search

rust-fuzz / honggfuzz-rs

Fuzz your Rust code with Google-developed Honggfuzz !
https://crates.io/crates/honggfuzz
Apache License 2.0
449 stars 40 forks source link

build fails on 2.1 with probably fixed issue in 2.2 #36

Closed Byter09 closed 4 years ago

Byter09 commented 4 years ago

The current version of honggfuzz-rs has a bug that was fixed in honggfuzz 2.2. It is now affecting our CI:

--- stderr
/usr/bin/ld: cannot find -llzma
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make: *** [honggfuzz] Error 1
thread 'main' panicked at 'assertion failed: status.success()', /builds/<redacted>/cargo/registry/src/github.com-1ecc6299db9ec823/honggfuzz-0.5.48/build.rs:46:5

Version 2.2 of honggfuzz mentions a "fixed linking with ld.lld" which would probably resolve this. I don't have much time to test it though, so an update is very much appreciated!

PaulGrandperrin commented 4 years ago

Looking at the order of commits at https://github.com/google/honggfuzz/commits/master it doesn't seem that new commits might help with your issue...

Are you 100% liblzma is correctly installed on your system? at what path is located liblzma.so What system are you using? Is this error new? Since which version?

I'll push a new release based on master, but I doubt it'll solve your issue.

PaulGrandperrin commented 4 years ago

FYI, honggfuzz-rs v0.5.48 is based on honggfuzz master branch 2 commits behind version 2.2.

Byter09 commented 4 years ago

I'll answer your questions in order: The system is a gitlab runner in docker. The underlying OS should not matter in this case. This error is indeed new. The previous builder using v0.5.47 worked flawlessly. No dependencies were touched. All we did was run the job for our builder image again which picked up Rust 1.43 and v0.5.48 while it was at it. Since this version.

I'm officially no longer at work and will check this again tomorrow. Thanks for taking the time though. If nothing more important comes up tomorrow I'll further investigate this.

Fun fact: I ran cargo hfuzz run <our-fuzz-target> locally to verify the CI result and it worked. So it has to be CI specific. Again, investigating tomorrow. The above was just the assumed fix to get our pipelines green asap. Thanks for your efforts in that regard!

EDIT: I forgot to answer the question about the location of liblzma.so: As explained above nothing else changed when the new image was built. So I assume it's at the exact same location as before.

Byter09 commented 4 years ago

Took the time to investigate again. Sorry I immediately bothered you with an issue, it was just unclear how this issue could come up after a basic builder update. Turns out someone changed our dependencies and forgot to add liblzma-dev to the required libraries to install.

Again, thanks for helping out so quickly and pointing me in the right direction.