New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
systemd: bad build #1330
Comments
This is a private shared library used by the fuzzers. It needs to be installed: # ldd /out/fuzz-unit-file|grep shared
libsystemd-shared-238.so => /out/src/shared/libsystemd-shared-238.so (0x00007f851b15e000) |
Thanks @keszybz for taking a look. Can you link that library statically? |
There is one more problem now:
|
Not easily. We used to link it statically into our binaries, but now we install ~200 binaries (including tests), so using a private share library gives significant space savings. It would be possible to add another compilation option and conditionalize |
|
(or in terms of the names of the actual files on disk, do not link libsystemd-shared-238.a into libcore.a). libsystemd_static is linked into libsystemd_shared, which in turn means that anything that links to libcore and libsystemd_shared will get libsystemd_static twice: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -lblkid -Wl,--end-group -lseccomp -lpam -L/lib64 -laudit -lkmod -lmount -lrt -lcap -lacl -lcryptsetup -lgcrypt -lip4tc -lip6tc -lseccomp -lselinux -lidn -llzma -llz4 -lblkid '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This propagation of the dependency seems correct (in the sense that meson is doing the expected thing based on the given configuration). Linking was done this way in the original meson conversion. I was probably trying to get everything to compile and link, I'm not sure why this particular choice was made. In the meantime, meson has gotten better at propagating dependencies, so it's possible that this had slightly different effect in the original conversion, but I did not verify this. Either way, I think we should drop this. With the patch: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -Wl,--end-group -lblkid -lrt -lseccomp -lpam -L/lib64 -laudit -lkmod -lselinux -lmount '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This is more correct because we're not linking the same code twice. With the patch, libystemd_static is used in exactly four places: - src/shared/libsystemd-shared-238.so - src/udev/libudev.so.1.6.10 - pam_systemd.so - test-bus-error (compared to a bunch more executables before, including systemd, systemd-analyze, test-hostname, test-ns, etc.) Size savings are also noticable: $ size /var/tmp/inst?/usr/lib/systemd/libsystemd-shared-238.so text data bss dec hex filename 2397826 578488 15920 2992234 2da86a /var/tmp/inst1/usr/lib/systemd/libsystemd-shared-238.so 2397826 578488 15920 2992234 2da86a /var/tmp/inst2/usr/lib/systemd/libsystemd-shared-238.so $ size /var/tmp/inst?/usr/lib/systemd/systemd text data bss dec hex filename 1858790 261688 9320 2129798 207f86 /var/tmp/inst1/usr/lib/systemd/systemd 1556358 258704 8072 1823134 1bd19e /var/tmp/inst2/usr/lib/systemd/systemd $ du -s /var/tmp/inst? 52216 /var/tmp/inst1 50844 /var/tmp/inst2 google/oss-fuzz#1330 (comment) might be related.
I was looking at our linking code and made (what I thought was) an unrelated PR: systemd/systemd#8813. But it seems like it could actually fix this odr-violation. Could you check if it makes a difference? |
(or in terms of the names of the actual files on disk, do not link libsystemd-shared-238.a into libcore.a). libsystemd_static is linked into libsystemd_shared, which in turn means that anything that links to libcore and libsystemd_shared will get libsystemd_static twice: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -lblkid -Wl,--end-group -lseccomp -lpam -L/lib64 -laudit -lkmod -lmount -lrt -lcap -lacl -lcryptsetup -lgcrypt -lip4tc -lip6tc -lseccomp -lselinux -lidn -llzma -llz4 -lblkid '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This propagation of the dependency seems correct (in the sense that meson is doing the expected thing based on the given configuration). Linking was done this way in the original meson conversion. I was probably trying to get everything to compile and link, I'm not sure why this particular choice was made. In the meantime, meson has gotten better at propagating dependencies, so it's possible that this had slightly different effect in the original conversion, but I did not verify this. Either way, I think we should drop this. With the patch: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -Wl,--end-group -lblkid -lrt -lseccomp -lpam -L/lib64 -laudit -lkmod -lselinux -lmount '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This is more correct because we're not linking the same code twice. With the patch, libystemd_static is used in exactly four places: - src/shared/libsystemd-shared-238.so - src/udev/libudev.so.1.6.10 - pam_systemd.so - test-bus-error (compared to a bunch more executables before, including systemd, systemd-analyze, test-hostname, test-ns, etc.) Size savings are also noticable: $ size /var/tmp/inst?/usr/lib/systemd/libsystemd-shared-238.so text data bss dec hex filename 2397826 578488 15920 2992234 2da86a /var/tmp/inst1/usr/lib/systemd/libsystemd-shared-238.so 2397826 578488 15920 2992234 2da86a /var/tmp/inst2/usr/lib/systemd/libsystemd-shared-238.so $ size /var/tmp/inst?/usr/lib/systemd/systemd text data bss dec hex filename 1858790 261688 9320 2129798 207f86 /var/tmp/inst1/usr/lib/systemd/systemd 1556358 258704 8072 1823134 1bd19e /var/tmp/inst2/usr/lib/systemd/systemd $ du -s /var/tmp/inst? 52216 /var/tmp/inst1 50844 /var/tmp/inst2 google/oss-fuzz#1330 (comment) might be related.
Thanks @keszybz ! I've just kick'ed off the rebuild. Will post an update later. |
Looks like the build still produces |
Ah, sorry, you meant another error. Yes, odr-violation seems to be fixed now, thanks! |
Ping, there is still an issue with the shared library. |
Yes, the build produces the static library. Like I wrote (#1330 (comment)), the library is there on purpose. Are you sure that the "bad build check" is working correctly? Maybe it's just confused by the fact that this is a shared library not an executable. (Would it help if we made the library |
Yes, |
Apparently oss-fuzz's "bad build check" is confused by the library. Let's make it non-executable, so the checker ignores it. Should fix google/oss-fuzz#1330.
I was trying to reproduce the issue with infra/helper.py build_image --pull systemd
infra/helper.py build_fuzzers --sanitizer address systemd
infra/helper.py check_build systemd and I got an error that seems to be different from the error mentioned in the description: Running: docker run --rm -i --privileged -e FUZZING_ENGINE=libfuzzer -e SANITIZER=address -v /home/vagrant/oss-fuzz/build/out/systemd:/out -t gcr.io/oss-fuzz-base/base-runner test_all
testing libsystemd-shared-238.so
/usr/local/bin/test_all: line 36: SKIP_TEST_TARGET_RUN: unbound variable
Check build failed. .
By the way, would it make sense to mention somewhere in the documentation that |
I think
and if you reply |
I use |
I see you use it for |
My bad. It seems that I should have run |
I've reproduced the issue and I can confirm that it is gone after I applied systemd/systemd#8927. I'm not sure why # Do not spawn more processes than the number of CPUs available.
n_child_proc=$(jobs -p | wc -l)
while [ "$n_child_proc" -eq "$NPROC" ]; do
sleep 4
n_child_proc=$(jobs -p | wc -l)
done , but it could probably be looked into later. I think it would be great to mention in https://github.com/google/oss-fuzz/blob/master/docs/reproducing.md#reproducing-oss-fuzz-issues that apart from |
Apparently oss-fuzz's "bad build check" is confused by the library. Let's make it non-executable, so the checker ignores it. Should fix google/oss-fuzz#1330.
pushing a new build, lets see if it succeeds. |
yay, green build. |
Thanks @evverx ! |
No problem. I figured out why diff --git a/infra/base-images/base-runner/test_all b/infra/base-images/base-runner/test_all
index 6a071c1..f5482d6 100755
--- a/infra/base-images/base-runner/test_all
+++ b/infra/base-images/base-runner/test_all
@@ -22,7 +22,7 @@ ALLOWED_BROKEN_TARGETS_PERCENTAGE=10
TOTAL_TARGETS_COUNT=0
# Number of CPUs available, this is needed for running tests in parallel.
-NPROC=$(nproc)
+NPROC=1
# Directories where bad build check results will be written to.
VALID_TARGETS_DIR="/tmp/valid_fuzz_targets" and can be fixed by using diff --git a/infra/base-images/base-runner/test_all b/infra/base-images/base-runner/test_all
index 6a071c1..c9b6f5e 100755
--- a/infra/base-images/base-runner/test_all
+++ b/infra/base-images/base-runner/test_all
@@ -57,10 +57,10 @@ for FUZZER_BINARY in $(find $OUT/ -executable -type f); do
TOTAL_TARGETS_COUNT=$[$TOTAL_TARGETS_COUNT+1]
