Comments (11)
It already found the heartbleed, see logs
2019-02-08 14:40:40,543 - run_bot - INFO - Process the crash group (file=fuzz-1, fuzzed_key=25002300-d91f-4b14-b894-6e2a5f4ed858, return code=1, crash time=4, crash type=Heap-buffer-overflow
READ {*}, crash state=tls1_process_heartbeat
ssl3_read_bytes
ssl3_get_message
and there should be testcase on localhost:9000.
can you paste the job definitions you have, maybe some processes are piling up. Did you modify any templates or anything ? Are you running AFL or libFuzzer ? Need more reproducer instructions.
from clusterfuzz.
can you also start from a clean slate and see if you can reproduce. like try pkill -9 -f clusterfuzz and pkill -9 -f gcloud.
from clusterfuzz.
I followed the steps exactly for heartbleed, should be the same as on the wiki. It says it found heartbleed right away - but I was checking the test cases in the UI and it was empty from 2pm - 12am. Did not change any templates.
from clusterfuzz.
this could be related to your broken config as in #136. your ports seem to be not free, can you try a restart and see if you can still reproduce.
from clusterfuzz.
also which platform and os version you are running.
from clusterfuzz.
I'm doubtful I have those ports blocked, as I showed checking the ports right after clusterfuzz tried using them revealed them to be unused. I restarted anyway!
I'm on Ubuntu 18.04 LTS.
from clusterfuzz.
I've restarted and heartbleed indeed now shows up in the test cases. Should I do anything else?
from clusterfuzz.
Metadata says the following:
[2019-02-08 13:06:35 UTC] mudlet1: Fuzz task : Fuzzer libFuzzer_handshake-fuzzer generated testcase crashed in 3 seconds (r1).
[2019-02-08 13:09:01 UTC] mudlet1: Minimize task started.
[2019-02-08 13:24:16 UTC] mudlet1: Minimize task finished.
[2019-02-09 00:19:37 UTC] mudlet1: Progression task started.
[2019-02-09 00:19:39 UTC] mudlet1: Progression task finished.
Which could explain why I didn't see the test case for many hours.
from clusterfuzz.
Something was up with clearing ports. Basically, run_bot could not send testcase to run_server since run_server wasn't running and failing on not being able to find the port. run_bot was finding the crash fine, but run_server didnt get it.
Right now, your log in last message is correct. so everything should be working fine. if you ever hit this again, try remembering the steps. use ctrl+c to kill run_server and run_bot, not kill a particular process id. we can reopen the bug if you hit this again.
from clusterfuzz.
I'm also running into this, but with less impact.
I did a fresh install on an Ubuntu 18.04 LTS VM. Followed the pre-requisites: https://google.github.io/clusterfuzz/getting-started/prerequisites/
I then ran the local server, went to the web UI, and created a bot instance a few minutes later in a separate tab. I see the port error in my logs, though interestingly enough things work (I see the test case in the testcases UI).
My full server logs are here: https://pastebin.com/JKya8WNB - bot logs are here: https://pastebin.com/YN6vCRBZ
Hope this helps!
from clusterfuzz.
@mhlakhani - this should get fixed as part of #197. these never happen in production since we use appengine cron. locally, we create some threads to run every 60 secs. we can make them more reliable.
@oliverchang as fyi.
from clusterfuzz.
Related Issues (20)
- Improve linting HOT 1
- ClusterFuzz not handling uploads with bad revisions well
- ClusterFuzz tries to run impact task on nonreproducible uploaded testcase
- Handle request.exceptions.ConnectionError in retrying signed URL stuff
- Error in bug throttling
- Centipede stats breaking fuzzing in chrome clusterfuzz HOT 5
- Centipede on Chrome CF trying to minimize testcases HOT 1
- Deal with flaky tests
- Make Centipede handle custom ASAN options that libFuzzer supports
- Mac bots breaking with untrusted variant task HOT 3
- File bug for any flake percentage (or custom flake percentag). HOT 2
- PermissionDenied Error when uploading uworker output on Windows
- Profile and improve performance of testcases list
- fuzzing_time_percent can be inaccurate
- Move preprocess_update_fuzzer_and_data_bundles calls to preprocess step
- Optimize zipcorpora HOT 1
- Upgrade Python HOT 3
- Reinstall future
- Replace download_as_string with download_as_bytes HOT 5
- Use fully qualified name in JobRun uploads
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from clusterfuzz.