Hi Evgeny, On Wed, Mar 23, 2022 at 04:15:42AM +0300, Evgeny Vereshchagin wrote: > > I think that is a good idea. I really believe all the issues reported > > by MSAN are bogus. > > They are but all those issues should be gone once > https://github.com/google/oss-fuzz/pull/7422 and > https://github.com/google/oss-fuzz/pull/7401 are merged. I ran the > fuzzers with those patches applied for a few hours and MSan didn't > complain. I'll flip the flag there a bit later today anyway and > maybe bring it back in a month or so if it isn't noisy.
That makes sense. You do indeed have to "rebuild the world" for MSAN to work. I am slightly surprised it doesn't work with -D_FORTIFY_SOURCE (which we indeed try to enable by default). > > While the UBSAN and ASAN issues seem reasonable. At least I have a fix > > for the last one (45952 Misaligned-address in elf_cvt_gnuhash): > > https://sourceware.org/pipermail/elfutils-devel/2022q1/004782.html > > https://code.wildebeest.org/git/user/mjw/elfutils/commit/?h=fuzz > > I rebased it on top my "fuzzing" branch and the fuzzers, static analyzers, > the unit tests > on various architectures and so on confirmed that the issue is gone. Thanks! Thanks for testing. Pushed. Cheers, Mark
