Closed Daft-Wullie closed 3 years ago
For analysis, here is a package with:
You can reproduce with:
../beaconfuzz_v2 debug beacon_0298.ssz voluntary_exit.ssz voluntaryexit
FYI,
BeaconStateError(CommitteeCacheUninitialized(Some(Current)))
This look more like a bug into the fuzzer itself than a bug in lighthouse. @zedt3ster @gnattishness , Can you confirm this line should not be commented ? https://github.com/sigp/beacon-fuzz/blob/master/beaconfuzz_v2/libs/lighthouse/src/voluntary_exit.rs#L16
Yup that's correct. We need to build the committee cache every epoch.
fixed with: a99115b55c68e0f793882c00a9f5853586250985
new beaconfuzz output:
[LIGHTHOUSE] SSZ decoding true
[LIGHTHOUSE] Ok(())
[LIGHTHOUSE] Processing true
[PRYSM] Processing true
[NIMBUS] Processing true
I've identified a fuzzer crash and am contributing to the security of Ethereum 2!
I've done and provided the following:
[FUZZ]
issue already refers to that crasherbeacon-fuzz
version or commit used.Info to Reproduce
Command run: e.g.
make fuzz_voluntary_exit-struct
Crasher file name: crash-7085c8644d273e71ce76bae2e8f0ed7e08adea95 crash-7085c8644d273e71ce76bae2e8f0ed7e08adea95.zip
Beaconstate to replicate: 4931bbe36f820db3e798e9b06c52e1b2.ssz (i think, not sure as i had multiple PIDs,wasn't monitoring closely)
Client exercised: prysm(?)
Fuzzing engine used (if applicable): libfuzzer
Crash output and stacktrace
re run crasher file with
ETH2FUZZ_BEACONSTATE=../eth2fuzz/workspace/corpora/beaconstate cargo +nightly fuzz run struct_voluntary_exit fuzz/artifacts/struct_voluntary_exit/crash-7085c8644d273e71ce76bae2e8f0ed7e08adea95
and got:Your Environment