New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[CIFuzz]: CIFuzz seems to be incompatible with forks #3731
Comments
I'll see what I can about this. |
CIFuzz isn't compatible with forks: google/oss-fuzz#3731
CIFuzz isn't compatible with forks: google/oss-fuzz#3731
As a stopgap I've just opened systemd/systemd#15842 where CIFuzz is skipped when the target repository isn't "systemd/systemd". Among other things I hope this should help people paying for GitHub actions not to waste the free minutes they have. |
Thanks, I'll probably document this in the meantime until CIFuzz works with forks. |
CIFuzz currently does not support fuzzing of forks. See google/oss-fuzz#3731. This changes the configuration so that it CIFuzz does not run on forks, i.e. does not run on PRs from forked repos. This change should be rolled back when the CIFuzz bug is fixed.
@evverx just checking, do we want it to work with forks?
So disabling it on forks should be OK right? Just confirming it works on PRs opened from forks right? It just fails if CIFuzz runs on commits to master and you are using a fork or open a PR on a fork right? |
This issue was originally reported to me by a fellow systemd contributor who works at a company where all PRs are reviewed internally by opening PRs against their private fork. Once they're approved there and it makes sense to bring the changes upstream they go through the usual workflow.
It should be OK. Though I think ideally it would be great if CIFuzz could be used to test forks that can be different from upstream projects a bit because of patches maintained locally.
That's correct.
It fails every time PRs are opened against forks regardless of whether CIFuzz runs on commits to master or not. |
ACK.
Right I expect this. My question wasn't clear but I meant if you work on a fork of systemd/systemd and then open a PR on systemd/systemd from that fork, that your PR (which is in the systemd/systemd repo) still works. |
Unfortunately CIFuzz isn't compatible with forks: google/oss-fuzz#3731 Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
I need to retest this at some point. I think it should be compatible with forks now. |
I've just opened a PR against my fork of systemd: evverx/systemd#4. CIFuzz didn't fail there but I'm not sure what exactly it built there:
|
It couldn't trigger a memory leak introduced in that PR so it seems CIFuzz just fell back to the main branch of the systemd repository. Below are some other logs that seem to be relevant:
|
Lol. Thanks for testing this for me. I think I can fix this somewhat easily. I can try next week but it's not a super high priority. |
hi, confusingly CI-Fuzz checks out the wrong PR on forks, I guess this is related to this bug report? If I open PR 1 on my fork, it instead builds PR 1 of the original repo. |
Run CIFuzz docker manually
I created https://github.com/evverx/elfutils where I test elfutils with gcc/clang, asan/ubsan, LGTM and Coverity. It would be great if it was possible to test patches with CIFuzz there as well. Judging by https://github.com/evverx/elfutils/actions/runs/1527662451, it just falls back to the official repository (which is hosted at https://sourceware.org/git/?p=elfutils.git;a=summary and where GitHub branches CIFuzz tries to checkout don't exist) ``` Stderr of command "git fetch origin refs/pull/2/merge" is: fatal: couldn't find remote ref refs/pull/2/merge Can not check out requested state refs/pull/2/merge. Using current repo state ``` It would be even better if instead of hardcoding "evverx/elfutils" I could pass `${{ github.repository }}` or something like that. More generally, this PR is an attempt to get around google#3731
= (1): Used Tabs instead of spaces and increased ABI_VERSION Ailin Nemui (149): fix irssi-version link Merge tag '1.0.8' into integrate/1.0.8 Merge tag '1.1.3' into integrate/1.1.3 Merge tag '1.2.1' into integrate/1.2.1 meson build support try test travis refactor glib install update gitignore for meson stuff modularise irc component fix small overflow carry rpath to working perl test build fixes when using install-glib and on openbsd fix crash when server got disconnected/reconnected before it was properly connected fix missing wrapping of line in signals up abi fix clang-format-xs option parser by using getopt keep up with github-actions changes fix clang-format-xs formatting whole file Make a copy of the signal arguments so we don't have to worry about the stack properly ignore empty lines and comments in servers and channels config error out on empty perlmodlib, for example non-existant vendor use cc.links in meson.build to fix regression of meson 0.56 fix clang-format-xs formatting whole file fix multiple identical active caps fix autotools build package the meson.build files Check Irssi compilation using github actions move clang-format-xs into utils put proper versions in PACKAGE_VERSION remove travis put proper versions in PACKAGE_VERSION correct wrong function prefixes: g_input -> i_input correct wrong function prefixes: g_istr -> i_istr correct wrong function prefixes: g_io_channel -> i_io_channel correct wrong function prefixes: g_hash_free_value -> i_hash_free_value correct wrong function prefixes: gslist -> i_slist correct wrong function prefixes: glog_func -> i_log_func correct wrong function prefixes: remove g_free_true up abi Abort Irssi on wrong entries in the channels or servers config undraft setname unfix breakage in python setuptools two more wrong prefixes configure automake with nostdinc update deprecated GLib symbol replace refstring macro implementation with C functions up abi raise glib version requirement to 2.32 for g_hash_table_contains update clang-format to clang-format-11, fixes enum bug better account tracking Track the account queries which are in progress purge whos from queue fix missing output maybe this matches the command now fix off by one queue the who command on join up abi skip parsing empty tags stop parsing on lone tag escape Revert "queue the who command on join" fix double free queue the who command on join add constants for WHOX queries fix level uninitialised fix assertion failure when the line does not have text (yet) Test CIFuzz offering fail redirects on freenode 263 printformats update clang-format to clang-format-11, fixes enum bug add format_string_expand to Perl add format_string_expand and format_string_unexpand methods to Perl remove unused include fix clang formatting don't bother if we don't have a nick do not beep on hidden lines with /set beep_msg_level ... -hidden autoload modules from default setting missing strdup on netsplits w/o chan fix crash on /connect /dev/null fix crash on /connect -tls add /IGNORE ... NOHILIGHT to ignore some hilights fix crash on tls error changes suggested by ahf fix reconnect to use tls settings actually use the tls settings on upgrade, and disconnect gracefully fix fe-fuzz verify tls connection use enum reorder code add nocap flag Merge tag '1.2.3' into integrate/1.2.3 up abi fuzz test Run clang-format slightly improve nocap detection downgrade meson in github actions fix build with meson 0.58.0 update default network can do /server add -matrix -network my_matrix_network add a limit to showing /NAMES on join fix use of wrong "equal" function in meta hash tables add a meta table to all lines fix wrong server_time in $line->get_meta move TEXT_BUFFER_META_REC -> LINE_INFO_META_REC store the hilight result in the meta table and apply it during the "gui render line text" signal up abi add LINE_INFO_META_REC to Perl add GString to Perl fix recursive crash in Perl scripts add "gui render line text" to signals.txt up abi Workaround for google/oss-fuzz#3731 add a log_server_time setting compat for glib 2.55 up abi use an internal build of openssl when fuzzer is enabled mess with server ports up abi remove duplicated servers on load only enable sasl plain when username and password are set fix reading of starttls = "no" in config fuzz server ssl init fix reading of old config ssl_verify key fuzz server ssl init do not unconditionally enable tls on /connect -! Revert "Merge pull request #19 from ailin-nemui/starttls-no" fix reading of starttls = "no" in config, attempt 2 Revert "Changed the support channel to LiberaChat." Revert "Applied the updated docs changes in line with the upcoming blog post." Revert "Irssi does not take a political stance." send channel sync requests "later" in the command queue do not chase during netsplit up abi actually remember the hilight -color add a PACKAGE_VERSION override for meson fix queue bug add a "server outgoing modify" signal to intercept outgoing messages branding update NEWS chghost news update NEWS tag as 1.3.0-pre8 tag as 1.3.1-an tag as 1.3.2-an revert branding remove install_rpath tag as 1.4.0-an revert branding tag as 1.4.1 tag as 1.4.2 Alex Shafer (1): Fix #1051 - Document Irssi::get_irssi_dir() Berker Peksag (3): Add missing NULL check in mask_match() Move NULL check for cert above pubkey Check return value of BIO_read() in set_pubkey_info() Claes Nästén (1): Use g_strndup, strndup is not available on old platforms Dan Collins (1): Fix hilight behavior for STATUSMSG David Gall (1): Syntax Issue Dennis Pentmeier (1): Changed to async-signal safe method as suggested by dequis Doug Freed (3): fe-text/mainwindows: fix /window balance warning NEWS: remove 2 lines that would be confusing Clean up remaining branding reverts Francis M (1): Fix minor typos in help text Frost (1): hilight.in: fix typo the->to Geert Hauwaerts (3): Irssi does not take a political stance. Applied the updated docs changes in line with the upcoming blog post. Changed the support channel to LiberaChat. Guntbert Reiter (1): Add documentation for escaping some characters Heikki Orsila (1): Implement a method to delete messages older than given time in scrollback history. Jacob V Rasmussen (1): Update ssl_* to tls_* in syntax. Jacob V. Rasmussen (1): Add tls_* options to manual Jari Matilainen (8): Update help with HIDDEN level Update ignore.in Update ignore.in Update ignore.in Update dcc-get.c Update fe-common-core.c Update fe-common-core.c Allow -tls_ca{file,path} '' to unset an argument Joseph Bisch (2): Properly free sasl_buffer GString Add missing g_string_free param Lauri Tirkkonen (1): use visible channel name in layout save Marius Gedminas (1): Clarify statusbar priorities Mathis Beer (1): Add aliases for ns, ms, os, cs shorthand commands supported by many servers to message services easily. Michael Hansen (5): Add better support for numeric 489 ERR_SECUREONLYCHAN along with a print format Increased IRSSI_ABI_VERSION to 29 make git-clang-format check happy disable clang-format check for a few sections of code from before format strictnes got tightened make clang-format happy about the code i added, instead of the code above it. Mike Quin (1): Improve clarity of nick in use message Misty De Meo (1): Add a check for term.h Nutchanon Wetchasit (1): Make colorless.theme de-color vertical window borders Pinguin1234 (1): Added option to quit in SIGHUP Rene Kita (1): Ignore files generated by ./autogen.sh Shivaram Lingamneni (1): fix #641 Will Storey (13): Fix indentation Recognise non-zero as error rather than only -1 Remove unused functions Link to Ninja site and use HTTPS for Meson site Remove unused function Mark unused function deprecated Fix indentation Do not copy TLS settings to reconnection record Fill more connection information in one spot Remove else since prior condition returns Remove resolve_reverse_lookup setting Keep unused parameter for API compatibility Bump ABI Zero King (2): Free g_strdup() allocated memory with g_free() Fix memory leaks ailin (2): fix perl module build on openbsd fix crash on /quit when unloading modules ailin-nemui (159): continue head do not stop autolog_ignore_targets from matching itemless targets add issue reference fix test on Big Endian 64bit, due to pointer size mismatch make utf8proc configurable fix missing AC_DEFINE Add Github Actions support code disable github workflows Use full paths to includes Use full paths to includes in fe-fuzz update include guard names Install pkg-config file fix reconnect of multiplexed proxy fix realpath on old solaris restore 8bit support in input entry copy sasl username and password values Use the 24bit mIRC colour mappings if colors_ansi_24bit is enabled fix code block NEWS formatting Show meson commands in README use correct libraries in travis Add Meson ver requirement to readme Explain Meson in INSTALL manually maintain irc loader do not use ?: to stay compatible with meson 0.49 fix cut off text with theme-indent and /set indent_always off fix build system debug config to include -fno-omit-frame-pointer fix glib version dependency make the $Z time overridable enable irc cap ls 302 use symbolic defines for capability strings increase disconnect buffer and get rid of some magic 510 values add a new "print noformat" signal to be emitted on printtext use extended-join capability fix cap queue order implement reference counted strings up abi request the setname capability show invites of other users when provided irc message tags support clarifying comment add missing signal_remove refactor quit message into a separate function sending of tag messages and customisable maximum irc message length use better number parsing more variables support cap away-notify move away message to fe-common/core add chghost capability support improve message wording use account-notify capability make a setting to disable account-notify fix autotools build fix wrong version fix crash in setname fix crashes when nick is missing up abi make extended account info visible and formattable Migrate push workflow to yaml delete old workflow file add various new message events to signals.txt revert the change to perl-common that would stop it from creating ghost chatnets fix crash on startup when resizing before active_win fix use after free receiving caps Merge tag '1.2.2' into integrate/1.2.2 fix warning in fe-fuzz/server-fuzz limit special-vars alignment memory to not exhaust fuzzer Add a new meson option : -Dstatic-dependency=yes to use static dependencies add some dummy objects to server-fuzz free params enable self-message support fix crash in join due to incorrect free add new meson build option -Dfuzzer-link-language=cpp for oss-fuzz silence glib log output during fuzzing on oss-fuzz update fuzzer flags fix the fix missing free add ignore check, emphasis and fix a memory leak bottom_startline lost? remove GTimeVal following glib 2.61.2 deprecation Update src/irc/core/lag.c refine zero width input test in empty line improve wording simplify logic Use github actions to test PRs update docs run syncscripts.sh fix /ignore ... MODES NO_ACT not working run git-clang-format hide the deprecated -ssl options from completion run clang-format as a pull request hook empty is also good try abipkgdiff remove some old compat code make lines reformattable implement expando cache manually handle NUL unicode in g_utf8_get_next_char_validated add perl code for textbuffer-formats enable mirc colour processing add setting to disable reformat up abi check xs format fix npe on no text from format_get_text_theme_charargs fix NULL assertion in format args add "print format" signal to perl Correct a wrong package for format_create_dest up abi also check XS abi make actlist_sort a choice type now that we have it disable setuid/setgid on android Add support for building in Termux-Android in meson make clang-format happy in keyboard.c fix extended bg colours properly restore the saved text dest make clang-format happy do not use localtime result after other functions update github actions/checkout to new branch Fix meson capsicum GLib < 2.56 compat code for g_date_time_new_from_iso8601 implement server-time use starttls Merge pull request #34 from ailin-nemui/no-maxline Merge pull request #35 from ailin-nemui/fixes Merge pull request #36 from ailin-nemui/missing-hilights Merge pull request #37 from ailin-nemui/int-min-reached Merge pull request #40 from ailin-nemui/gh-actions Merge pull request #39 from ailin-nemui/sync Merge pull request #41 from ailin-nemui/ports Merge pull request #43 from ailin-nemui/server-outgoing Merge pull request #44 from ailin-nemui/lag Merge pull request #48 from ailin-nemui/news Merge pull request #49 from ailin-nemui/dccmsgs Merge pull request #51 from ailin-nemui/help Merge pull request #52 from ailin-nemui/help Merge pull request #53 from ailin-nemui/keepops Merge pull request #54 from ailin-nemui/chantypes Merge pull request #56 from ailin-nemui/line-bookmark Merge pull request #45 from ailin-nemui/server-outgoing Merge pull request #59 from ailin-nemui/ilog-domain Merge pull request #50 from ailin-nemui/gliblog Merge pull request #57 from ailin-nemui/lr-skip-visible Merge pull request #58 from ailin-nemui/erase-cutbuffer Merge pull request #61 from ailin-nemui/actlist_separator Merge pull request #60 from ailin-nemui/paste Merge pull request #67 from ailin-nemui/spelling Merge pull request #68 from ailin-nemui/gint64fmt Merge pull request #70 from ailin-nemui/update-screenshot Merge pull request #72 from ailin-nemui/load-silent-doc Merge pull request #77 from ailin-nemui/fix_ignore_help Merge pull request #82 from ailin-nemui/progval-help Merge pull request #83 from ailin-nemui/shelp Merge pull request #76 from ailin-nemui/scroll_page_count Merge pull request #84 from ailin-nemui/ignore-leak Merge pull request #88 from ailin-nemui/arraycopy Merge pull request #1384 from ailin-nemui/meson-system-includes Merge pull request #1387 from ailin-nemui/textbufferview Merge pull request #1383 from ailin-nemui/pc-moduledir Merge pull request #1377 from ailin-nemui/meson Merge pull request #1388 from ailin-nemui/default-hash-chan Merge pull request #1398 from ailin-nemui/lastlog-crash aquanight (6): Prevent double calls of perl_script_unload Fix wrong way on unloaded checks Don't try to use the PERL_SIGNAL_REC after it could be freed Refactor to pure refcount for PERL_SCRIPT_REC Clean up commented out stuff and fix merge issues ABI version again dequis (2): meson.build: Remove unnecessary -Wall Fix some glib deprecation warnings ffrogman (1): Fix cursor getting stuck for auto completions that exclusively change the case of letters ihsinme (5): Update gui-entry.c Update gui-entry.c Update gui-entry.c Update write-buffer.c Update sasl.c jesopo (1): add IRC_CHATNET_REC->usermode to perl chatnet hashes nia (1): Fix build on operating systems with X/Open Curses, version 2 teschi (1): allow rawlog-buffer to shrink again after lowering "rawlog_lines" vague666 (23): Remove unused parameter to /ECHO Add setting to choose between window name and visible name in actlist add access to set hidden_level from perl cache bool value Bump ABI and add another perl api function Add special targets to help move caching to correct place :) Add -out parameter to /CAT Make MSGLEVEL_HIDDEN accessible from scripts Make it possible to list specific section with /set Search for word anywhere, not only from the beginning of string Improve server help Improve server help -time was missing in /ignore output and made it human-readable Make sure witem exists unignore_time can not be NULL, check for 0 instead change to strstr print to active window when -window is specified Make hilight priority work Optimize execution Add prio check to hilight_nick_cache also Initialize tmprec style format change v1.4.2 2022-07-17 The Irssi team <staff@irssi.org> * Add irssimoduledir to irssi-1.pc in the Meson build (#1383, #1378) - Use -isystem includes, limiting warnings to Irssi code. Fixes compilation with Perl 5.36 (#1381, gentoo#851522, #1384) - Fix missing lines when changing dynamic textbuffer contents (#1382, #1387). Reported by externalserver15 - Fix Perl cross compilation with Meson 0.60.0 (#1377) - Fix default channel prefix used for /JOIN to default to `#' (#1385, #1388) - Fix crash in /LASTLOG by getting line texts before printing (#1367, #1398) v1.4.1 2022-06-12 The Irssi team <staff@irssi.org> (NEWS truncated at 15 lines)
I would like to second that as unfortunate and unexpected. Please re-open this issue as a feature request. |
I'm not sure it was a feature request. I think it's a bug :-) If it's really necessary ClusterFuzzLite can be used to fuzz forks. That's what systemd does to test its stable branches maintained in a separate repository. |
I can see why you would say that. From a user's perspective I fully agree: it's a bug. Especially when it doesn't fail and just fuzzes the wrong code.
That's an interesting idea. |
I'll just leave links to #7479 and libjpeg-turbo/libjpeg-turbo@5c8cac9 here for future reference. |
I opened a PR against a fork and CIFuzz failed there with
I'm not sure what to do about it but given that GitHub Actions are turned on by default everywhere I'd say it should probably be skipped if the target repository is different from what CIFuzz expects. On Travis CI something like
[[ "$TRAVIS_REPO_SLUG" = "systemd/systemd" ]]
is used to protect the scripts from forks.The text was updated successfully, but these errors were encountered: