New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
libFuzzer minimizer needs to do basic stack comparison #452
Comments
I understand the problem in principle, but could you please provide some examples (logs or reproducers)? |
atleast one example i saw was #250 (comment). @mbarbella - can you provide more examples, since you are already testing this with several testcases. |
quick check: do you still need this, and is this on critical path for #250, or just good to have? |
It's definitely good to have, but might be a bit too early to say whether if this is still critical to #250. We'll need to do another pass on current CF testcases once we pick up the new builds to see how many of them are still failing minimization. We'll probably know early next week. |
@kcc - It is definitely important since many targets till timeouts, and i saw this across multiple testcases previously. So, it is not blocking since we will just keep unminimized testcase, but sometime needs fixing when you get time. |
… minimization if another bug was found during minimization (google/oss-fuzz#452) llvm-svn=298755
… minimization if another bug was found during minimization (google/oss-fuzz#452) git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@298755 91177308-0d34-0410-b5e6-96231b3b80d8
This requires |
Thanks Kostya! This is an unrelated note, but it looks like reports are broken (truncated) if symbolize=0 and dedup_token_length=3.
We'll force on symbolize=1 and dedup_token_length=3 during minimization, but our default is symbolize=0. Just a head's up in case you were ever planning to turn on dedup_token_length=3 by default. |
Why do we have |
We want to symbolize with |
I'm guessing there's nothing left to do here? |
As i talked with @mbarbella, libFuzzer minimizer currently does not check for stack before trying to minimize. This fails on several targets which get engulfed with timeouts or other crash types. It is important to compare crash type and minimal stack frames comparison (like top 10) before minimizing further. This is needed to enable #250.
The text was updated successfully, but these errors were encountered: