Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

Capture crash dumps from libfuzzer, when provided #2793

Merged
merged 80 commits into from
Aug 9, 2023
Merged

Capture crash dumps from libfuzzer, when provided #2793

merged 80 commits into from
Aug 9, 2023

Conversation

Porges
Copy link
Member

@Porges Porges commented Feb 2, 2023
edited
Loading

Enables capturing crashdumps generated by ASAN at point of failure.

This helps in several ways:

  • provides a crash dump in the case that we cannot repro a failure later
  • some people have stated that crash dumps would be more useful to their team than the repro VM
  • we should be able to use these for automated submission to Watson or similar

Crash dumps are automatically collected (for libfuzzer) jobs, if we find any. They should be activated by enabling crash dumps in ASAN, via:

  • On Linux: ASAN_OPTIONS=disable_coredump=0:abort_on_error=1:unmap_shadow_on_exit=1
    • OneFuzz will override the (Ubuntu) crash dump options to generate core dumps instead and then upload them.
  • On Windows: ASAN_SAVE_DUMPS=my_dump.dmp
    • OneFuzz will look for any *.dmp files in the working directory and then upload them.

In both cases, the crash dump will be renamed to match the crashing input, if possible, and uploaded to a new crashdumps container.

Also updated: the “simple” LibFuzzer test has been updated to be compiled with cl.exe instead of clang on Windows, so that we are exercising the MSVC implementation of ASAN/LibFuzzer, and the CI image has been updated to windows-2022. The restriction to an old version of the Windows SDK has been removed.

@Porges Porges changed the title WIP [draft] Capture crash dumps from libfuzzer, when provided Feb 2, 2023
@codecov-commenter
Copy link

codecov-commenter commented Feb 2, 2023
edited
Loading

Codecov Report

Merging #2793 (09a7ec8) into main (74ae105) will decrease coverage by 0.11%.
The diff coverage is 0.71%.

@@            Coverage Diff             @@
##             main    #2793      +/-   ##
==========================================
- Coverage   34.34%   34.23%   -0.11%     
==========================================
  Files         297      297              
  Lines       36250    36366     +116     
==========================================
+ Hits        12450    12451       +1     
- Misses      23800    23915     +115
Files Changed Coverage Δ
src/ApiService/ApiService/OneFuzzTypes/Enums.cs 32.39% <ø> (ø)
src/ApiService/ApiService/OneFuzzTypes/Model.cs 72.63% <0.00%> (-0.09%) ⬇️
src/ApiService/ApiService/onefuzzlib/Config.cs 0.00% <0.00%> (ø)
src/ApiService/ApiService/onefuzzlib/Defs.cs 0.00% <0.00%> (ø)
src/agent/onefuzz-task/src/local/common.rs 0.00% <ø> (ø)
src/agent/onefuzz-task/src/local/libfuzzer_fuzz.rs 0.00% <0.00%> (ø)
src/agent/onefuzz-task/src/local/template.rs 6.35% <0.00%> (-0.03%) ⬇️
...nt/onefuzz-task/src/tasks/fuzz/libfuzzer/common.rs 17.63% <0.00%> (-3.41%) ⬇️
...rc/agent/onefuzz-task/src/tasks/fuzz/supervisor.rs 0.00% <0.00%> (ø)
src/agent/onefuzz-telemetry/src/lib.rs 2.13% <0.00%> (-0.01%) ⬇️
... and 1 more

@Porges Porges changed the title [draft] Capture crash dumps from libfuzzer, when provided Capture crash dumps from libfuzzer, when provided Jul 12, 2023
@Porges Porges marked this pull request as ready for review August 1, 2023 23:00
@Porges Porges mentioned this pull request Aug 9, 2023
Open
@Porges Porges enabled auto-merge (squash) August 9, 2023 21:32
@Porges Porges merged commit a364051 into main Aug 9, 2023
@AdamL-Microsoft AdamL-Microsoft mentioned this pull request Aug 10, 2023
Merged
@Porges Porges deleted the asan_dumps branch September 7, 2023 23:14
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@tevoinea tevoinea tevoinea approved these changes

@chkeita chkeita chkeita left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Porges @codecov-commenter @chkeita @tevoinea