crasher filename is unique i'm reporting it nonetheless in case it's something different.

[zedt3ster]

Thanks for reporting @Daft-Wullie - confirming this is a duplicate of #61