Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: initialize syslog_fd in fuzz-journald-kmsg too #10793

Merged
merged 1 commit into from Nov 16, 2018
Merged

test: initialize syslog_fd in fuzz-journald-kmsg too #10793

merged 1 commit into from Nov 16, 2018

Conversation

evverx
Copy link
Member

@evverx evverx commented Nov 16, 2018

This is a follow-up to 8857fb9 that prevents the fuzzer from crashing with

==220==ERROR: AddressSanitizer: ABRT on unknown address 0x0000000000dc (pc 0x7ff4953c8428 bp 0x7ffcf66ec290 sp 0x7ffcf66ec128 T0)
SCARINESS: 10 (signal)
    #0 0x7ff4953c8427 in gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x35427)
    #1 0x7ff4953ca029 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x37029)
    #2 0x7ff49666503a in log_assert_failed_realm /work/build/../../src/systemd/src/basic/log.c:805:9
    #3 0x7ff496614ecf in safe_close /work/build/../../src/systemd/src/basic/fd-util.c:66:17
    #4 0x548806 in server_done /work/build/../../src/systemd/src/journal/journald-server.c:2064:9
    #5 0x5349fa in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-journald-kmsg.c:26:9
    #6 0x592755 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    #7 0x590627 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:480:3
    #8 0x594432 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:708:19
    #9 0x5973c6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:839:5
    #10 0x574541 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #11 0x5675fc in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #12 0x7ff4953b382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #13 0x420f58 in _start (/out/fuzz-journald-kmsg+0x420f58)

@keszybz @yuwata could you take a look?

@evverx
test: initialize syslog_fd in fuzz-journald-kmsg too
98c807f 
This is a follow-up to 8857fb9 that prevents the fuzzer from crashing with
```
==220==ERROR: AddressSanitizer: ABRT on unknown address 0x0000000000dc (pc 0x7ff4953c8428 bp 0x7ffcf66ec290 sp 0x7ffcf66ec128 T0)
SCARINESS: 10 (signal)
    #0 0x7ff4953c8427 in gsignal (/lib/x86_64-linux-gnu/libc.so.6+0x35427)
    #1 0x7ff4953ca029 in abort (/lib/x86_64-linux-gnu/libc.so.6+0x37029)
    #2 0x7ff49666503a in log_assert_failed_realm /work/build/../../src/systemd/src/basic/log.c:805:9
    #3 0x7ff496614ecf in safe_close /work/build/../../src/systemd/src/basic/fd-util.c:66:17
    #4 0x548806 in server_done /work/build/../../src/systemd/src/journal/journald-server.c:2064:9
    #5 0x5349fa in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/fuzz/fuzz-journald-kmsg.c:26:9
    #6 0x592755 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    #7 0x590627 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/libfuzzer/FuzzerLoop.cpp:480:3
    #8 0x594432 in fuzzer::Fuzzer::MutateAndTestOne() /src/libfuzzer/FuzzerLoop.cpp:708:19
    #9 0x5973c6 in fuzzer::Fuzzer::Loop(std::__1::vector<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >, fuzzer::fuzzer_allocator<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > > > const&) /src/libfuzzer/FuzzerLoop.cpp:839:5
    #10 0x574541 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:764:6
    #11 0x5675fc in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #12 0x7ff4953b382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #13 0x420f58 in _start (/out/fuzz-journald-kmsg+0x420f58)
```
@evverx evverx added tests priority Stuff that should enter master quickly, since it fixes a major bug, unbreaks CI or stalls other work labels Nov 16, 2018
@yuwata yuwata added the good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed label Nov 16, 2018
evverx added a commit to evverx/systemd that referenced this pull request Nov 16, 2018
@evverx
tests: run fuzzers four times in a row
40c7cc4 
This should help to catch issues that are easily detectable by
bad_build_check like the one being fixed inhttps://github.com/systemd/pull/10793,
which would totally break the build tomorrow if I hadn't run
`helper.py check_build` manually.
@evverx evverx mentioned this pull request Nov 16, 2018
Merged
evverx added a commit to evverx/systemd that referenced this pull request Nov 16, 2018
@evverx
tests: run fuzzers four times in a row
0a22268 
This should help to catch issues that are easily detectable by
bad_build_check like the one being fixed in systemd#10793,
which would totally break the build tomorrow if I hadn't run
`helper.py check_build` manually.
@poettering poettering merged commit cc55ac0 into systemd:master Nov 16, 2018
evverx added a commit to evverx/systemd that referenced this pull request Nov 16, 2018
@evverx
tests: run fuzzers four times in a row
4e0de26 
This should help to catch issues that are easily detectable by
bad_build_check like the one being fixed in systemd#10793,
which would totally break the build tomorrow if I hadn't run
`helper.py check_build` manually.
@evverx evverx deleted the dev-kmsg-fuzzer-followup branch November 16, 2018 11:52
yuwata pushed a commit that referenced this pull request Nov 16, 2018
@evverx @yuwata
tests: run fuzzers four times in a row (#10794)
a7891d2 
This should help to catch issues that are easily detectable by
bad_build_check like the one being fixed in #10793,
which would totally break the build tomorrow if I hadn't run
`helper.py check_build` manually.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
good-to-merge/waiting-for-ci 👍 PR is good to merge, but CI hasn't passed at time of review. Please merge if you see CI has passed priority Stuff that should enter master quickly, since it fixes a major bug, unbreaks CI or stalls other work tests
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@evverx @poettering @yuwata