foreign function getcwd not implemented

[saarshah]

I am doing analysis on one of my blockchain project using miri, but when I I run cargo miri test (on my project to be tested) with no errors (and also got zero test passed and zero test failed) .. but when i give cargo miri run command on my project (of blockchain) then miri gives me following error ..

error[E0080]: Miri evaluation error: miri does not support gathering system entropy in deterministic mode!
Use '-Zmiri-seed=' to enable random number generation.
WARNING: Miri does not generate cryptographically secure entropy -
do not use Miri to run any program that needs secure random number generation

Again when i run cargo miri run -- -Zmiri-seed=018308 it shows following error

error[E0080]: Miri evaluation error: can't call foreign function: getcwd
if !libc::getcwd(ptr, buf.capacity()).is_null() {
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Miri evaluation error: can't call foreign function: getcwd

[RalfJung]

Yeah, Miri currently does not support interacting with the current working directory.

when I I run cargo miri test (on my project to be tested) with no errors (and also got zero test passed and zero test failed)

So cargo test finds some tests to run but cargo miri test does not? Is that crate publicly available?

[saarshah]

Sorry for late response... again I found another above kind of error (can't call foreign function: open64) ``open64(path.as_ptr(), flags, opts.mode as c_int).

Still miri does not support of such kind projects.

BTW.. my project is publicly available here

[RalfJung]

That's a different bug. We also don't support accessing files.

Still miri does not support of such kind projects.

Indeed, Miri is currently only suited for pure Rust code that does not communicate with the outside world.

[saarshah]

" does not communicate with the outside world." What does its means, i think all codes (all crates, library, etc.) are written in rust.

So can you receommend me how to analyse (especially how to fuzz) such kind of big project... I have tried AFL, libFuzz, honggfuzz, etc. with some errors and success, but not sure whether we can properly fuzz such kind of large projects (written in rust) or not ??

[RalfJung]

" does not communicate with the outside world." What does its means, i think all codes (all crates, library, etc.) are written in rust.

It means no interaction with the OS: no file system, no network, no clock, and so on.

We want to support this eventually, it's just a lot of work.

So can you receommend me how to analyse (especially how to fuzz) such kind of big project... I have tried AFL, libFuzz, honggfuzz, etc. with some errors and success, but not sure whether we can properly fuzz such kind of large projects (written in rust) or not ??

I'm afraid I do not have a good overview over the Rust fuzzer ecosystem. You might try asking on the forum or reddit. @Shnatsel also knows more.

[Shnatsel]

Not sure what you mean by "properly fuzz", but if you're dealing with a large codebase I'd suggest the following:

1. Break it up into smaller parts and fuzz those individually if possible
2. If you have unsafe code in your crate, use address sanitizer when fuzzing. cargo-fuzz enables it by default, for AFL you need to explicitly enable it. If you have unsafe code in your dependencies, fuzz your dependencies individually.
3. If your problem is that you have a library with a lot of functions and you want to fuzz all of it, I have a proof-of-concept implementation of a program that automatically generates fuzzing harnesses: https://github.com/Eh2406/auto-fuzz-test All you need to do is implement quickcheck::Arbitrary trait for your types.

Keep in mind that fuzzing is not a perfect method of bug discovery - just like testing, it can prove presence of bugs but cannot prove their absence. If you want really high assurance in your code, like in smart contracts, you'd need something like https://github.com/viperproject/prusti-dev or https://github.com/facebookexperimental/MIRAI but those are experimental and are probably not complete enough for general usage.

[saarshah]

@RalfJung @Shnatsel thanks a lot for your kind guidance.. I will try them..

[RalfJung]

Closing in favor of the more general #923.