failed to run custom build command for `ziggy-honggfuzz v0.5.55`

[lrubasze]

Hi, trying to play a bit with ziggy, but unfortunately encountered an issue when building ziggy-honggfuzz v0.5.55.

I am using Ubuntu 20.04.6 ziggy repo commit: 0b49b7bdbd482693f1dfa2eeab5a8a348ad56765 Followed an example from this README

And the last step fails producing below log:

$ cargo ziggy fuzz
    Building afl
    Finished dev [unoptimized + debuginfo] target(s) in 0.02s
    Finished afl
    Building honggfuzz
   Compiling ziggy-honggfuzz v0.5.55
error: failed to run custom build command for `ziggy-honggfuzz v0.5.55`

Caused by:
  process didn't exit successfully: `/work/rdx/ziggy/ziggy.git/examples/url/./target/honggfuzz/release/build/ziggy-honggfuzz-41f2949c738d2ebe/build-script-build` (exit status: 101)
  --- stdout
  make: Entering directory '/home/rubin/.cargo/registry/src/index.crates.io-6f17d22bba15001f/ziggy-honggfuzz-0.5.55/honggfuzz'
  rm -f -r core Makefile.bak cmdline.o display.o fuzz.o honggfuzz.o input.o mangle.o report.o sanitizers.o socketfuzzer.o subproc.o linux/arch.o linux/bfd.o linux/perf.o linux/pt.o linux/trace.o linux/unwind.o honggfuzz hfuzz_cc/hfuzz-cc libhfuzz/libhfuzz.a libhfuzz/libhfuzz.so libhfuzz/fetch.o libhfuzz/instrument.o libhfuzz/linux.o libhfuzz/memorycmp.o libhfuzz/performance.o libhfuzz/persistent.o libhfcommon/libhfcommon.a libhfcommon/files.o libhfcommon/log.o libhfcommon/ns.o libhfcommon/util.o libhfnetdriver/libhfnetdriver.a libhfnetdriver/netdriver.o  obj libs ./*.o ./*~ ./core ./*.a ./*.dSYM ./*.la ./*.so ./*.dylib linux/*.o linux/*~ linux/core linux/*.a linux/*.dSYM linux/*.la linux/*.so linux/*.dylib mac/*.o mac/*~ mac/core mac/*.a mac/*.dSYM mac/*.la mac/*.so mac/*.dylib netbsd/*.o netbsd/*~ netbsd/core netbsd/*.a netbsd/*.dSYM netbsd/*.la netbsd/*.so netbsd/*.dylib posix/*.o posix/*~ posix/core posix/*.a posix/*.dSYM posix/*.la posix/*.so posix/*.dylib libhfuzz/*.o libhfuzz/*~ libhfuzz/core libhfuzz/*.a libhfuzz/*.dSYM libhfuzz/*.la libhfuzz/*.so libhfuzz/*.dylib libhfcommon/*.o libhfcommon/*~ libhfcommon/core libhfcommon/*.a libhfcommon/*.dSYM libhfcommon/*.la libhfcommon/*.so libhfcommon/*.dylib libhfnetdriver/*.o libhfnetdriver/*~ libhfnetdriver/core libhfnetdriver/*.a libhfnetdriver/*.dSYM libhfnetdriver/*.la libhfnetdriver/*.so libhfnetdriver/*.dylib
  make: Leaving directory '/home/rubin/.cargo/registry/src/index.crates.io-6f17d22bba15001f/ziggy-honggfuzz-0.5.55/honggfuzz'
  make: Entering directory '/home/rubin/.cargo/registry/src/index.crates.io-6f17d22bba15001f/ziggy-honggfuzz-0.5.55/honggfuzz'
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o cmdline.o cmdline.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o display.o display.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o fuzz.o fuzz.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o honggfuzz.o honggfuzz.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o input.o input.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o mangle.o mangle.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o report.o report.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o sanitizers.o sanitizers.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o socketfuzzer.o socketfuzzer.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o subproc.o subproc.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o linux/arch.o linux/arch.c
  cc -c -O3 -mtune=native -funroll-loops -std=c11 -I/usr/local/include -D_GNU_SOURCE -Wall -Wextra -Werror -Wno-format-truncation -Wno-override-init -I. -D_FILE_OFFSET_BITS=64 -finline-limit=4000 -D_HF_ARCH_LINUX -g -ggdb -g3  -o linux/bfd.o linux/bfd.c
  make: Leaving directory '/home/rubin/.cargo/registry/src/index.crates.io-6f17d22bba15001f/ziggy-honggfuzz-0.5.55/honggfuzz'

