Halide
Halide copied to clipboard
halide
fuzz-testing failure in fuzz-cse
Running fuzz_cse with this input crashes:
testcase-5772724201914368.txt.zip
[ RUN ] LLVMFuzzer.TestOneInput
FUZZTEST_PRNG_SEED=sQOKwR2atJ_l1VqpeoqATsKji_5udIcThCNGLc7Putg
[.] Replaying /tmp/testcase-5772724201914368
[!] Code under test used 131152 bytes of stack. Configured limit is 131072. You can change the limit by specifying --fuzztest_stack_limit flag.
[*] Test diagnostics data written to: /usr/local/google/_blaze_srj/df3e5722da9e59d1a0a29d3e6eee921e/execroot/google3/blaze-out/k8-opt-asan/testlogs/third_party/halide/halide/test/fuzz_cse/test.test_diagnostics/b3e288249dd4a52a.part
=================================================================
=== Fuzzing stats
Elapsed time: 454.248299ms
Total runs: 1
Edges covered: 0
Total edges: 0
Corpus size: 0
Max stack used: 0
=================================================================
=== BUG FOUND!
third_party/googlefuzztest/llvm_fuzzer_wrapper.cc:173: Counterexample found for LLVMFuzzer.TestOneInput.
The test fails with input:
argument 0: {202, 91, 91, 91, 91, 91, 91, 116, 53, 50, 120, 95, 49, 54, 48, 53, 116, 225, 225, 225, 135, 225, 225, 221, 160, 225, 225, 225, 225, 50, 120, 95, 55, 120, 95, 49, 104, 239, 161, 140, 123, 48, 148, 86, 30, 56, 48, 189, 189, 189, 189, 189, 57, 50, 52, 167, 223, 167, 57, 116, 50, 48, 48, 57, 55, 51, 95, 48, 77, 158, 158, 77, 77, 77, 127, 127, 77, 4, 77, 84, 84, 0, 79, 77, 67, 77, 77, 76, 169, 122, 95, 49, 48, 123, 57, 73, 248, 250, 97, 180, 48, 140, 140, 77, 93, 77, 77, 95, 161, 204, 123, 86, 30, 56, 48, 123, 57, 50, 167, 167, 167, 57, 95, 48, 77, 77, 77, 163, 4, 77, 84, 84, 0, 79, 121, 252, 148, 22, 124, 73, 120, 218, 95, 180, 77, 77, 77, 95, 239, 70, 141, 239, 239, 187, 239, 246, 239, 122, 139, 55, 239, 239, 239, 50, 95, 52, 184, 0, 49, 122, 95, 51, 120, 120, 248, 248, 95, 0, 239, 239, 239, 239, 239, 122, 95, 55, 235, 239, 239, 50, 95, 52, 121, 95, 155, 152, 133, 152, 152, 152, 166, 0, 58, 95, 51}
=================================================================
=== Reproducer test
TEST(LLVMFuzzer, TestOneInputRegression) {
TestOneInput(
{202, 91, 91, 91, 91, 91, 91, 116, 53, 50, 120, 95, 49, 54, 48, 53, 116, 225, 225, 225, 135, 225, 225, 221, 160, 225, 225, 225, 225, 50, 120, 95, 55, 120, 95, 49, 104, 239, 161, 140, 123, 48, 148, 86, 30, 56, 48, 189, 189, 189, 189, 189, 57, 50, 52, 167, 223, 167, 57, 116, 50, 48, 48, 57, 55, 51, 95, 48, 77, 158, 158, 77, 77, 77, 127, 127, 77, 4, 77, 84, 84, 0, 79, 77, 67, 77, 77, 76, 169, 122, 95, 49, 48, 123, 57, 73, 248, 250, 97, 180, 48, 140, 140, 77, 93, 77, 77, 95, 161, 204, 123, 86, 30, 56, 48, 123, 57, 50, 167, 167, 167, 57, 95, 48, 77, 77, 77, 163, 4, 77, 84, 84, 0, 79, 121, 252, 148, 22, 124, 73, 120, 218, 95, 180, 77, 77, 77, 95, 239, 70, 141, 239, 239, 187, 239, 246, 239, 122, 139, 55, 239, 239, 239, 50, 95, 52, 184, 0, 49, 122, 95, 51, 120, 120, 248, 248, 95, 0, 239, 239, 239, 239, 239, 122, 95, 55, 235, 239, 239, 50, 95, 52, 121, 95, 155, 152, 133, 152, 152, 152, 166, 0, 58, 95, 51}
