libbpf icon indicating copy to clipboard operation
libbpf copied to clipboard

Published 20 hours ago verified publisher icon libbpf

OSS-Fuzz issue 46622

Open oss-fuzz-robot opened this issue 3 years ago • 1 comments

OSS-Fuzz has found a bug in this project. Please see https://oss-fuzz.com/testcase?key=5932565858484224 for details and reproducers.

This issue is mirrored from https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46622 and will auto-close if the status changes there.

If you have trouble accessing this report, please file an issue at https://github.com/google/oss-fuzz/issues/new.

oss-fuzz-robot avatar Apr 11 '22 16:04 oss-fuzz-robot 

SANITIZER=undefined ./scripts/build-fuzzers.sh
wget -O oss-fuzz-46622 https://oss-fuzz.com/download?testcase_id=5932565858484224
UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 ./out/bpf-object-fuzzer oss-fuzz-46622

UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1 ./out/bpf-object-fuzzer oss-fuzz-46622
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 1391893021
INFO: Loaded 1 modules   (52488 inline 8-bit counters): 52488 [0x7b4420, 0x7c1128),
INFO: Loaded 1 PC tables (52488 PCs): 52488 [0x654b00,0x721b80),
./out/bpf-object-fuzzer: Running 1 inputs 1 time(s) each.
Running: oss-fuzz-46622
libbpf.c:8229:11: runtime error: member access within misaligned address 0xffffffff946e938c for type 'struct bpf_object', which requires 8 byte alignment
0xffffffff946e938c: note: pointer points here
<memory cannot be printed>
    #0 0x4ac1de in bpf_object__close /home/vagrant/libbpf/src/libbpf.c:8229:11
    #1 0x48304b in LLVMFuzzerTestOneInput /home/vagrant/libbpf/fuzz/bpf-object-fuzzer.c:21:2
    #2 0x439389 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/libbpf/out/bpf-object-fuzzer+0x439389)
    #3 0x419e2f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/libbpf/out/bpf-object-fuzzer+0x419e2f)
    #4 0x421aee in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/libbpf/out/bpf-object-fuzzer+0x421aee)
    #5 0x410f96 in main (/home/vagrant/libbpf/out/bpf-object-fuzzer+0x410f96)
    #6 0x7f6c0b9b955f in __libc_start_call_main (/lib64/libc.so.6+0x2d55f)
    #7 0x7f6c0b9b960b in __libc_start_main@GLIBC_2.2.5 (/lib64/libc.so.6+0x2d60b)
    #8 0x410fe4 in _start (/home/vagrant/libbpf/out/bpf-object-fuzzer+0x410fe4)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior libbpf.c:8229:11 in

evverx avatar Apr 13 '22 02:04 evverx

OSS-Fuzz has closed this bug. Please see https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46622 for details.

oss-fuzz-robot avatar Sep 16 '23 09:09 oss-fuzz-robot