Closed evverx closed 2 years ago
At this point CIFuzz doesn't seem to be running anything apart from that fuzz target so to really test PRs the fuzz targets have to be built and run manually.
I think due to this and broken coverage it would make sense to replace CIFuzz with CFLite. It runs all fuzz targets predictably at least
I think this is an interesting edge case. Basically, if we cant get coverage for a fuzz target, we treat it as affected. If no target is affected, we keep all targets (as you would desire). However, if one fuzz target is treated as affected because we can't get its coverage, then we delete all other targets. Fixing this will probably be ugly, unsure if it's worth the complexity.
I think due to this and broken coverage it would make sense to replace CIFuzz with CFLite. It runs all fuzz targets predictably at least
I plan on fixing the broken coverage. Maybe I'll get a chance today.
I agree it's a corner case but due to it I basically had to build and run the fuzzers manually for about a week because two new fuzz targets were introduced. Interestingly since due to those issues I kind of kept track of what's going on on CIFuzz I ran into another bug where timeouts were reported even though by default CIFuzz isn't supposed to report them. In that particular case it was helpful because it caught a bug in a fuzzer but generally I don't think -timeout 25
should be passed when REPORT_TIMEOUTS
is false. It was briefly discussed in https://github.com/google/oss-fuzz/pull/6711#issuecomment-955775337 as far as I can remember.
I don't think -timeout 25 should be passed when REPORT_TIMEOUTS is false
Given that the last four timeouts caught by CIFuzz/CFLite I've seen were actual bugs in systemd/elfutils I think I'll just set REPORT_TIMEOUTS to True to catch them explicitly. It has nothing to do with affected fuzz targets though :-)
systemd started running all fuzz targets unconditionally with keep-unaffected-fuzz-targets
so I think the issue can be closed (assuming it can't be fixed).
In https://github.com/systemd/systemd/runs/4974919673?check_suite_focus=true CIFuzz ran just one fuzz target even though all of them weren't affected (due to https://github.com/google/oss-fuzz/issues/7011). My guess would be that it happened because that particular fuzz target was added yesterday and it somehow affected CIFuzz so instead of something like
it decided to treat only that one fuzz target as affected