fuzzbench icon indicating copy to clipboard operation
fuzzbench copied to clipboard

Published 20 hours ago verified publisher icon google

Lots of broken projects

Open jonathanmetzman opened this issue 3 years ago • 6 comments

freetype, bloaty, arrow_parquet-arrow-fuzz probably more

jonathanmetzman avatar Dec 07 '21 21:12 jonathanmetzman

@jonathanmetzman I am also noticing that in a fuzzbench run for aflplusplus_frida the systemd_fuzz-link-parser target fails and for aflplusplus_qemu libxslt_xpath (frida is also shown to fail, this is true though) - although both run fine when I test them locally and they find coverage. any idea what is the problem there?

vanhauser-thc avatar Dec 26 '21 13:12 vanhauser-thc

Lemme take a look.

jonathanmetzman avatar Dec 28 '21 20:12 jonathanmetzman

I got a lof of errors in #1330 as adding benchmarks triggers the CI for every fuzzer and I spotted several issues:

  • lafintel is broken because it uses llvm 3.8 that does not support '-fsanitize=builtin' (confirmed to fail locally with make build-lafintel-matio_matio_fuzzer).
  • every qemu based fuzzer (afl_qemu, weizz_qemu, eclipser, ...) will fail the test-run on bug benchmarks. This is due to the sanitizers, qemu users cannot run binaries compiled with ASan. It can run UBSan partially.
  • the afl++ commit used by fuzzolic, symcc_aflplusplus_single, symqemu_aflplusplus and eclipser is not in tree anymore (https://github.com/AFLplusplus/AFLplusplus/commit/8475cadc6307f94951e616aeea4402224d71a981) cc @vanhauser-thc
  • the klee build is dying with #10 4.211 ERROR: cannot verify www.uclibc.org's certificate, issued by 'CN=R3,O=Let\'s Encrypt,C=US': (a klee-uclibc issue? @laurentsimon)
  • symcc_aflplusplus fails to link targets because -ldl is missing, a simple addition in fuzzer.py should solve it. It happens on quickjs that I added in the PR but other fuzzers build it without problems. I'll try to reproduce the issue locally on another bench using the main branch.

andreafioraldi avatar Feb 08 '22 16:02 andreafioraldi

I confirm that symcc_aflplusplus fails on matio too, this time because -pthread is missing. I guess this simply happens because clang is linking while the symcc runtime is in C++, so it needs dl and pthread (and probably libc++)

andreafioraldi avatar Feb 08 '22 16:02 andreafioraldi

uclibc's cert seems fine right now:

Validity
Not Before: Jan  8 03:30:08 2022 GMT
Not After : Apr  8 03:30:07 2022 GMT

I've not checked further than that.

laurentsimon avatar Feb 08 '22 23:02 laurentsimon

I'll try to take a look tomorrow. This issue seems to happen when an image doesn't call apt-get upgrade for a long time.

jonathanmetzman avatar Feb 08 '22 23:02 jonathanmetzman