| Issue |
169029
|
| Summary |
LibFuzzer: Corpus minification fails if corpus path contains whitespace
|
| Labels |
new issue
|
| Assignees |
|
| Reporter |
nausicaea
|
I originally opened this issue on the [`cargo-fuzz`](https://github.com/rust-fuzz/cargo-fuzz) repository: [cargo-fuzz #428](https://github.com/rust-fuzz/cargo-fuzz/issues/428), and one of the contributors suggested that this might be a bug in LibFuzzer itself.
Please let me know if I can be of assistance.
> When trying to minify the corpus of a fuzzing target, spaces in paths are not properly escaped.
>
> ```bash
> $ cargo fuzz --version
> cargo-fuzz 0.13.1
> # I am running this test on an Apple M1 (Sequoia 15.7.1) with case-insensitive APFS.
> ```
>
> The paragraph below shows the error I'm getting when running the `poc.sh` script in my repo. At [cargo-fuzz-poc](https://github.com/nausicaea/cargo-fuzz-poc) I've created a minimal working example of the issue for verification. An **additional issue** I'm seeing is: if the corpus contains multiple files, `cargo +nightly fuzz cmin parse_cbor` runs into an infinite loop, and I have to kill the processes. Furthermore, I cannot reproduce the same behaviour in fuzzing mode (`cargo +nightly fuzz run parse_cbor`): there whitespace in paths doesn't seem to matter.
>
> I'm willing to provide additional information, should you require anything.
>
> ```bash
> $ sh poc.sh
> Finished `release` profile [optimized + debuginfo] target(s) in 0.02s
> Finished `release` profile [optimized + debuginfo] target(s) in 0.01s
> Finished `release` profile [optimized + debuginfo] target(s) in 0.02s
> Running `target/aarch64-apple-darwin/release/parse_cbor '-artifact_prefix=/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/artifacts/parse_cbor/' -merge=1 '/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/.tmpJMDfRb/corpus' '/private/var/folders/cv/jzjgfjdj42nbzk8_w7plqshm0000gn/T/tmp.VMmLUHg0FJ/poc/path with space/example-crate/fuzz/corpus/parse_cbor'`
> parse_cbor(86522,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space.
> INFO: Running with entropic power schedule (0xFF, 100).
> INFO: Seed: 977339485
> INFO: Loaded 1 modules (3143 inline 8-bit counters): 3143 [0x1023b5ab0, 0x1023b66f7),
> INFO: Loaded 1 PC tables (3143 PCs): 3143 [0x1023b66f8,0x1023c2b68),
> MERGE-OUTER: 2 files, 0 in the initial corpus, 0 processed earlier
> MERGE-OUTER: attempt 1
> parse_cbor(86523,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space.
> ERROR: The required directory "with" does not exist
> MERGE-OUTER: attempt 2
> parse_cbor(86524,0x20bdb2140) malloc: nano zone abandoned due to inability to reserve vm space.
> ERROR: The required directory "with" does not exist
> MERGE-OUTER: the control file has 313 bytes
> MERGE-OUTER: consumed 0Mb (44Mb rss) to parse the control file
> MERGE-OUTER: 0 new files with 0 new features added; 0 new coverage edges
> ```
![]()
_______________________________________________
llvm-bugs mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs
