Skip to content

infra/helper: pass the right arguments to docker_run in reproduce_impl#14178

Merged
DavidKorczynski merged 2 commits intogoogle:masterfrom
trail-of-forks:fix-reproduce
Nov 25, 2025
Merged

infra/helper: pass the right arguments to docker_run in reproduce_impl#14178
DavidKorczynski merged 2 commits intogoogle:masterfrom
trail-of-forks:fix-reproduce

Conversation

@ret2libc
Copy link
Copy Markdown
Contributor

@ret2libc ret2libc commented Oct 22, 2025 

def docker_run(run_args, print_output=True, architecture='x86_64'):
  """Calls `docker run`."""

the argument of docker_run(that is run_function) is print_output and I don't think err_result had the same meaning.

Without this patch, using infra/helper.py reproduce does not produce any output because the docker stdout is not printed.

@ret2libc ret2libc mentioned this pull request Nov 3, 2025
Merged
@ret2libc
Copy link
Copy Markdown
Contributor Author

ret2libc commented Nov 10, 2025

Ping!

Is there anything I can do to ease the review of this PR?

@DavidKorczynski
Copy link
Copy Markdown
Collaborator

DavidKorczynski commented Nov 10, 2025

overall lgtm! Can you show a difference in output for context?

@ret2libc
Copy link
Copy Markdown
Contributor Author

ret2libc commented Nov 11, 2025

Without the patch:

python3 infra/helper.py reproduce libpng libpng_read_fuzzer $(pwd)/pov.bin
INFO:__main__:Running: docker run --privileged --shm-size=2g --platform linux/amd64 --rm -i -e HELPER=True -e -v /Users/ret2libc/projects/oss-fuzz/build/out/libpng:/out -v /Users/ret2libc/projects/oss-fuzz/pov.bin:/testcase -t gcr.io/oss-fuzz-base/base-runner:latest reproduce libpng_read_fuzzer -runs=100.

With the patch:

python3 infra/helper.py reproduce libpng libpng_read_fuzzer $(pwd)/pov.bin
INFO:__main__:Running: docker run --privileged --shm-size=2g --platform linux/amd64 --rm -i -e HELPER=True -e -v /Users/ret2libc/projects/oss-fuzz/build/out/libpng:/out -v /Users/ret2libc/projects/oss-fuzz/pov.bin:/testcase -t gcr.io/oss-fuzz-base/base-runner:manifest-arm64v8 reproduce libpng_read_fuzzer -runs=100.
+ FUZZER=libpng_read_fuzzer
+ shift
+ '[' '!' -v TESTCASE ']'
+ TESTCASE=/testcase
+ '[' '!' -f /testcase ']'
+ export RUN_FUZZER_MODE=interactive
+ RUN_FUZZER_MODE=interactive
+ export FUZZING_ENGINE=libfuzzer
+ FUZZING_ENGINE=libfuzzer
+ export SKIP_SEED_CORPUS=1
+ SKIP_SEED_CORPUS=1
+ run_fuzzer libpng_read_fuzzer -runs=100 /testcase
/out/libpng_read_fuzzer -rss_limit_mb=2560 -timeout=25 -runs=100 /testcase -dict=png.dict -timeout_exitcode=0 < /dev/null
Dictionary: 28 entries
INFO: Running with entropic power schedule (0xFF, 100).
INFO: Seed: 459535906
INFO: Loaded 1 modules   (5705 inline 8-bit counters): 5705 [0x6557f0, 0x656e39),
INFO: Loaded 1 PC tables (5705 PCs): 5705 [0x5f70b0,0x60d540),
/out/libpng_read_fuzzer: Running 1 inputs 100 time(s) each.
Running: /testcase
=================================================================
==17==ERROR: AddressSanitizer: dynamic-stack-buffer-overflow on address 0xffffe61c7f72 at pc 0x000000595d10 bp 0xffffe61c7ef0 sp 0xffffe61c7ee8
READ of size 2 at 0xffffe61c7f72 thread T0
SCARINESS: 29 (2-byte-read-dynamic-stack-buffer-overflow)
    #0 0x595d0c in OSS_FUZZ_png_handle_iCCP /src/libpng/pngrutil.c:1447:10
[...]

This is just a fake vulnerability. Without the PR reproduce is not producing any output.

@DavidKorczynski
Copy link
Copy Markdown
Collaborator

DavidKorczynski commented Nov 25, 2025

/gcbrun skip

DavidKorczynski
DavidKorczynski reviewed Nov 25, 2025
View reviewed changes
Copy link
Copy Markdown
Collaborator

@DavidKorczynski DavidKorczynski left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies for the delay here @ret2libc -- thanks for fixing this.

@DavidKorczynski
Copy link
Copy Markdown
Collaborator

DavidKorczynski commented Nov 25, 2025

Related: #14299

Both lgtm for what it's worth, and I still think we should have this change.

@DavidKorczynski DavidKorczynski merged commit 8c75bf0 into google:master Nov 25, 2025
20 checks passed
This was referenced Nov 25, 2025
Merged
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DavidKorczynski DavidKorczynski DavidKorczynski approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ret2libc @DavidKorczynski