Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failure of OSS-fuzz #220

Open
naveensrinivasan opened this issue Oct 1, 2022 · 0 comments
Open

Failure of OSS-fuzz #220

naveensrinivasan opened this issue Oct 1, 2022 · 0 comments
Labels
fuzzing

Comments

@naveensrinivasan
Copy link
Member

Issue 51772: scorecard-web:FuzzLoadCertificates: Null-dereference READ in pthread_create

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51772

The issue AFAIK is because of census-instrumentation/opencensus-go#1074

+----------------------------------------Release Build Stacktrace----------------------------------------+
Command: /mnt/scratch0/clusterfuzz/resources/platform/linux/unshare -c -n /mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds_scorecard-web_a6241b1e5aea897308ae131bc5bc8379749359c2/revisions/FuzzVerifyWorkflow -rss_limit_mb=2560 -timeout=60 -runs=100 /mnt/scratch0/clusterfuzz/bot/inputs/fuzzer-testcases/2469e398407d6ee2b8e6337f59c3c4a9c69459d57675d7bb9a8f0d403e5927e8
Time ran: 0.04897665977478027
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 3017926340
INFO: 110475 Extra Counters
/mnt/scratch0/clusterfuzz/bot/builds/clusterfuzz-builds_scorecard-web_a6241b1e5aea897308ae131bc5bc8379749359c2/revisions/FuzzVerifyWorkflow: Running 1 inputs 100 time(s) each.
Running: /mnt/scratch0/clusterfuzz/bot/inputs/fuzzer-testcases/2469e398407d6ee2b8e6337f59c3c4a9c69459d57675d7bb9a8f0d403e5927e8
invalid m->lockedInt = 1
fatal error: internal lockOSThread error
runtime stack:
runtime.throw({0xfc5308?, 0x600000000?})
 runtime/panic.go:992 +0x71
runtime.goexit0(0x10c000002680)
 runtime/proc.go:3495 +0x2e5
runtime.mcall()
 runtime/asm_amd64.s:425 +0x45
goroutine 6 [select]:
go.opencensus.io/stats/view.(*worker).start(0x10c000316380)
 go.opencensus.io@v0.23.0/stats/view/worker.go:276 +0xd1
created by go.opencensus.io/stats/view.init.0
 go.opencensus.io@v0.23.0/stats/view/worker.go:34 +0x9c
==6984== ERROR: libFuzzer: deadly signal
    #0 0x539091 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
    #1 0x457ba8 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5
    #2 0x43c883 in fuzzer::Fuzzer::CrashCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:3
    #3 0x7efee64a43bf in libpthread.so.0
    #4 0x5d2e20 in runtime.raise.abi0 runtime/sys_linux_amd64.s:167
NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
fuzzing
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@naveensrinivasan