Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

cmd/compile: bad line numbers when -d=libfuzzer is used #53688

Closed
nd opened this issue Jul 5, 2022 · 4 comments
Closed

cmd/compile: bad line numbers when -d=libfuzzer is used #53688

nd opened this issue Jul 5, 2022 · 4 comments
Assignees
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone

Comments

@nd
Copy link
Contributor

nd commented Jul 5, 2022

What version of Go are you using (go version)?

$ go version
go version go1.18.3 windows/amd64

Does this issue reproduce with the latest release?

yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
      0 [main] cc1 (16504) C:\msys64\usr\lib\gcc\x86_64-pc-msys\11.3.0\cc1.exe: *** fatal error - cygheap base mismatch detected - 0x18034B408/0x18034C408.               
This problem is probably due to using incompatible versions of the cygwin DLL.                                                                                            
Search for cygwin1.dll using the Windows Start->Find/Search facility                                                                                                      
and delete all but the most recent version.  The most recent version *should*                                                                                             
reside in x:\cygwin\bin, where 'x' is the drive on which you have                                                                                                         
installed the cygwin distribution.  Rebooting is also suggested if you                                                                                                    
are unable to find another cygwin DLL.                                                                                                                                    
      1 [main] cc1 (16456) C:\msys64\usr\lib\gcc\x86_64-pc-msys\11.3.0\cc1.exe: *** fatal error - cygheap base mismatch detected - 0x18034B408/0x18034C408.               
This problem is probably due to using incompatible versions of the cygwin DLL.                                                                                            
Search for cygwin1.dll using the Windows Start->Find/Search facility                                                                                                      
and delete all but the most recent version.  The most recent version *should*                                                                                             
reside in x:\cygwin\bin, where 'x' is the drive on which you have                                                                                                         
installed the cygwin distribution.  Rebooting is also suggested if you                                                                                                    
are unable to find another cygwin DLL.                                                                                                                                    
set GO111MODULE=                                                                                                                                                          
set GOARCH=amd64                                                                                                                                                          
set GOBIN=                                                                                                                                                                
set GOCACHE=C:\Users\nd\AppData\Local\go-build                                                                                                                            
set GOENV=C:\Users\nd\AppData\Roaming\go\env                                                                                                                              
set GOEXE=.exe                                                                                                                                                            
set GOEXPERIMENT=                                                                                                                                                         
set GOFLAGS=                                                                                                                                                              
set GOHOSTARCH=amd64                                                                                                                                                      
set GOHOSTOS=windows                                                                                                                                                      
set GOINSECURE=                                                                                                                                                           
set GOMODCACHE=C:\Users\nd\go\pkg\mod                                                                                                                                     
set GONOPROXY=                                                                                                                                                            
set GONOSUMDB=                                                                                                                                                            
set GOOS=windows                                                                                                                                                          
set GOPATH=C:\Users\nd\go                                                                                                                                                 
set GOPRIVATE=                                                                                                                                                            
set GOPROXY=https://proxy.golang.org,direct                                                                                                                               
set GOROOT=c:\Users\nd\go\go1.18.3                                                                                                                                        
set GOSUMDB=sum.golang.org                                                                                                                                                
set GOTMPDIR=                                                                                                                                                             
set GOTOOLDIR=c:\Users\nd\go\go1.18.3\pkg\tool\windows_amd64                                                                                                              
set GOVCS=                                                                                                                                                                
set GOVERSION=go1.18.3                                                                                                                                                    
set GCCGO=gccgo                                                                                                                                                           
set GOAMD64=v1                                                                                                                                                            
set AR=ar                                                                                                                                                                 
set CC=gcc                                                                                                                                                                
set CXX=g++                                                                                                                                                               
set CGO_ENABLED=1                                                                                                                                                         
set GOMOD=C:\Users\nd\w\go-projects\gofuzztutorial\go.mod                                                                                                                 
set GOWORK=                                                                                                                                                               
set CGO_CFLAGS=-g -O2                                                                                                                                                     
set CGO_CPPFLAGS=                                                                                                                                                         
set CGO_CXXFLAGS=-g -O2                                                                                                                                                   
set CGO_FFLAGS=-g -O2                                                                                                                                                     
set CGO_LDFLAGS=-g -O2                                                                                                                                                    
set PKG_CONFIG=pkg-config                                                                                                                                                 
set GOGCCFLAGS=-m64 -mthreads -fmessage-length=0 -fdebug-prefix-map=C:\Users\nd\AppData\Local\Temp\go-build3120891309=/tmp/go-build -gno-record-gcc-switches              

What did you do?

