Summary
Fuzzilli crashes with a fatal error when the Dumpling differential oracle encounters an unknown frame type.
The crash happens in parseFrameType because a new/unknown frame prefix appeared in the dump that is not handled in the switch.
Crash Details
Fuzzilli/Oracle.swift:184: Fatal error: Unknown frame type
💣 Program crashed: Illegal instruction at 0x00007ad78b2e2af8
Platform: x86_64 Linux (Ubuntu 22.04.5 LTS)
Thread 5 crashed:
0 _assertionFailure(_:_:file:line:flags:) + 264 in libswiftCore.so
1 parseFrameType #1 (_:) in static DiffOracle.parseDiffFrame(_:_:_:_:) + 292
at Sources/Fuzzilli/DumplingDiffOracle/Oracle.swift:184:17
182│ case "---D": .deoptTurbofan
183│ default:
184│ fatalError("Unknown frame type")
│ ▲
185│ }
... (full backtrace continues through parseFullFrames → relate → DiffExecution.diff → executeDifferentialIfNeeded)
Backtrace key points:
DiffOracle.parseDiffFrameDiffOracle.parseFullFramesDiffOracle.relate(optIn:with:)DiffExecution.diff(...)Fuzzer.executeDifferentialIfNeeded → Fuzzer.execute → Fuzzer.importProgram
Actual Behavior
Hard fatalError → immediate crash of the fuzzer process.
Commit ID
cbade79edaf1dae0c233890b7957f560008d2c63
Environment
- Proxmox PVE Ubuntu 22.04 VM
- 60 cores
- 64 GB Ram
- 150gb nvme
Command Used:
swift run -c release FuzzilliCli --profile=v8Dumpling --jobs=60 --storagePath=/home/saqib/Desktop/dump --swarmTesting --forDifferentialFuzzing /home/{$USER}/Desktop/v8/out/fuzzbuild/d8
Summary
Fuzzilli crashes with a fatal error when the Dumpling differential oracle encounters an unknown frame type.
The crash happens in
parseFrameTypebecause a new/unknown frame prefix appeared in the dump that is not handled in the switch.Crash Details
Backtrace key points:
DiffOracle.parseDiffFrameDiffOracle.parseFullFramesDiffOracle.relate(optIn:with:)DiffExecution.diff(...)Fuzzer.executeDifferentialIfNeeded→Fuzzer.execute→Fuzzer.importProgramActual Behavior
Hard
fatalError→ immediate crash of the fuzzer process.Commit ID
Environment
Command Used: