Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fuzzer not crashing with basic string comparison #1201

Open
KanishAnand opened this issue May 30, 2024 · 0 comments
Open

Fuzzer not crashing with basic string comparison #1201

KanishAnand opened this issue May 30, 2024 · 0 comments

Comments

@KanishAnand
Copy link
Contributor

KanishAnand commented May 30, 2024
edited
Loading

Playing around with codelab example I noticed fuzzer is not able to find basic string comparison crashes with input domains.

I am trying below test:

void StringCmp(std::string s) {
    EXPECT_NE(s, "Hello");
}
FUZZ_TEST(ExpTests, StringCmp).
                  WithDomains(/*s:*/fuzztest::PrintableAsciiString());

Running this in fuzzing mode following quickstart-cmake doesn't crash whereas removing the domain constraint for PrintableAsciiString() followed from here, crashes instantly. Tried with AsciiString() domain as well and it is not crashing.
Already ran fuzzer for 5 hours (and still running...) and it's not reporting the bug whereas without domain it is able to find "Hello" string and crash instantly. Tried with 6a370ae, couldn't try main because of #1192

Seems like there might be some issue while using tokens received from string comparison instructions enabled via -fsanitize-coverage=trace-cmp when domains are enabled.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@KanishAnand