coreutils fuzz: generate a proper backtrace

can it can be seen here: https://github.com/uutils/coreutils/issues/5311 the backtrace doesn't contain any debug information

Seems that we should build in debug mode in the CI: "fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc03481"

Probably this line: https://github.com/uutils/coreutils/blob/main/.github/workflows/fuzzing.yml#L29

Oct 01 '23 08:10 sylvestre

can it be simply solved by adding a RUST_BACKTRACE=1 env variable into CICD.yml?

Oct 05 '23 08:10 tommady

I run the below command

❯ RUST_BACKTRACE=1 cargo +nightly fuzz run fuzz_date -- -max_total_time=60 -detect_leaks=0

For more information, try '--help'.
thread '<unnamed>' panicked at /home/arch/.cargo/registry/src/index.crates.io-6f17d22bba15001f/chrono-0.4.31/src/duration.rs:121:13:
Duration::seconds out of bounds
stack backtrace:
   0: rust_begin_unwind
             at /rustc/ca2b74f1ae5075d62e223c0a91574a1fc3f51c7c/library/std/src/panicking.rs:619:5
   1: core::panicking::panic_fmt
             at /rustc/ca2b74f1ae5075d62e223c0a91574a1fc3f51c7c/library/core/src/panicking.rs:72:14
   2: chrono::duration::Duration::hours
   3: parse_datetime::parse_relative_time::parse_relative_time_at_date
   4: parse_datetime::parse_relative_time::parse_relative_time
   5: parse_datetime::parse_datetime_at_date
   6: uu_date::uumain::uumain
   7: uu_date::uumain
   8: fuzz_date::_::__libfuzzer_sys_run
   9: rust_fuzzer_test_input
  10: std::panicking::try::do_call
  11: __rust_try
  12: LLVMFuzzerTestOneInput
  13: _ZN6fuzzer6Fuzzer15ExecuteCallbackEPKhm
  14: _ZN6fuzzer6Fuzzer6RunOneEPKhmbPNS_9InputInfoEbPb
  15: _ZN6fuzzer6Fuzzer16MutateAndTestOneEv
  16: _ZN6fuzzer6Fuzzer4LoopERSt6vectorINS_9SizedFileESaIS2_EE
  17: _ZN6fuzzer12FuzzerDriverEPiPPPcPFiPKhmE
  18: main
  19: <unknown>
  20: __libc_start_main
  21: _start
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
==4043709== ERROR: libFuzzer: deadly signal
    #0 0x560153f38ea1  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc09ea1) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #1 0x5601553037b9  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fd47b9) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #2 0x56015531bbe5  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fecbe5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #3 0x7f5f1f83e70f  (/usr/lib/libc.so.6+0x3e70f) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #4 0x7f5f1f88e83b  (/usr/lib/libc.so.6+0x8e83b) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #5 0x7f5f1f83e667  (/usr/lib/libc.so.6+0x3e667) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #6 0x7f5f1f8264b7  (/usr/lib/libc.so.6+0x264b7) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #7 0x5601553928f6  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20638f6) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #8 0x560153e8f816  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb60816) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #9 0x5601552e9dd4  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fbadd4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #10 0x5601553869b2  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20579b2) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #11 0x5601553866e5  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20576e5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #12 0x5601553837b5  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x20547b5) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #13 0x560155386471  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x2057471) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #14 0x560153e92ea4  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb63ea4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #15 0x560154037270  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd08270) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #16 0x5601540421c3  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd131c3) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #17 0x56015404000f  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xd1100f) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #18 0x560153f79d58  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc4ad58) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #19 0x560153fc6b21  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc97b21) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #20 0x560153fc4380  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xc95380) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #21 0x560153fd9f87  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xcaaf87) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #22 0x560153fd9580  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xcaa580) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #23 0x5601552e4bb8  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fb5bb8) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #24 0x5601552e9ff7  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fbaff7) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #25 0x5601552e91c1  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fba1c1) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #26 0x56015531c119  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fed119) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #27 0x560155323545  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff4545) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #28 0x56015532454a  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff554a) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #29 0x5601553253f7  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1ff63f7) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #30 0x5601552fc34b  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0x1fcd34b) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #31 0x560153e937f2  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb647f2) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)
    #32 0x7f5f1f827ccf  (/usr/lib/libc.so.6+0x27ccf) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #33 0x7f5f1f827d89  (/usr/lib/libc.so.6+0x27d89) (BuildId: 316d0d3666387f0e8fb98773f51aa1801027c5ab)
    #34 0x560153e939b4  (/home/arch/code/tommady/coreutils/fuzz/target/x86_64-unknown-linux-gnu/release/fuzz_date+0xb649b4) (BuildId: 2702d2c3cf9377b3a26365a5c7c10e6ffdad93dd)

NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 1 CopyPart-; base unit: 8fed895ff418dffb9ae58f8fc6383d48149f37a6
0x0,0x2d,0x64,0x72,0x6c,0x65,0x75,0x72,0x2d,0x32,0x3a,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x32,0x68,0x6c,0x70,
\000-drleur-2:22222222222222hlp
artifact_prefix='/home/arch/code/tommady/coreutils/fuzz/artifacts/fuzz_date/'; Test unit written to /home/arch/code/tommady/coreutils/fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943
Base64: AC1kcmxldXItMjoyMjIyMjIyMjIyMjIyMmhscA==

────────────────────────────────────────────────────────────────────────────────

Failing input:

        fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943

Output of `std::fmt::Debug`:

        [0, 45, 100, 114, 108, 101, 117, 114, 45, 50, 58, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 50, 104, 108, 112]

Reproduce with:

        cargo fuzz run fuzz_date fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943

Minimize test case with:

        cargo fuzz tmin fuzz_date fuzz/artifacts/fuzz_date/crash-1ebc96ae7a3edacd8f7529c6867ef5f67eb44943

────────────────────────────────────────────────────────────────────────────────

Error: Fuzz target exited with exit status: 77

is this the acceptable display you want? if so then I can create a PR for this. thank you.

Oct 06 '23 06:10 tommady

nope, it should provide the function name and positions

Oct 06 '23 06:10 sylvestre

usually, the issue is that the build is done in release mode and not debug

Oct 06 '23 06:10 sylvestre

So I guess we want a fuzz profile which is like release with debuginfo? That should be easy to do.

Oct 06 '23 08:10 tertsdiepraam

coreutils coreutils copied to clipboard

fuzz: generate a proper backtrace

coreutils
coreutils copied to clipboard