From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from forward501j.mail.yandex.net (forward501j.mail.yandex.net [IPv6:2a02:6b8:0:801:2::111]) by sourceware.org (Postfix) with ESMTPS id ED5BD3858401 for ; Wed, 23 Mar 2022 01:15:45 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org ED5BD3858401 Received: from sas1-0e0150e31af0.qloud-c.yandex.net (sas1-0e0150e31af0.qloud-c.yandex.net [IPv6:2a02:6b8:c14:392a:0:640:e01:50e3]) by forward501j.mail.yandex.net (Yandex) with ESMTP id A2B22623709; Wed, 23 Mar 2022 04:15:43 +0300 (MSK) Received: from sas8-b61c542d7279.qloud-c.yandex.net (sas8-b61c542d7279.qloud-c.yandex.net [2a02:6b8:c1b:2912:0:640:b61c:542d]) by sas1-0e0150e31af0.qloud-c.yandex.net (mxback/Yandex) with ESMTP id DFjZaCUSnB-FhfiVP82; Wed, 23 Mar 2022 04:15:43 +0300 X-Yandex-Fwd: 2 Received: by sas8-b61c542d7279.qloud-c.yandex.net (smtp/Yandex) with ESMTPSA id BkckX8t38X-FgKmTsDe; Wed, 23 Mar 2022 04:15:42 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client certificate not present) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\)) Subject: Re: Some fuzzer workarounds From: Evgeny Vereshchagin In-Reply-To: Date: Wed, 23 Mar 2022 04:15:42 +0300 Cc: david korczynski , elfutils-devel@sourceware.org Content-Transfer-Encoding: quoted-printable Message-Id: <63B325E4-E8F8-4524-A53B-6AEFEA1A4513@ya.ru> References: <20220317133051.100876-1-mark@klomp.org> <741FAE40-F8E9-4DA7-A160-E30A76210AC8@ya.ru> <289F0554-4E5C-42F1-A3C9-773C828CA168@ya.ru> To: Mark Wielaard X-Mailer: Apple Mail (2.3445.104.21) X-Spam-Status: No, score=-3.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: elfutils-devel@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Elfutils-devel mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2022 01:15:48 -0000 Hi Mark, >> I can also prevent OSS-Fuzz from reporting new bugs found by MSan >> by setting the experimental flag >>=20 >> =46rom = https://google.github.io/oss-fuzz/getting-started/new-project-guide/#sanit= izers >>> If you want to test a particular sanitizer to see what crashes it = generates >>> without filing them in the issue tracker, you can set an = experimental flag >>=20 >> It should help to figure out whether it makes sense to keep it = without spamming the mailing list >> in the process. What do you think? >=20 > I think that is a good idea. I really believe all the issues reported > by MSAN are bogus. They are but all those issues should be gone once = https://github.com/google/oss-fuzz/pull/7422 and https://github.com/google/oss-fuzz/pull/7401 are merged. I ran the = fuzzers with those patches applied for a few hours and MSan didn't complain. I'll = flip the flag there a bit later today anyway and maybe bring it back in a month = or so if it isn't noisy. >=20 > While the UBSAN and ASAN issues seem reasonable. At least I have a fix > for the last one (45952 Misaligned-address in elf_cvt_gnuhash): > https://sourceware.org/pipermail/elfutils-devel/2022q1/004782.html > https://code.wildebeest.org/git/user/mjw/elfutils/commit/?h=3Dfuzz I rebased it on top my "fuzzing" branch and the fuzzers, static = analyzers, the unit tests on various architectures and so on confirmed that the issue is gone. = Thanks! Thanks, Evgeny Vereshchagin