# Do not spawn more processes than the number of CPUs available.
- n_child_proc=$(jobs -p | wc -l)
+ n_child_proc=$(jobs -rp | wc -l)
while [ "$n_child_proc" -eq "$NPROC" ]; do
sleep 4
- n_child_proc=$(jobs -p | wc -l)
+ n_child_proc=$(jobs -rp | wc -l)
done
done |
(or in terms of the names of the actual files on disk, do not link libsystemd-shared-238.a into libcore.a). libsystemd_static is linked into libsystemd_shared, which in turn means that anything that links to libcore and libsystemd_shared will get libsystemd_static twice: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -lblkid -Wl,--end-group -lseccomp -lpam -L/lib64 -laudit -lkmod -lmount -lrt -lcap -lacl -lcryptsetup -lgcrypt -lip4tc -lip6tc -lseccomp -lselinux -lidn -llzma -llz4 -lblkid '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This propagation of the dependency seems correct (in the sense that meson is doing the expected thing based on the given configuration). Linking was done this way in the original meson conversion. I was probably trying to get everything to compile and link, I'm not sure why this particular choice was made. In the meantime, meson has gotten better at propagating dependencies, so it's possible that this had slightly different effect in the original conversion, but I did not verify this. Either way, I think we should drop this. With the patch: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -Wl,--end-group -lblkid -lrt -lseccomp -lpam -L/lib64 -laudit -lkmod -lselinux -lmount '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This is more correct because we're not linking the same code twice. With the patch, libystemd_static is used in exactly four places: - src/shared/libsystemd-shared-238.so - src/udev/libudev.so.1.6.10 - pam_systemd.so - test-bus-error (compared to a bunch more executables before, including systemd, systemd-analyze, test-hostname, test-ns, etc.) Size savings are also noticable: $ size /var/tmp/inst?/usr/lib/systemd/libsystemd-shared-238.so text data bss dec hex filename 2397826 578488 15920 2992234 2da86a /var/tmp/inst1/usr/lib/systemd/libsystemd-shared-238.so 2397826 578488 15920 2992234 2da86a /var/tmp/inst2/usr/lib/systemd/libsystemd-shared-238.so $ size /var/tmp/inst?/usr/lib/systemd/systemd text data bss dec hex filename 1858790 261688 9320 2129798 207f86 /var/tmp/inst1/usr/lib/systemd/systemd 1556358 258704 8072 1823134 1bd19e /var/tmp/inst2/usr/lib/systemd/systemd $ du -s /var/tmp/inst? 52216 /var/tmp/inst1 50844 /var/tmp/inst2 google/oss-fuzz#1330 (comment) might be related.
(or in terms of the names of the actual files on disk, do not link libsystemd-shared-238.a into libcore.a). libsystemd_static is linked into libsystemd_shared, which in turn means that anything that links to libcore and libsystemd_shared will get libsystemd_static twice: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -lblkid -Wl,--end-group -lseccomp -lpam -L/lib64 -laudit -lkmod -lmount -lrt -lcap -lacl -lcryptsetup -lgcrypt -lip4tc -lip6tc -lseccomp -lselinux -lidn -llzma -llz4 -lblkid '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This propagation of the dependency seems correct (in the sense that meson is doing the expected thing based on the given configuration). Linking was done this way in the original meson conversion. I was probably trying to get everything to compile and link, I'm not sure why this particular choice was made. In the meantime, meson has gotten better at propagating dependencies, so it's possible that this had slightly different effect in the original conversion, but I did not verify this. Either way, I think we should drop this. With the patch: $ cc -o systemd 'systemd@exe/src_core_main.c.o' -Wl,--no-undefined -Wl,--as-needed -Wl,-z,relro -Wl,-z,now -pie -DVALGRIND -Wl,--start-group src/core/libcore.a src/shared/libsystemd-shared-238.so -pthread -lrt -lseccomp -lselinux -lmount -Wl,--end-group -lblkid -lrt -lseccomp -lpam -L/lib64 -laudit -lkmod -lselinux -lmount '-Wl,-rpath,$ORIGIN/src/shared' -Wl,-rpath-link,/home/zbyszek/src/systemd/build/src/shared This is more correct because we're not linking the same code twice. With the patch, libystemd_static is used in exactly four places: - src/shared/libsystemd-shared-238.so - src/udev/libudev.so.1.6.10 - pam_systemd.so - test-bus-error (compared to a bunch more executables before, including systemd, systemd-analyze, test-hostname, test-ns, etc.) Size savings are also noticable: $ size /var/tmp/inst?/usr/lib/systemd/libsystemd-shared-238.so text data bss dec hex filename 2397826 578488 15920 2992234 2da86a /var/tmp/inst1/usr/lib/systemd/libsystemd-shared-238.so 2397826 578488 15920 2992234 2da86a /var/tmp/inst2/usr/lib/systemd/libsystemd-shared-238.so $ size /var/tmp/inst?/usr/lib/systemd/systemd text data bss dec hex filename 1858790 261688 9320 2129798 207f86 /var/tmp/inst1/usr/lib/systemd/systemd 1556358 258704 8072 1823134 1bd19e /var/tmp/inst2/usr/lib/systemd/systemd $ du -s /var/tmp/inst? 52216 /var/tmp/inst1 50844 /var/tmp/inst2 google/oss-fuzz#1330 (comment) might be related.
…gestion in google#1330. (google#1404) * [docs] Add instructions on "pull_images" and "check_build" as per suggestion in google#1330. * Address review feedback * fix a typo
Has been detected after lading #838
https://oss-fuzz-build-logs.storage.googleapis.com/index.html
Not sure why we tried to perform the check for
/workspace/out/address/src/shared/libsystemd-shared-238.so
, does it have+x
access rights?The text was updated successfully, but these errors were encountered: