cargo-fuzz
cargo-fuzz copied to clipboard
Signalled faults (SIGSEGV, SIGBUS, etc.) in the target fail to preserve the test case
When running the cargo-fuzz
on this project, fuzzing runs as intended for a while but inevitably crashes with Error: Fuzz target exited with signal: 11
. This occurs on both macOS and Linux (running in a VM, I can't test running it natively at the moment). I'm using the latest nightly compiler, which at time of writing is rustc 1.46.0-nightly (0cd7ff7dd 2020-07-04)
.
You will want to try and run the fuzzer with a debugger and then look at the stack trace to understand if the signal 11 (SIGSEGV) is coming from your library or somewhere else.
You can also look at the core dump file.
(Ideally we wouldn't crash without retaining the test case, but the issue report is not super clear whether that's actually true)
I just ran into this. In my case it looks like a stack overflow.
Unfortunately the target doesn't seem to be compiled with debug symbols (maybe?). Is there any way to check if the input was saved? Or should I assume it wasn't, and try to get it off the stack (which I doubt I'll be able to)?
After debugging it I did find the crash was caused by a stack overflow in my library. The input which caused it wasn't saved and so it was pretty hard to track down. I ended up figuring out the cause using afl.rs which correctly handled the stack overflow.
Getting this with an infinite recursion
Workaround was to println
the fuzzed input