Dont consider it a crash when CF stops libFuzzer. #2471
Conversation
|
/gcbrun |
|
Thanks! I think you need to rebase to get the CI to pass. |
| @@ -300,7 +300,8 @@ def fuzz(self, target_path, options, reproducers_dir, max_time): | |||
| # If we exited with a non-zero return code with no crash file in output from | |||
| # libFuzzer, this is most likely a startup crash. Use an empty testcase to | |||
| # to store it as a crash. | |||
| if not crash_testcase_file_path and fuzz_result.return_code: | |||
| if (not crash_testcase_file_path and | |||
| fuzz_result.return_code not in constants.NONCRASH_RETURN_CODES): | |||
| crash_testcase_file_path = self._create_empty_testcase_file( | |||
There was a problem hiding this comment.
Let's also just change this to create file with less restrictive permissions. There's no reason to lock it down.
There was a problem hiding this comment.
Not sure I agree. I think there are security reasons not to do this.
|
Thanks! It would be great to get this PR merged. Without it CIFuzz always fails when |
LibFuzzer sometimes needs to be stopped on its own by CF. CF does this by sending libFuzzer a SIGTERM. Ordinarily, this causes libFuzzer to return 72. (see https://github.com/llvm/llvm-project/blob/1f161919065fbfa2b39b8f373553a64b89f826f8/compiler-rt/lib/fuzzer/FuzzerOptions.h#L25) Don't consider 72 to be a crashing return code.
jonathanmetzman
force-pushed
the
exit-code
branch
from
721dbe1 to
fbb12b0
Compare
|
/gcbrun |
Trying to do this today. |
|
/gcbrun |
|
@oliverchang Is the pip package updated automatically? How can I release a new version to include this change. |
We need to make a new release. I'll do it. |
LibFuzzer sometimes needs to be stopped on its own by CF. CF
does this by sending libFuzzer a SIGTERM. Ordinarily, this causes
libFuzzer to return 72.
(see https://github.com/llvm/llvm-project/blob/1f161919065fbfa2b39b8f373553a64b89f826f8/compiler-rt/lib/fuzzer/FuzzerOptions.h#L25)
Don't consider 72 to be a crashing return code.
Fixes: google/oss-fuzz#6557