Went through go fuzz tutorial: go.mod, main.go, main_test.go. Compiled the test:

go.exe test -c -o test.exe -gcflags "all=-N -l -d=libfuzzer" gofuzztutorial

and ran it with delve:

C:\w\idea\build\dlv\dlv\windows\dlv.exe exec test.exe -- -test.v -test.paniconexit0 -test.fuzz ^\QFuzzReverse\E$ -test.fuzzcachedir C:\Users\nd\AppData\Local\Temp\GoLand\fuzz -test.run ^$

It looks like with libfuzzer enabled compiler produces wrong line numbers. E.g. if I run disass -l FuzzReverse in delve, I get:

        main_test.go:8  0xbfa8c0        4c8d642488                      lea r12, ptr [rsp-0x78]
        main_test.go:8  0xbfa8c5        4d3b6610                        cmp r12, qword ptr [r14+0x10]
        main_test.go:8  0xbfa8c9        0f867e020000                    jbe 0xbfab4d
        main_test.go:8  0xbfa8cf        4881ecf8000000                  sub rsp, 0xf8
        main_test.go:8  0xbfa8d6        4889ac24f0000000                mov qword ptr [rsp+0xf0], rbp
        main_test.go:8  0xbfa8de        488dac24f0000000                lea rbp, ptr [rsp+0xf0]
        main_test.go:8  0xbfa8e6        4889842400010000                mov qword ptr [rsp+0x100], rax
        main_test.go:19 0xbfa8ee        0fb60debe31b00                  movzx ecx, byte ptr [internal/fuzz._counters+5536]
        main_test.go:19 0xbfa8f5        ffc1                            inc ecx
        main_test.go:19 0xbfa8f7        880de3e31b00                    mov byte ptr [internal/fuzz._counters+5536], cl
        main_test.go:9  0xbfa8fd        440f11bc24c0000000              movups xmmword ptr [rsp+0xc0], xmm15
        main_test.go:9  0xbfa906        440f11bc24d0000000              movups xmmword ptr [rsp+0xd0], xmm15
        main_test.go:9  0xbfa90f        440f11bc24e0000000              movups xmmword ptr [rsp+0xe0], xmm15
        main_test.go:9  0xbfa918        488d8c24c0000000                lea rcx, ptr [rsp+0xc0]

Three instructions on main_test.go:19 seem to have a wrong line. Same in disass -l FuzzReverse.func1:

        main_test.go:13 0xbfa520        4c8da42478ffffff                lea r12, ptr [rsp+0xffffff78]
        main_test.go:13 0xbfa528        4d3b6610                        cmp r12, qword ptr [r14+0x10]
        main_test.go:13 0xbfa52c        0f8663030000                    jbe 0xbfa895
        main_test.go:13 0xbfa532        4881ec08010000                  sub rsp, 0x108
        main_test.go:13 0xbfa539        4889ac2400010000                mov qword ptr [rsp+0x100], rbp
        main_test.go:13 0xbfa541        488dac2400010000                lea rbp, ptr [rsp+0x100]
        main_test.go:13 0xbfa549        4889842410010000                mov qword ptr [rsp+0x110], rax
        main_test.go:13 0xbfa551        48899c2418010000                mov qword ptr [rsp+0x118], rbx
        main_test.go:13 0xbfa559        48898c2420010000                mov qword ptr [rsp+0x120], rcx
        main.go:19      0xbfa561        0fb60d72e71b00                  movzx ecx, byte ptr [internal/fuzz._counters+5530]
        main.go:19      0xbfa568        ffc1                            inc ecx
        main.go:19      0xbfa56a        880d6ae71b00                    mov byte ptr [internal/fuzz._counters+5530], cl
        main_test.go:14 0xbfa570        488b842418010000                mov rax, qword ptr [rsp+0x118]
        main_test.go:14 0xbfa578        488b9c2420010000                mov rbx, qword ptr [rsp+0x120]
        main_test.go:14 0xbfa580        e8bbfdffff                      call $gofuzztutorial.Reverse
        main_test.go:14 0xbfa585        4889842480000000                mov qword ptr [rsp+0x80], rax
        main_test.go:14 0xbfa58d        48899c2488000000                mov qword ptr [rsp+0x88], rbx
        main_test.go:15 0xbfa595        e8a6fdffff                      call $gofuzztutorial.Reverse
        main_test.go:15 0xbfa59a        4889842490000000                mov qword ptr [rsp+0x90], rax

Here also the file is main.go instead of main_test.go.

As a result delve doesn't stop on breakpoints inside the function passed to f.Fuzz.

@heschi heschi added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jul 6, 2022
@heschi heschi added this to the Backlog milestone Jul 6, 2022
@heschi
Copy link
Contributor

heschi commented Jul 6, 2022

@randall77 @griesemer

@randall77 randall77 self-assigned this Jul 8, 2022
@randall77 randall77 added the NeedsFix The path to resolution is known, but the work has not been done. label Jul 8, 2022
@gopherbot gopherbot removed the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jul 8, 2022
@randall77 randall77 modified the milestones: Backlog, Go1.19 Jul 8, 2022
@randall77
Copy link
Contributor

@kyakdan

I have a simple fix.

@gopherbot
Copy link

Change https://go.dev/cl/416654 mentions this issue: cmd/compile: fix libfuzzer instrumentation line number

@kyakdan
Copy link
Contributor

kyakdan commented Jul 11, 2022

@randall77 Great, Thanks!

jproberts pushed a commit to jproberts/go that referenced this issue Aug 10, 2022
Set a reasonable starting line number before processing the body of
the function in the order pass.

We update base.Pos each time we process a node, but some of the
libfuzzer instrumentation is added before we process any node, so the
base.Pos used is junk.

Fixes golang#53688

Change-Id: I3654b805eabb8866a9a1574845ef4ff062797319
Reviewed-on: https://go-review.googlesource.com/c/go/+/416654
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Keith Randall <khr@google.com>
Run-TryBot: Keith Randall <khr@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
@golang golang locked and limited conversation to collaborators Jul 11, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Development

No branches or pull requests

5 participants