);
}
=================================================================
*** SIGABRT received by PID 3578141 (TID 3578141) on cpu 20 from PID 3578141; stack trace: ***
PC: @ 0x7fd6f0ece347 (unknown) gsignal
@ 0x55de1d0d0f8c 288 base/process_state.cc:1239 FailureSignalHandler()
@ 0x55de1c29414b 160 third_party/googlefuzztest/internal/runtime.cc:244 fuzztest::internal::HandleCrash()
@ 0x7fd6f10411c0 1313938976 (unknown)
@ 0x55de1c2a6013 144 third_party/googlefuzztest/internal/coverage.cc:170 fuzztest::internal::ExecutionCoverage::UpdateMaxStack()
@ 0x55de1c2a7279 48 third_party/googlefuzztest/internal/coverage.cc:389 __sanitizer_cov_trace_const_cmp4
@ 0x55de130913fb 160 blaze-out/k8-opt-asan/genfiles/third_party/halide/halide/src/halide_uppercase/Halide.h:3934 Halide::Type::Type()
@ 0x55de1312bc49 192 third_party/halide/halide/src/Type.h:536 Halide::Internal::LT::make()
@ 0x55de131ddfc3 160 third_party/halide/halide/src/IROperator.cpp:1771 Halide::operator<()
@ 0x55de143644ff 192 third_party/halide/halide/src/Simplify_LT.cpp:546 Halide::Internal::Simplify::visit()
@ 0x55de13fa159d 160 third_party/halide/halide/src/IRVisitor.h:208 Halide::Internal::VariadicVisitor<>::dispatch_expr<>()
@ 0x55de14754254 256 third_party/halide/halide/src/IRVisitor.h:346 Halide::Internal::Simplify::visit()
@ 0x55de13fa1035 160 third_party/halide/halide/src/IRVisitor.h:218 Halide::Internal::VariadicVisitor<>::dispatch_expr<>()
@ 0x55de1424f478 320 third_party/halide/halide/src/IRVisitor.h:346 Halide::Internal::Simplify::visit()
@ 0x55de13fa1212 160 third_party/halide/halide/src/IRVisitor.h:204 Halide::Internal::VariadicVisitor<>::dispatch_expr<>()
@ 0x55de14364541 192 third_party/halide/halide/src/IRVisitor.h:346 Halide::Internal::Simplify::visit()
@ 0x55de13fa159d 160 third_party/halide/halide/src/IRVisitor.h:208 Halide::Internal::VariadicVisitor<>::dispatch_expr<>()
Is the below the correct workflow to repro?
abadams@anadams-work:~/projects/Halide/cmake_build
$ unzip ~/Downloads/testcase-5772724201914368.txt.zip
Archive: /home/abadams/Downloads/testcase-5772724201914368.txt.zip
inflating: testcase-5772724201914368.txt
inflating: __MACOSX/._testcase-5772724201914368.txt
abadams@anadams-work:~/projects/Halide/cmake_build
$ ./test/fuzz/fuzz_cse testcase-5772724201914368.txt
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 607103828
INFO: Loaded 1 modules (279211 inline 8-bit counters): 279211 [0x556f2c877a60, 0x556f2c8bbd0b),
INFO: Loaded 1 PC tables (279211 PCs): 279211 [0x556f2c8bbd10,0x556f2ccfe7c0),
./test/fuzz/fuzz_cse: Running 1 inputs 1 time(s) each.
Running: testcase-5772724201914368.txt
Executed testcase-5772724201914368.txt in 0 ms
***
*** NOTE: fuzzing was not performed, you have only
*** executed the target code on a fixed set of inputs.
***
