-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for LLVM 18 fuzzing #11626
Comments
Seeing this across all of the Rust projects I'm involved with:
|
Also happening with qcms. |
Also with httparse. |
I presume one way to fix this would be with #8108 in the infra |
Coverage builds are failing for the following Rust projects as well:
|
OK, I will do a roll this week or next depending on when my latest clusterfuzz work ends |
There is another failure from apache/opendal#4242 |
Sorry, I'm putting out some fires and will need to get back to this, later this week. |
ryu also seems to be failing for a similar reason: https://oss-fuzz-build-logs.storage.googleapis.com/log-acc3b39e-2aa0-4769-a499-4c224201e35e.txt |
@DavidKorczynski @AdamKorcz do you think this is something you'd be able to help with? I believe @jonathanmetzman made a start on this, but was blocked on various projects being broken with the upgrade. Alternatively, could we also pin Rust to an older version for now (https://github.com/google/oss-fuzz/blob/master/infra/base-images/base-builder/install_rust.sh)? |
If there are not too many projects affected, an alternative could be to temporarily pin them to the old docker image by hash. |
Proposed a fix here #11681 downgrading Rust which can be used until LLVM 18 upgrade lands. |
We've upgraded to a recent clang. @DavidKorczynski Should we undo your change. |
I'm not sure, from the perspective one of the things I did was pin Rust to a specific version:
Rust was the only language that wasn't pinned to a specific build, so I thought maybe this is something we'd like to keep moving forward? |
There is still the issue that a raw coverage profile generated from a current rust nightly is incompatible with the llvm version inside the oss-fuzz coverage image. Currently the rust pin is still needed for this reason. However, the pin can be moved, or re-moved, the next time llvm will be bumped again. However, that also requires un-pinning all projects, first. I can look into this, later this year. edit: Possibly related issue #11938 (I'll look into this as well at some point) |
OpenSK has the same problem, but recently, also our fuzzing workflow broke. Example failing run: |
According to https://oss-fuzz-build-logs.storage.googleapis.com/index.html#opensk the opensk build passed on May 17th. I don't see any changes on May 17th or 18th, that would cause the failure to happen, so this seems odd. |
OpenSK has an open coverage failure bug report since Feb 21st: I saw this issue and figured that the problem is likely central, and not related to OpenSK. Then on May 17th, the build failures started. There was no pull request on OpenSK around that time, so I assumed that the error might also be more general and not specific to OpenSK. |
Needed because of #11626 (comment) Co-authored-by: MarcoFalke <[email protected]>
Confirming this fixed the build problem: |
This commit updates the default version of Rust installed for fuzzing. In google#11626 it was found that at the time Rust's upgraded version of LLVM didn't play well with the LLVM used on OSS-Fuzz, but since then Rust was temporarily pinned in google#11681 to an older nightly. It looks like though that in google#11714 the LLVM version was upgraded to 18 so this updates Rust to today's nightly which is using LLVM 18.1.7. Discussion in google#11626 seems to point in the direction of keeping Rust pinned rather than going back to using `nightly` which updates each day. The motivation for this commit is that the Wasmtime project is seeing [build failures][log] for using APIs stabilized in Rust 1.77.0. The older nightly version used on OSS-Fuzz doesn't have access to these APIs, so this update should help resolve Wasmtime's build failure. [log]: https://oss-fuzz-build-logs.storage.googleapis.com/log-cc290775-8669-4cba-8370-60d5a56a9de8.txt
This commit updates the default version of Rust installed for fuzzing. In google#11626 it was found that at the time Rust's upgraded version of LLVM didn't play well with the LLVM used on OSS-Fuzz, but since then Rust was temporarily pinned in google#11681 to an older nightly. It looks like though that in google#11714 the LLVM version was upgraded to 18 so this updates Rust to today's nightly which is using LLVM 18.1.7. Discussion in google#11626 seems to point in the direction of keeping Rust pinned rather than going back to using `nightly` which updates each day. The motivation for this commit is that the Wasmtime project is seeing [build failures][log] for using APIs stabilized in Rust 1.77.0. The older nightly version used on OSS-Fuzz doesn't have access to these APIs, so this update should help resolve Wasmtime's build failure. [log]: https://oss-fuzz-build-logs.storage.googleapis.com/log-cc290775-8669-4cba-8370-60d5a56a9de8.txt
I've attempted to review the current status of this and other various related updates and I've submitted #12075 to update the pinned Rust nightly to today's nightly. That being said if there are still remaining blockers I'm not aware of I can try to help hunt those down or otherwise fix our build issues via other means. |
Did you see #11626 (comment)? I'd be surprised if the raw coverage profile version fixed itself in the meantime. I think the required steps are:
If your project requires current rust-nightly, I think the only workaround for now is to disable/break the coverage build for this project. |
I saw yeah but I haven't tried to reproduce and I wasn't sure how applicable that was. Given that both seem to be using LLVM 18 I was assuming it might be stale by this point. Is there a way to see the failure that happens locally? As for updating projects. I can grep for "2023-12-28" which has a number of hits and I can try to update those projects, but when you mentionto bump clang/llvm where is that? I thought it was oss-fuzz/infra/base-images/base-clang/checkout_build_install_llvm.sh Lines 52 to 53 in 7f91500
which already looked like llvm 18 |
Should be possible to reproduce in any rust project by bumping the nightly compiler for it and running the coverage build. For example:
As for the other questions, I've updated my previous comment. |
Running that coverage command I'm getting warnings that look like:
In the image it looks like I updated #12075 to remove all references to 2023-12-28 and have double-checked that all affected projects build with the new nightly version. There's only one project which uses base-builder-rust at a pinned sha256 which is cryptofuzz and I wasn't able to update that. The error didn't look related to Rust stuff, though, but I could very well be wrong. I'm currently testing out updating to LLVM 18.1.7 and ensuring the coverage bits still work |
Coverage will likely break for the pinned projects ( |
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.7 and coverage information breaks. This breakage is because LLVM 18.1.7 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.7 and coverage information breaks. This breakage is because LLVM 18.1.7 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.7 and coverage information breaks. This breakage is because LLVM 18.1.7 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
Late to the party, but what is the status here ? cc @maflcko cf #12077 (comment) In case it helps : I took a look into https://reviews.llvm.org/D138846 and made https://github.com/catenacyber/oss-fuzz/tree/profraw9 : |
So, the alternative to llvm update to match rust, would be to patch profraw_update.py but also create a new program that updates the compiled fuzz targets covmap section to remove this new bitmap information... TL;DR Updating llvm seems the right way to go By the way, I am not sure profraw_update.py is needed anymore for profraw version 5 (swift ? ) |
I haven't looked into
Agree. However, some legacy projects will have their coverage build broken by that. I am trying to fix them to work with llvm 18, but for some it is quite an effort, so help is appreciated. I fear for some projects it will be too hard and they will remain broken, but I am not sure what number of projects with broken coverage is acceptable. |
So updating profraw_update.py may help there |
See #12365 |
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
This is done in the interest of assisting google#12075 and google#11626. Currently the Rust toolchain cannot be updated because the latest nightly uses LLVM 18.1.8 and coverage information breaks. This breakage is because LLVM 18.1.8 records coverage information with version "9" but LLVM 18.0.0 recorded coverage information with version "8". This means that the recordings created by Rust binaries use version "9" which are unreadable by the processing that OSS-Fuzz does with the 18.0.0-based toolchain using version "8". This commit updates the Clang toolchain to the latest 18.x.x release to get the two in sync so the same coverage recording version is used.
I think this is fixed now and can be closed. At least it seems to be working for #12556 |
The Tokio build on oss-fuzz has started failing with the following output:
This error seems very similar to #6268, and the latest Rust release has the following in its changelog:
Let me know if the problem is on our end, or if there's anything I can do to help.
For more information, see the chromium bug for the build failure.
The text was updated successfully, but these errors were encountered: