Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle real segfaults in fuzz targets #602

Merged
merged 20 commits into from
Sep 28, 2023
Merged

Conversation

br-lewis
Copy link
Contributor

This adds handling for real segfaults in native code in our fuzz targets. Unfortunately, the only way to do that effectively was to have the C++ code in the fuzzer detect the error, print a message, write the crash file, and quit rather than returning control to JS so the result isn't as nice as a normal error but should be more informative than before.

@br-lewis br-lewis requested a review from a team September 19, 2023 12:25
Copy link
Contributor

@bertschneider bertschneider left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great that you got this working!

A few, but only minor, comments, overall this PR looks good.

.gitignore Outdated Show resolved Hide resolved
tests/signal_handlers/native-signal/signal_impl.cpp Outdated Show resolved Hide resolved
tests/signal_handlers/native-signal/package.json Outdated Show resolved Hide resolved
tests/signal_handlers/native-signal/package.json Outdated Show resolved Hide resolved
tests/signal_handlers/SIGSEGV/fuzz.js Outdated Show resolved Hide resolved
packages/fuzzer/fuzzing_async.cpp Outdated Show resolved Hide resolved
packages/fuzzer/fuzzing_async.cpp Show resolved Hide resolved
packages/fuzzer/fuzzing_async.cpp Outdated Show resolved Hide resolved
packages/fuzzer/fuzzing_sync.cpp Outdated Show resolved Hide resolved
Copy link
Contributor

@bertschneider bertschneider left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thx!

Please squash the commits before/on merge.

package.json Show resolved Hide resolved
tests/signal_handlers/native-signal/package.json Outdated Show resolved Hide resolved
tests/signal_handlers/SIGSEGV/fuzz.js Outdated Show resolved Hide resolved
@br-lewis br-lewis merged commit ad962f9 into main Sep 28, 2023
9 checks passed
@br-lewis br-lewis deleted the FUZZ-774-handle-real-segfaults branch September 28, 2023 13:34
karfau pushed a commit to xmldom/xmldom that referenced this pull request Oct 28, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[@jazzer.js/core](https://togithub.com/CodeIntelligenceTesting/jazzer.js)
| [`2.0.0` ->
`2.1.0`](https://renovatebot.com/diffs/npm/@jazzer.js%2fcore/2.0.0/2.1.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@jazzer.js%2fcore/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@jazzer.js%2fcore/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@jazzer.js%2fcore/2.0.0/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@jazzer.js%2fcore/2.0.0/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>CodeIntelligenceTesting/jazzer.js
(@&#8203;jazzer.js/core)</summary>

###
[`v2.1.0`](https://togithub.com/CodeIntelligenceTesting/jazzer.js/releases/tag/v2.1.0):
Release 2.1.0

[Compare
Source](https://togithub.com/CodeIntelligenceTesting/jazzer.js/compare/v2.0.0...v2.1.0)

<!-- Release notes generated using configuration in .github/release.yml
at main -->

#### What's Changed

- **Feature**: Jest support: List fuzz test names by
[@&#8203;zgtm](https://togithub.com/zgtm) in
[CodeIntelligenceTesting/jazzer.js#606
- **Feature**: Handle real segfaults in fuzz targets by
[@&#8203;br-lewis](https://togithub.com/br-lewis) in
[CodeIntelligenceTesting/jazzer.js#602
- **Feature**: Provide consistent exit codes by
[@&#8203;bertschneider](https://togithub.com/bertschneider) in
[CodeIntelligenceTesting/jazzer.js#617
- **Bugfix**: Patch coverage of implicit else branches by
[@&#8203;bertschneider](https://togithub.com/bertschneider) in
[CodeIntelligenceTesting/jazzer.js#635

**Full Changelog**:
CodeIntelligenceTesting/jazzer.js@v2.0.0...v2.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/xmldom/xmldom).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
karfau pushed a commit to xmldom/xmldom that referenced this pull request Oct 28, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[@jazzer.js/jest-runner](https://togithub.com/CodeIntelligenceTesting/jazzer.js)
| [`2.0.0` ->
`2.1.0`](https://renovatebot.com/diffs/npm/@jazzer.js%2fjest-runner/2.0.0/2.1.0)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/@jazzer.js%2fjest-runner/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/@jazzer.js%2fjest-runner/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/@jazzer.js%2fjest-runner/2.0.0/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@jazzer.js%2fjest-runner/2.0.0/2.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>CodeIntelligenceTesting/jazzer.js
(@&#8203;jazzer.js/jest-runner)</summary>

###
[`v2.1.0`](https://togithub.com/CodeIntelligenceTesting/jazzer.js/releases/tag/v2.1.0):
Release 2.1.0

[Compare
Source](https://togithub.com/CodeIntelligenceTesting/jazzer.js/compare/v2.0.0...v2.1.0)

<!-- Release notes generated using configuration in .github/release.yml
at main -->

#### What's Changed

- **Feature**: Jest support: List fuzz test names by
[@&#8203;zgtm](https://togithub.com/zgtm) in
[CodeIntelligenceTesting/jazzer.js#606
- **Feature**: Handle real segfaults in fuzz targets by
[@&#8203;br-lewis](https://togithub.com/br-lewis) in
[CodeIntelligenceTesting/jazzer.js#602
- **Feature**: Provide consistent exit codes by
[@&#8203;bertschneider](https://togithub.com/bertschneider) in
[CodeIntelligenceTesting/jazzer.js#617
- **Bugfix**: Patch coverage of implicit else branches by
[@&#8203;bertschneider](https://togithub.com/bertschneider) in
[CodeIntelligenceTesting/jazzer.js#635

**Full Changelog**:
CodeIntelligenceTesting/jazzer.js@v2.0.0...v2.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/xmldom/xmldom).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants