{"version": 2, "width": 144, "height": 44, "timestamp": 1600442785, "env": {"SHELL": "/bin/bash", "TERM": "xterm-256color"}} [0.02879, "o", "$ "] [2.114019, "o", "l"] [2.206022, "o", "s"] [2.356068, "o", "\r\n"] [2.358799, "o", "Makefile fuzz.c seeds\r\n"] [2.359158, "o", "$ "] [2.804053, "o", "c"] [2.911651, "o", "a"] [3.023869, "o", "t"] [3.10766, "o", " "] [3.344225, "o", "f"] [3.497709, "o", "u"] [3.579124, "o", "z"] [3.737771, "o", "z"] [3.917669, "o", "."] [4.061767, "o", "c"] [4.387845, "o", "\r\n"] [4.390117, "o", "#include \r\n#include \r\n\r\n\r\nint LLVMFuzzerTestOneInput(const uint8_t *data, size_t len) {\r\n int cnt = 0;\r\n\r\n if (len < 4) {\r\n return 1;\r\n }\r\n\r\n if (data[0] == 'x') { cnt++; }\r\n if (data[1] == 'y') { cnt++; }\r\n if (data[2] == 'z') { cnt++; }\r\n\r\n if (cnt >= 3) {\r\n switch (data[3]) {\r\n case '0': {\r\n // segv\r\n int *p = NULL; *p = 123;\r\n break;\r\n }\r\n case '1': {\r\n // stack-buffer-underflow\r\n int* p = &cnt - 32; for (int i = 0; i < 32; i++) { *(p + i) = 0; }\r\n break;\r\n }\r\n case '2': {\r\n // stack-buffer-overflow \r\n int* p = &cnt + 32; for (int i = 0; i < 32; i++) { *(p - i) = 0; }\r\n break;\r\n }\r\n case '3': {\r\n // bad-free\r\n int *p = &cnt; free(p);\r\n break;\r\n }\r\n case '4': {\r\n // double-free\r\n int* p = malloc(sizeof(int)); free(p); free(p);\r\n break;\r\n }\r\n case '5': {\r\n // heap-use-after-free\r\n int* p = malloc(sizeof("] [4.390477, "o", "int)); free(p); *p = 123;\r\n break;\r\n }\r\n case '6': {\r\n // heap-buffer-overflow\r\n int* p = malloc(8 * sizeof(int)); for (int i = 0; i < 32; i++) { *(p + i) = 0; }\r\n break;\r\n }\r\n case '7': {\r\n // fpe\r\n int x = 0; int y = 123 / x;\r\n break;\r\n }\r\n }\r\n }\r\n\r\n return 0;\r\n}\r\n$ "] [5.131973, "o", "l"] [5.230021, "o", "s"] [5.351605, "o", " "] [5.491666, "o", "s"] [5.604053, "o", "e"] [5.78355, "o", "e"] [5.9714, "o", "d"] [6.035766, "o", "s"] [6.445842, "o", "\r\n"] [6.448318, "o", "good.txt\r\n"] [6.448627, "o", "$ "] [6.739915, "o", "c"] [6.853237, "o", "a"] [6.991554, "o", "t"] [7.10373, "o", " "] [7.310628, "o", "s"] [7.379797, "o", "e"] [7.549208, "o", "e"] [7.711106, "o", "d"] [7.751107, "o", "s"] [7.984707, "o", "/"] [8.164636, "o", "good.txt "] [8.966708, "o", "\r\n"] [8.968907, "o", "good\r\n"] [8.969239, "o", "$ "] [10.527868, "o", "m"] [10.632889, "o", "a"] [10.773426, "o", "k"] [10.839725, "o", "e"] [11.191684, "o", "\r\n"] [11.195024, "o", "clang -g3 -fsanitize=fuzzer -fsanitize=address fuzz.c -o fuzz.exe\r\n"] [11.699436, "o", "$ "] [15.852234, "o", "onefuzz "] [15.853432, "o", "template libfuzzer basic my-proj"] [15.85413, "o", "ect my-target bu"] [15.854882, "o", "ild-1 ubuntu --t"] [15.855566, "o", "arget_exe ./fuz"] [15.856165, "o", "z.exe -"] [15.856453, "o", "-inputs "] [15.857116, "o", "./seeds"] [17.776009, "o", "\r\n"] [18.54717, "o", "INFO:onefuzz:creating libfuzzer from template\r\n"] [19.783313, "o", "INFO:onefuzz:creating job (runtime: 24 hours)\r\n"] [20.080545, "o", "INFO:onefuzz:created job: 9b0f7765-d9f2-4906-9e98-1678da9b929a\r\n"] [20.149632, "o", "INFO:onefuzz:creating container: oft-setup-f3de2c2d8fbf536c918a3cb647e92336\r\n"] [20.248317, "o", "INFO:onefuzz:creating container: oft-inputs-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.305332, "o", "INFO:onefuzz:creating container: oft-crashes-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.354664, "o", "INFO:onefuzz:creating container: oft-reports-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.439682, "o", "INFO:onefuzz:creating container: oft-unique-reports-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.522251, "o", "INFO:onefuzz:creating container: oft-no-repro-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.589068, "o", "INFO:onefuzz:creating container: oft-coverage-14b8ea05ca635426bd9ccf3ee71b2e45\r\n"] [20.644551, "o", "INFO:onefuzz:uploading target exe `./fuzz.exe`\r\n"] [21.060675, "o", "INFO:onefuzz:uploading inputs: `./seeds`\r\n"] [21.22102, "o", "INFO:onefuzz:creating libfuzzer task\r\n"] [21.424729, "o", "INFO:onefuzz:creating libfuzzer_coverage task\r\n"] [21.67167, "o", "INFO:onefuzz:creating libfuzzer_crash_report task\r\n"] [21.911879, "o", "INFO:onefuzz:done creating tasks\r\n"] [21.992952, "o", "$ "] [23.158603, "o", "o"] [23.269591, "o", "n"] [23.433656, "o", "e"] [23.787621, "o", "f"] [24.005769, "o", "u"] [24.081481, "o", "z"] [24.233147, "o", "z"] [24.369518, "o", " "] [24.507919, "o", "s"] [24.653735, "o", "t"] [24.76604, "o", "a"] [24.8977, "o", "t"] [25.060096, "o", "u"] [25.137164, "o", "s"] [25.30935, "o", " "] [25.473325, "o", "t"] [25.591896, "o", "o"] [25.650336, "o", "p"] [25.813368, "o", "\r\n"] [26.833078, "o", "INFO:onefuzz:connecting to signalr\r\n"] [26.885552, "o", "INFO:onefuzz:getting initial data\r\n"] [27.576861, "o", "INFO:onefuzz:rendering\r\n"] [27.579015, "o", "\u001b[?1049h\u001b[22;0;0t\u001b[1;44r\u001b(B\u001b[m\u001b[4l\u001b[?7h\u001b[?1h\u001b="] [27.579566, "o", "\u001b[39;49m\u001b[?1h\u001b=\u001b[?25l"] [27.579815, "o", "\u001b[?1000h"] [27.580304, "o", "\u001b[39;49m\u001b[37m\u001b[40m\u001b[H\u001b[2J"] [27.584135, "o", "\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[H\u001b[2J"] [27.62303, "o", "\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[1;1H┌──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐\u001b[2;1H│\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m11:26:53 | https://onefuzz-bmc.azurewebsites.net \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[3;1H│───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────"] [27.623475, "o", "───────────────────────│\u001b[4;1H│\u001b(B\u001b[m\u001b[1m\u001b[37m\u001b[40mPools: 1 \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[5;1H│\u001b[30m\u001b[47mUpdated Pool Name OS State Nodes \u001b[37m\u001b[40m│\u001b[6;1H│\u001b(B\u001b[m\u001b[1m\u001b[37m\u001b[40m11:26:52 0df4dea3 ubuntu linux running Busy:4 Free:16 \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[7;1H│──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────"] [27.623756, "o", "────────────────│\u001b[8;1H│\u001b(B\u001b[m\u001b[1m\u001b[37m\u001b[40mJobs: 2 \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[9;1H│\u001b[30m\u001b[47mUpdated State Job Name Files \u001b[37m\u001b[40m│\u001b[10;1H│11:26:53 enabled 9b0f7765 my-project:my-target:build-1 │\u001b[11;1H│11:26:52 enabled 97b7e623 my-project:png:build-1 │\u001b[12;1H│──────────────────────────────────────────────────────────────────────────────────────────────"] [27.623969, "o", "────────────────────────────────────────────────│\u001b[13;1H│\u001b(B\u001b[m\u001b[1m\u001b[37m\u001b[40mTasks: 6 \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[14;1H│\u001b[30m\u001b[47mUpdated State Job Task Type Name Files Pool Time left \u001b[37m\u001b[40m│\u001b[15;1H│11:26:53 waiting 9b0f7765 e7a07275 libfuzzer_coverage fuzz.exe Setup:1 ubuntu │\u001b[16;1H│11:26:53 waiting 9b0f7765 6321d0d4 libfuzzer_fuzz fuzz.exe Setup:1 ubuntu │\u001b[17;1H│11:26:53 waiting 9b0f7765 077ef033 libfuzzer_crash_report fuzz.exe Setup:1 ubuntu │\u001b[18;1H│11:26:53 running 97b7e623 bd4f1b"] [27.624334, "o", "d3 libfuzzer_fuzz fuzz.exe ubuntu 23h48m │\u001b[19;1H│11:26:53 running 97b7e623 a755b4fd libfuzzer_crash_report fuzz.exe ubuntu 23h48m │\u001b[20;1H│11:26:53 running 97b7e623 6c292aef libfuzzer_coverage fuzz.exe ubuntu 23h48m │\u001b[21;1H│ │\u001b[22;1H│ │\u001b[23;1H│ │\u001b[24;1H│ "] [27.624509, "o", " │\u001b[25;1H│ │\u001b[26;1H│ │\u001b[27;1H│ │\u001b[28;1H│ │\u001b[29;1H│ │\u001b[30;1H│ │\u001b[31;1H│ "] [27.624701, "o", " │\u001b[32;1H│ │\u001b[33;1H│ │\u001b[34;1H│ │\u001b[35;1H│ │\u001b[36;1H│ │\u001b[37;1H│ │\u001b[38;1H│ "] [27.624866, "o", " │\u001b[39;1H│ │\u001b[40;1H│ │\u001b[41;1H│ │\u001b[42;1H│────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────"] [27.625147, "o", "──────│\u001b[43;1H│\u001b(B\u001b[m\u001b[1m\u001b[37m\u001b[40mPress `q` to quit or `r` to reorder. \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m│\u001b[44;1H└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘"] [28.901289, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H4\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[10;9H4\u001b[10;57HInputs:1\u001b[11;57HCrashes:20\u001b[11;68HInputs:13\u001b[30m\u001b[47m\u001b[14;77H \u001b[14;84H \u001b[14;89H Pool\u001b[14;98HTime\u001b[14;103Hleft\u001b[37m\u001b[40m\u001b[15;9H4\u001b[15;28H0\u001b[15;30H7ef033\u001b[15;48Hrash_r\u001b[15;55Hport\u001b[15;77H \u001b[15;91Hubuntu\u001b[16;69HInp\u001b[16;73Hts:1 Setup:1\u001b[16;91Hubuntu\u001b[17;28He\u001b[17;30Ha07275\u001b[17;48Hoverag\u001b[17;55H \u001b[17;69HInp\u001b[17;73Hts:1 Setup:1\u001b[17;91Hubuntu\u001b[18;69HCrashes:20 Inputs:13 \u001b[18;91Hubuntu\u001b[18;98H23h47m\u001b[19;69HCrashes:20 \u001b[19;84H \u001b[19;91Hubuntu\u001b[19;98H23h48m\u001b[20;69HCoverage:28 Inputs:13\u001b[20;91Hubuntu\u001b[20;98H23h48m"] [30.157224, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H5\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[11;78HReports:20\u001b[11;89HUnique\u001b[11;96HReports:8\u001b[30m\u001b[47m\u001b[14;91H \u001b[14;98H \u001b[14;103H \u001b[14;116HPool\u001b[14;123HTime\u001b[14;128Hleft\u001b[37m\u001b[40m\u001b[15;91H \u001b[15;116Hubuntu\u001b[16;91H \u001b[16;116Hubuntu\u001b[17;91H \u001b[17;116Hubuntu\u001b[18;90HSet\u001b[18;94Hp:1\u001b[18;98H \u001b[18;116Hubuntu\u001b[18;123H23h47m\u001b[19;80HReports:20\u001b[19;91HSetup:1 Unique\u001b[19;106HReports:8\u001b[19;116Hubuntu\u001b[19;123H23h48m\u001b[20;91HSetup:1 \u001b[20;116Hubuntu\u001b[20;123H23h48m"] [31.407793, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H6"] [32.662745, "o", "\u001b[2;9H8"] [33.9119, "o", "\u001b[2;9H9"] [35.168969, "o", "\u001b[2;6H7\u001b[2;8H00"] [36.426082, "o", "\u001b[2;9H1"] [37.681452, "o", "\u001b[2;9H3"] [38.935982, "o", "\u001b[2;9H4"] [40.218532, "o", "\u001b[2;9H5"] [41.456909, "o", "\u001b[2;9H7\u001b(B\u001b[m\u001b(B\u001b[m\u001b[30m\u001b[47m\u001b[14;19H Job\u001b[14;28H Task\u001b[14;37H Type\u001b[14;60H Name\u001b[14;69H Files\u001b[14;116H Pool\u001b[14;123H Time left\u001b[37m\u001b[40m\u001b[15;6H7\u001b[15;8H06\u001b[15;11Hscheduled 9b0f7765 6321d0d4 libfuzzer_fuzz \u001b[15;60H fuzz.\u001b[15;68Hxe In\u001b[15;74Huts:1\u001b[15;80HSetup:1\u001b[15;116H \u001b[15;119Hbuntu\u001b[16;9H4\u001b[16;19H 9b0f7765 077ef033 libfuzzer_crash_report fuzz.\u001b[16;68Hxe Se\u001b[16;74Hup:1 \u001b[16;116H \u001b[16;119Hbuntu\u001b[17;19H 9b0f7765 e7a0\u001b[17;35H275 libfuzzer_coverage\u001b[17;60H fuzz.\u001b[17;68Hxe Inputs:1 Setup:1\u001b[17;116H \u001b[17;119Hbuntu\u001b[18;19H 9\u001b[18;23Hb7e623 bd4f1bd3 libfuzzer_fuzz\u001b[18;60H fuzz.\u001b[18;68Hxe Crashes:20 Inputs:13 Setup:1\u001b[18;116H \u001b[18;119Hbuntu 23h47m\u001b[19;19H 9\u001b[19;23Hb7e623 a755b4fd libfuzzer_crash_report fuzz.\u001b[19;68Hxe Crashes:20 Reports:20 Setup:1 Unique Reports:8 \u001b[19;119Hbuntu 23h48m\u001b[20;19H 9\u001b[20;23Hb7e623 6c\u001b[20;33H92aef libfuzzer_coverage\u001b[20;60H fuzz.\u001b[20;68Hxe Coverage:28 Inputs:13 Setup:1\u001b[20;116H \u001b[20;119Hbuntu 23h48m"] [42.71047, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H8"] [43.960634, "o", "\u001b[2;9H9"] [45.217632, "o", "\u001b[2;8H10\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[19;129H7\u001b[20;129H7"] [46.47457, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H2"] [47.731243, "o", "\u001b[2;9H3\u001b[37m\u001b[6;46H5\u001b[6;54H5\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[10;6H7\u001b[10;8H13\u001b[30m\u001b[47m\u001b[14;19HJob \u001b[14;28HTask \u001b[14;37HType \u001b[14;60HName \u001b[14;69HFiles \u001b[14;116HPool \u001b[14;123HTime left \u001b[37m\u001b[40m\u001b[15;8H13\u001b[15;11Hrunning 9b0f7765 6321d0\u001b[15;35H4 libfuzzer_fuzz \u001b[15;60Hfuzz.ex\u001b[15;68H Inputs:1 Setup:1 \u001b[15;116Hub\u001b[15;119Hntu \u001b[16;19H9b0f7765 077ef033 libfuzzer_crash_report fuzz.ex\u001b[16;68H Setup:1 \u001b[16;116Hub\u001b[16;119Hntu \u001b[17;19H9b0f7765 e7a072\u001b[17;35H5 libfuzzer_coverage \u001b[17;60Hfuzz.ex\u001b[17;68H Inputs:1 Setup:1 \u001b[17;116Hub\u001b[17;119Hntu \u001b[18;19H97b\u001b[18;23He623 bd4f1bd3 libfuzzer_fuzz \u001b[18;60Hfuzz.ex\u001b[18;68H Crashes:20 Inputs:13 Setup:1 \u001b[18;116Hub\u001b[18;119Hntu 23h47m \u001b[19;19H97b\u001b[19;23He623 a755b4fd libfuzzer_crash_report fuzz.ex\u001b[19;68H Crashes:20 Reports:20 Setup:1 Unique Reports:8 ub\u001b[19;119Hntu 23h47m \u001b[20;19H97b\u001b[20;23He623 6c29\u001b[20;33Haef libfuzzer_coverage \u001b[20;60Hfuzz.ex\u001b[20;68H Coverage:28 Inputs:13 Setup:1 \u001b[20;116Hub\u001b[20;119Hntu 23h47m "] [48.984219, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H4\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[15;123H23h59m"] [50.233664, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H5\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[10;9H5\u001b[10;20H7b7e623\u001b[10;39Hpng:build-1 \u001b[10;57HCrashes:21\u001b[10;68HInputs:13\u001b[10;78HReports:20\u001b[10;89HUnique\u001b[10;96HReports:8\u001b[11;6H7\u001b[11;8H15\u001b[11;20Hb0f7765\u001b[11;39Hmy-target:build-1\u001b[11;65H1 Inputs:6 \u001b[11;78H \u001b[11;89H \u001b[11;96H \u001b[15;9H5\u001b[15;20H7b7e623\u001b[15;28Hbd4f1b\u001b[15;35H3\u001b[15;69HCrashes:21 In\u001b[15;83Huts:13\u001b[15;90HSetup:1\u001b[15;126H47\u001b[16;6H7\u001b[16;8H15\u001b[16;11Hrunn\u001b[16;20H7b7e623\u001b[16;28Ha\u001b[16;30H55b4fd\u001b[16;69HCrashes:21\u001b[16;80HReports:20\u001b[16;91HSetup:1\u001b[16;99HUnique\u001b[16;106HReports:8\u001b[16;123H23h47m\u001b[17;6H7\u001b[17;8H15\u001b[17;76H6\u001b[18;6H7\u001b[18;8H15\u001b[18;20Hb0f7765\u001b[18;28H6321d0\u001b[18;35H4\u001b[18;77H1 Inputs:6 Setup:1 \u001b[18;126H59\u001b[19;6H7\u001b[19;8H15\u001b[19;11Hwait\u001b[19;20Hb0f7765\u001b[19;28H0\u001b[19;30H7ef033\u001b[19;77H1 Setup:1 \u001b[19;91H \u001b[19;99H \u001b[19;106H \u001b[19;123H "] [51.490071, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H7"] [52.747432, "o", "\u001b[2;9H8"] [54.003661, "o", "\u001b[2;9H9\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[10;9H8\u001b[10;87H1\u001b[15;9H8\u001b[15;28Ha755b4fd\u001b[15;47Hcrash_report\u001b[15;80HRe\u001b[15;83Horts:21 Setup:1\u001b[15;99HUnique\u001b[15;106HReports:8\u001b[16;28Hbd4f1bd3\u001b[16;47Hfuzz \u001b[16;80HIn\u001b[16;83Huts:13 Setup:1 \u001b[16;99H \u001b[16;106H "] [55.257568, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;8H20"] [56.512493, "o", "\u001b[2;9H2"] [57.763478, "o", "\u001b[2;9H3\u001b(B\u001b[m\u001b(B\u001b[m\u001b[30m\u001b[47m\u001b[14;19H Job\u001b[14;28H Task\u001b[14;37H Type\u001b[14;60H Name\u001b[14;69H Files\u001b[14;116H Pool\u001b[14;123H Time left\u001b[37m\u001b[40m\u001b[15;8H22\u001b[15;11Hscheduled 9b0f7765 e7a07275 libfuzzer_cove\u001b[15;54Hage \u001b[15;60H fuzz.\u001b[15;68Hxe Inputs:6\u001b[15;80HS\u001b[15;82Htup:1 \u001b[15;91H \u001b[15;99H \u001b[15;106H \u001b[15;116H \u001b[15;119Hbuntu \u001b[16;8H22\u001b[16;11Hscheduled 9b0f7765 077ef033 libfuzzer_crash_report fuzz.\u001b[16;68Hxe Crashes:1 Setup\u001b[16;88H \u001b[16;90H \u001b[16;116H \u001b[16;119Hbuntu \u001b[17;9H8\u001b[17;11Hrunn\u001b[17;19H 97b\u001b[17;25He623 \u001b[17;31H755b4fd libfuzzer_crash_report fuzz.\u001b[17;68Hxe Cra\u001b[17;75Hhes:21 Reports:21\u001b[17;93HSetup:1\u001b[17;101HUnique\u001b[17;108HReports:8 \u001b[17;119Hbuntu\u001b[17;125H23h47m\u001b[18;19H 97b\u001b[18;25He623 bd4f1bd3 libfuzzer_fuzz\u001b[18;60H fuzz.\u001b[18;68Hxe Crashes:21 Inputs:13 Setup:1\u001b[18;116H \u001b[18;119Hbuntu 23h47m\u001b[19;11Hrunn\u001b[19;19H 9b0f7765 6321d0d4 libfuzzer_fuzz \u001b[19;60H fuzz.\u001b[19;68Hxe Crashes:1 In\u001b[19;84Huts:6\u001b[19;90HSetup:1\u001b[19;116H \u001b[19;119Hbuntu\u001b[19;125H23h59m\u001b[20;19H 9"] [57.763953, "o", "\u001b[20;23Hb7e623 6c\u001b[20;33H92aef libfuzzer_coverage\u001b[20;60H fuzz.\u001b[20;68Hxe Coverage:28 Inputs:13 Setup:1\u001b[20;116H \u001b[20;119Hbuntu 23h47m"] [59.018799, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H4"] [60.27634, "o", "\u001b[2;9H5\u001b[37m\u001b[6;46H6\u001b[6;54H3\u001b[6;56HReady:1\u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[15;9H5\u001b[15;11Hrunning \u001b[15;30H0\u001b[15;32H7ef033\u001b[15;50Hrash_r\u001b[15;57Hport\u001b[15;71HCrashes:1 Setup:1\u001b[15;125H23h59m\u001b[16;30He\u001b[16;32Ha07275\u001b[16;50Hoverag\u001b[16;57H \u001b[16;71HInputs:6 Setup:1 "] [61.531771, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;9H7"] [62.786964, "o", "\u001b[2;9H8"] [64.044668, "o", "\u001b[2;9H9\u001b[37m\u001b[6;46H7\u001b[6;56H \u001b(B\u001b[m\u001b(B\u001b[m\u001b[37m\u001b[40m\u001b[10;8H2\u001b[10;20Hb0f7765\u001b[10;39Hmy-target:build-1\u001b[10;65H1 Inputs:6 Reports:1 Unique R\u001b[10;95Hports:1 \u001b[11;9H8\u001b[11;20H7b7e623\u001b[11;39Hpng:build-1 \u001b[11;65H21 Inputs:13\u001b[11;78HReports:21\u001b[11;89HUnique\u001b[11;96HReports:8\u001b[30m\u001b[47m\u001b[14;19HJob \u001b[14;28HTask \u001b[14;37HType \u001b[14;60HName \u001b[14;69HFiles \u001b[14;116HPool \u001b[14;123HTime left \u001b[37m\u001b[40m\u001b[15;9H8\u001b[15;19H9b0f7765 077ef033 libfuzzer_crash_report fuzz.ex\u001b[15;68H Crashes:1 Reports\u001b[15;89HSetup:1\u001b[15;97HUnique\u001b[15;104HReports:1\u001b[15;116Hub\u001b[15;119Hntu 23h59m \u001b[16;9H8\u001b[16;11Hrunning 9b0f7765 e7a072\u001b[16;35H5 libfuzzer_coverage \u001b[16;60Hfuzz.ex\u001b[16;68H Inputs:6 Setup:1 \u001b[16;116Hub\u001b[16;119Hntu 23h59m\u001b[17;19H97b\u001b[17;23He623 a755b4fd libfuzzer_crash_report fuzz.ex\u001b[17;68H Crashes:21 Reports:21 Setup:1 Unique Reports:8 ub\u001b[17;119Hntu 23h47m \u001b[18;19H97b\u001b[18;23He623 bd4f1bd3 libfuzzer_fuzz \u001b[18;60Hfuzz.ex\u001b[18;68H Crashes:21 Inputs:13 Setup:1 \u001b[18;116Hub\u001b[18;119Hntu 23h47m \u001b[19;19H9b0f7765 6321d0\u001b[19;35H4 lib"] [64.0451, "o", "fuzzer_fuzz \u001b[19;60Hfuzz.ex\u001b[19;68H Crashes:1 Inputs:6 Setup:1 \u001b[19;116Hub\u001b[19;119Hntu 23h59m \u001b[20;19H97b\u001b[20;23He623 6c29\u001b[20;33Haef libfuzzer_coverage \u001b[20;60Hfuzz.ex\u001b[20;68H Coverage:28 Inputs:13 Setup:1 \u001b[20;116Hub\u001b[20;119Hntu 23h47m "] [65.291799, "o", "\u001b(B\u001b[m\u001b[1m\u001b[30m\u001b[40m\u001b[2;8H30"] [66.548584, "o", "\u001b[2;9H2"] [67.805555, "o", "\u001b[2;9H3"] [68.175559, "o", "\u001b[?1l\u001b>\u001b[?1000l\u001b[39;49m\u001b[44d\u001b[K\u001b[44;1H\u001b[?12l\u001b[?25h\u001b[?1049l\u001b[23;0;0t\r\u001b[?1l\u001b>"] [68.273611, "o", "$ "] [71.138842, "o", "onefuzz "] [71.139354, "o", "jobs con"] [71.139829, "o", "tainers list"] [72.012811, "o", " "] [72.740499, "o", "9"] [73.362476, "o", "b"] [73.641848, "o", "0"] [74.26816, "o", "\r\n"] [75.578752, "o", "{\r\n \"oft-unique-reports-14b8ea05ca635426bd9ccf3ee71b2e45\": [\r\n \"d2ff45d86062f82735a7637c7249b6d09450745d6d92da7085dd2233534a7484.json\"\r\n ]\r\n}\r\n"] [75.678752, "o", "$ "] [80.379505, "o", "onefuzz containers files get oft-unique-reports-14b8ea05ca635426bd9ccf3ee71b2e45 d2ff45d86062f82735a7637c7249b6d09450745d6d92da7085dd2233534a7484.json"] [80.627734, "o", " "] [81.065474, "o", "|"] [81.161622, "o", " "] [81.396816, "o", "j"] [81.505685, "o", "q"] [81.841999, "o", "\r\n"] [82.11295, "o", "\u001b[1;39m{\r\n \u001b[0m\u001b[34;1m\"input_sha256\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"a7392651c2f148dfe49e6f74f8f72b93742e4a3c3e1109233a9313d119ee7161\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"input_blob\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[1;39m{\r\n \u001b[0m\u001b[34;1m\"account\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"fuzzgqrosqd323lzw\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"container\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"oft-crashes-14b8ea05ca635426bd9ccf3ee71b2e45\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"name\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"crash-cbe07cd3ebaba15610ecd968c4e4a04c6643e534\"\u001b[0m\u001b[1;39m\r\n \u001b[1;39m}\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"executable\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"setup/fuzz.exe\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"crash_type\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"heap-use-after-free\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"crash_site\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"AddressSanitizer: heap-use-after-free /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:51 in LLVMFuzzerTestOneInput\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"call_stack\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[1;39m[\r\n \u001b[0;32m\"#0 0x54e24c in LLVMFuzzerTestOneInput /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:51\"\u001b[0m\u001b[1;3"] [82.113372, "o", "9m,\r\n \u001b[0;32m\"#1 0x458671 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x458671)\"\u001b[0m\u001b[1;39m,\r\n \u001b[0;32m\"#2 0x443de2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x443de2)\"\u001b[0m\u001b[1;39m,\r\n \u001b[0;32m\"#3 0x449896 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x449896)\"\u001b[0m\u001b[1;39m,\r\n \u001b[0;32m\"#4 0x472552 in main (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x472552)\"\u001b[0m\u001b[1;39m,\r\n \u001b[0;32m\"#5 0x7ffff6a9bb96 in __libc_start_main /build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310\"\u001b[0m\u001b[1;39m,\r\n \u001b[0;32m\"#6 0x41e4ad in _start (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x41e4ad)\"\u001b[0m\u001b[1;39m\r\n \u001b[1;39m]\u001b[0m\u001b[1;39m,\r\n"] [82.113665, "o", " \u001b[0m\u001b[34;1m\"call_stack_sha256\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"d2ff45d86062f82735a7637c7249b6d09450745d6d92da7085dd2233534a7484\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"asan_log\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"=================================================================\\n==6735==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020000000d0 at pc 0x00000054e24d bp 0x7fffffffe330 sp 0x7fffffffe328\\nWRITE of size 4 at 0x6020000000d0 thread T0\\n #0 0x54e24c in LLVMFuzzerTestOneInput /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:51\\n #1 0x458671 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x458671)\\n #2 0x443de2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x443de2)\\n #3 0x449896 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/onefuzz/blob-containers/oft-setup-f3de2c2d"] [82.114009, "o", "8fbf536c918a3cb647e92336/fuzz.exe+0x449896)\\n #4 0x472552 in main (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x472552)\\n #5 0x7ffff6a9bb96 in __libc_start_main /build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310\\n #6 0x41e4ad in _start (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x41e4ad)\\n\\n0x6020000000d0 is located 0 bytes inside of 4-byte region [0x6020000000d0,0x6020000000d4)\\nfreed by thread T0 here:\\n #0 0x51df5d in free (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x51df5d)\\n #1 0x54e204 in LLVMFuzzerTestOneInput /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:39\\n #2 0x458671 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x458671)\\n #3 0x443de2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb"] [82.114192, "o", "647e92336/fuzz.exe+0x443de2)\\n #4 0x449896 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x449896)\\n #5 0x472552 in main (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x472552)\\n #6 0x7ffff6a9bb96 in __libc_start_main /build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310\\n\\npreviously allocated by thread T0 here:\\n #0 0x51e1dd in malloc (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x51e1dd)\\n #1 0x54e1ee in LLVMFuzzerTestOneInput /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:18\\n #2 0x458671 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x458671)\\n #3 0x443de2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz"] [82.114383, "o", ".exe+0x443de2)\\n #4 0x449896 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x449896)\\n #5 0x472552 in main (/onefuzz/blob-containers/oft-setup-f3de2c2d8fbf536c918a3cb647e92336/fuzz.exe+0x472552)\\n #6 0x7ffff6a9bb96 in __libc_start_main /build/glibc-2ORdQG/glibc-2.27/csu/../csu/libc-start.c:310\\n\\nSUMMARY: AddressSanitizer: heap-use-after-free /home/bcaswell/projects/onefuzz/new-demo/fuzz.c:45:51 in LLVMFuzzerTestOneInput\\nShadow bytes around the buggy address:\\n 0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\\n 0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\\n 0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\\n 0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\\n 0x0c047fff8000: fa fa 00 00 fa fa 00 fa fa fa 00 fa fa fa 00 fa\\n=>0x0c047fff8010: fa fa 04 fa fa fa 04 fa fa fa[fd]fa fa fa fa fa\\n 0x0c047fff8020: fa fa fa fa "] [82.114669, "o", "fa fa fa fa fa fa fa fa fa fa fa fa\\n 0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\\n 0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\\n 0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\\n 0x0c047fff8060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\\nShadow byte legend (one shadow byte represents 8 application bytes):\\n Addressable: 00\\n Partially addressable: 01 02 03 04 05 06 07 \\n Heap left redzone: fa\\n Freed heap region: fd\\n Stack left redzone: f1\\n Stack mid redzone: f2\\n Stack right redzone: f3\\n Stack after return: f5\\n Stack use after scope: f8\\n Global redzone: f9\\n Global init order: f6\\n Poisoned by user: f7\\n Container overflow: fc\\n Array cookie: ac\\n Intra object redzone: bb\\n ASan internal: fe\\n Left alloca redzone: ca\\n Right alloca redzone: cb\\n Shadow gap: cc\\n==6735==ABORTING\\n\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1"] [82.11504, "o", "m\"task_id\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"077ef033-a7a3-4d0f-9b0d-e9f8aa517a03\"\u001b[0m\u001b[1;39m,\r\n \u001b[0m\u001b[34;1m\"job_id\"\u001b[0m\u001b[1;39m: \u001b[0m\u001b[0;32m\"9b0f7765-d9f2-4906-9e98-1678da9b929a\"\u001b[0m\u001b[1;39m\r\n\u001b[1;39m}\u001b[0m\r\n$ "] [82.11504, "o", "\r\n$ "] [84.11504, "o", "\r\n$ "]