  --- stderr
  linux/bfd.c:202:21: error: ‘enum disassembler_style’ declared inside parameter list will not be visible outside of this definition or declaration [-Werror]
    202 |     void* buf, enum disassembler_style style HF_ATTR_UNUSED, const char* fmt, ...) {
        |                     ^~~~~~~~~~~~~~~~~~
  linux/bfd.c:202:40: error: parameter 2 (‘style’) has incomplete type
    202 |     void* buf, enum disassembler_style style HF_ATTR_UNUSED, const char* fmt, ...) {
  linux/bfd.c: In function ‘arch_bfdDisasm’:
  linux/bfd.c:249:9: error: cast between incompatible function types from ‘void (*)(struct disassemble_info *, void *, int (*)(void *, const char *, ...))’ to ‘void (*)(void *, void *, void *, void *)’ [-Werror=cast-function-type]
    249 |         (void (*)(void*, void*, void*, void*))init_disassemble_info;
        |         ^
  In file included from ./libhfcommon/util.h:28,
                   from ./honggfuzz.h:39,
                   from ./sanitizers.h:26,
                   from ./linux/unwind.h:27,
                   from ./linux/bfd.h:32,
                   from linux/bfd.c:26:
  linux/bfd.c: In function ‘arch_bfdFPrintFStyled’:
  linux/bfd.c:204:5: error: ‘va_start’ used in function with fixed args
    204 |     va_start(args, fmt);
        |     ^~~~~~~~
  cc1: all warnings being treated as errors
  make: *** [Makefile:279: linux/bfd.o] Error 1
  thread 'main' panicked at 'assertion failed: status.success()', /home/rubin/.cargo/registry/src/index.crates.io-6f17d22bba15001f/ziggy-honggfuzz-0.5.55/build.rs:49:5
  note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
Error: Failure running fuzzers

Caused by:
    0: Failed to build the fuzzers
    1: Error building honggfuzz fuzzer: Exited with Some(101)

Could you please advise how to fix this problem?

[louismerlin]

Hello Lukasz! We also uncovered the bug after deploying ziggy-v0.7.0 last week, and are working on a fix. Our temporary patch is to use the --no-honggfuzz flag to only use AFL++ fuzzing.

[lrubasze]

Yeah, using this flag too :) Is there some ziggy version, which is not affected?

[louismerlin]

Anything before 0.7.0 should work with honggfuzz, but there are many cool changes in 0.7.0, so we are using it anyways until the bug is fixed.

[lrubasze]

True, changes are really impressive. Cannot wait to have it working with honggfuzz! Good luck :)

[vanhauser-thc]

this has nothing to do with ziggy but is a bug in honggfuzz that is apparently difficult to fix. this is due some weird side effect of an unknown package or version that is installed on (older) Debian/Ubuntu it seems.

see https://github.com/google/honggfuzz/issues/490

[louismerlin]

Fixed with https://github.com/srlabs/ziggy/commit/57a12927d87127faf51759dab540d3bc81446494 in 0.7.1, which I just published.

Make sure to cargo install ziggy and update the version in your Cargo.toml :singer:

[lrubasze]

That was quick! Works like a charm on Ubuntu. Thanks 👏