From: Thomas Huth <thuth@redhat.com>
To: Alexander Bulekov <alxndr@bu.edu>
Cc: "Alex Bennée" <alex.bennee@linaro.org>,
qemu-devel@nongnu.org,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>,
darren.kenny@oracle.com, bsd@redhat.com, stefanha@redhat.com,
pbonzini@redhat.com, philmd@redhat.com
Subject: Re: [PATCH] gitlab-ci.yml: Add oss-fuzz build tests
Date: Fri, 17 Jul 2020 17:39:05 +0200 [thread overview]
Message-ID: <e426d4cd-4e2a-de7a-80e3-b523384b37a9@redhat.com> (raw)
In-Reply-To: <20200717132007.bux2neofbktbl522@mozz.bu.edu>
On 17/07/2020 15.20, Alexander Bulekov wrote:
> On 200717 0951, Thomas Huth wrote:
>> On 17/07/2020 07.40, Thomas Huth wrote:
[...]
>> I think I've got it basically working like this:
>>
>> build-oss-fuzz:
>> <<: *native_build_job_definition
>> variables:
>> IMAGE: fedora
>> script:
>> - mkdir build-oss-fuzz
>> - CC="clang" CXX="clang++" CFLAGS="-fsanitize=address"
>> ./scripts/oss-fuzz/build.sh
>> - for fuzzer in $(find build-oss-fuzz/DEST_DIR/ -executable -type f
>> | grep -v slirp); do
>> grep "LLVMFuzzerTestOneInput" ${fuzzer} > /dev/null 2>&1 ||
>> continue ;
>> echo Testing ${fuzzer} ... ;
>> "${fuzzer}" -runs=1000 || exit 1 ;
>> done
>>
>> However, it still triggered a memory leak and thus the pipeline failed:
>>
>> https://gitlab.com/huth/qemu/-/jobs/643472695
>>
>> ... and this was with all the other "leak fix" patches already applied.
>> Is there an easy way to debug that issue? That information from the
>> LeakSanitizer looks pretty sparse...
>
> Strange... Especially since Philippe didn't get the same error. We
> should probably add -seed=1 after -runs=1000, to make sure the fuzzer is
> using the same rng seed. That said, I just ran the fuzzer for 50k
> iterations, and still could not reproduce the leak...
>
> This environment variable should fix the partial stacktrace, so we don't
> have to guess next time:
> ASAN_OPTIONS="fast_unwind_on_malloc=0"
Thanks, that did the trick:
https://gitlab.com/huth/qemu/-/jobs/644354706#L3616
... that also explains why I haven't seen it in my other tests where I
am using the --fuzz-target parameter : The leak only happens if the
fuzz-target is encoded in the program name - looks like we have to free
the memory returned by g_path_get_dirname() there...
Thomas
next prev parent reply other threads:[~2020-07-17 15:40 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-16 16:33 [PATCH] gitlab-ci.yml: Add oss-fuzz build tests Alexander Bulekov
2020-07-17 5:40 ` Thomas Huth
2020-07-17 7:51 ` Thomas Huth
2020-07-17 13:20 ` Alexander Bulekov
2020-07-17 15:39 ` Thomas Huth [this message]
2020-07-17 8:30 ` Alex Bennée
2020-07-17 13:03 ` Alexander Bulekov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e426d4cd-4e2a-de7a-80e3-b523384b37a9@redhat.com \
--to=thuth@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=alxndr@bu.edu \
--cc=bsd@redhat.com \
--cc=darren.kenny@oracle.com \
--cc=pbonzini@redhat.com \
--cc=philmd@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=wainersm@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).