Re: Some fuzzer workarounds
Hi Evgeny, On Wed, Mar 23, 2022 at 04:15:42AM +0300, Evgeny Vereshchagin wrote: > > I think that is a good idea. I really believe all the issues reported > > by MSAN are bogus. > > They are but all those issues should be gone once > https://github.com/google/oss-fuzz/pull/7422 and > https://github.com/google/oss-fuzz/pull/7401 are merged. I ran the > fuzzers with those patches applied for a few hours and MSan didn't > complain. I'll flip the flag there a bit later today anyway and > maybe bring it back in a month or so if it isn't noisy. That makes sense. You do indeed have to "rebuild the world" for MSAN to work. I am slightly surprised it doesn't work with -D_FORTIFY_SOURCE (which we indeed try to enable by default). > > While the UBSAN and ASAN issues seem reasonable. At least I have a fix > > for the last one (45952 Misaligned-address in elf_cvt_gnuhash): > > https://sourceware.org/pipermail/elfutils-devel/2022q1/004782.html > > https://code.wildebeest.org/git/user/mjw/elfutils/commit/?h=fuzz > > I rebased it on top my "fuzzing" branch and the fuzzers, static analyzers, > the unit tests > on various architectures and so on confirmed that the issue is gone. Thanks! Thanks for testing. Pushed. Cheers, Mark
Issue 45706 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in process_file
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #2 on issue 45706 by ClusterFuzz-External: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in process_file https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45706#c2 ClusterFuzz testcase 5736328928559104 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_msan_elfutils&range=20220323:202203230602 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
Issue 45647 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in find_debuginfo_in_path
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #1 on issue 45647 by ClusterFuzz-External: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in find_debuginfo_in_path https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45647#c1 ClusterFuzz testcase 5859104961200128 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_msan_elfutils&range=20220323:202203230602 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
Issue 45676 in oss-fuzz: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in dwfl_report_module
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #1 on issue 45676 by ClusterFuzz-External: elfutils:fuzz-libdwfl: Use-of-uninitialized-value in dwfl_report_module https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45676#c1 ClusterFuzz testcase 6448716024774656 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_msan_elfutils&range=20220323:202203230602 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
Issue 43505 in oss-fuzz: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #5 on issue 43505 by ClusterFuzz-External: elfutils:fuzz-dwfl-core: Use-of-uninitialized-value in handle_file_note https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43505#c5 ClusterFuzz testcase 5344860645752832 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_msan_elfutils&range=20220323:202203230602 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
Issue 45952 in oss-fuzz: elfutils:fuzz-libdwfl: Misaligned-address in elf_cvt_gnuhash
Updates: Labels: ClusterFuzz-Verified Status: Verified Comment #1 on issue 45952 by ClusterFuzz-External: elfutils:fuzz-libdwfl: Misaligned-address in elf_cvt_gnuhash https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45952#c1 ClusterFuzz testcase 6331966935400448 is verified as fixed in https://oss-fuzz.com/revisions?job=libfuzzer_ubsan_elfutils&range=202203230602:202203231200 If this is incorrect, please file a bug on https://github.com/google/oss-fuzz/issues/new -- You received this message because: 1. You were specifically CC'd on the issue You may adjust your notification preferences at: https://bugs.chromium.org/hosting/settings Reply to this email to add a comment.
