search

google / oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.
https://google.github.io/oss-fuzz
Apache License 2.0
10.12k stars 2.15k forks source link

Remove flags that may escalate warnings to errors #12116

Closed DonggeLiu closed 6 days ago

DonggeLiu commented 1 week ago

Some projects failed to compile because its compilation command escalates warnings into errors (e.g., bind9). This is particularly problematic for C projects because JCC assumes these errors are due to C/C++ compatibility issues and then compiles these projects with clang++, which causes different failures that LLM cannot fix (e.g., in bind9, the error is caused by other files using C symbols that are not available in C++).

This PR removes all flags that may cause this problem in all compilation commands. When tested locally, it fixed the compilation error in bind9 (with some manual fix on the fuzz target).

Here is the command that contains -Werror* and causes this problem in bind9:

clang -DHAVE_CONFIG_H -I. -I..  -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -DISC_MEM_DEFAULTFILL=1 -DISC_MEM_TRACKLINES=1 -DISC_LIST_CHECKINIT=1 -DISC_STATS_CHECKUNDERFLOW=1 -DDNS_RBTDB_STRONG_RWLOCK_CHECK=1 -DISC_MUTEX_ERROR_CHECK=1 -include ../config.h -I./include -I../include -I../lib/isc/include -I../lib/isc/include -I../lib/dns/include -I../lib/dns/include -I/usr/include/x86_64-linux-gnu  -DFUZZDIR=\"/src/bind9/fuzz\" -I../lib/dns -I../lib/isc -I../tests/include  -Wall -Wextra -Wwrite-strings -Wpointer-arith -Wno-missing-field-initializers -Wformat -Wshadow -Werror=implicit-function-declaration -Werror=missing-prototypes -Werror=format-security -Werror=parentheses -Werror=implicit -Werror=strict-prototypes -Werror=vla -fno-strict-aliasing -fno-delete-null-pointer-checks -fdiagnostics-show-option -Werror -Wno-vla -O1 -fno-omit-frame-pointer -gline-tables-only -Wno-error=enum-constexpr-conversion -Wno-error=incompatible-function-pointer-types -Wno-error=int-conversion -Wno-error=deprecated-declarations -Wno-error=implicit-function-declaration -Wno-error=implicit-int -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address -fsanitize-address-use-after-scope -fsanitize=fuzzer-no-link -I/usr/include/x86_64-linux-gnu -pthread -MT isc_lex_gettoken.o -MD -MP -MF $depbase.Tpo -c -o isc_lex_gettoken.o isc_lex_gettoken.c
DonggeLiu commented 1 week ago

/gcbrun

DonggeLiu commented 6 days ago

Need to experiment with this to see if the way Bazel detects compiler features is impacted

Thanks! I conducted an experiment with C projects last night, here is the result: https://llm-exp.oss-fuzz.com/Result-reports/scheduled/2024-06-26-weekly-all/

I will look into them today and pay extra attention to Bazel projects.