* cilium: Update contact emails
This adds three Cilium maintainers and updates one maintainer's email
address to match the Google Account email. Previously an alternative
email was used, which did not give access to the ClusterFuzz dashboard.
* cilium: Add main_repo
Java native libraries should now be fuzzed correctly, but the current crash is still reported as flaky due to the multiple fixes required to make it work.
This commit should trigger a clean new finding.
* retry sequentially if multiprocessing do_bad_build_check detects failures
https://github.com/google/oss-fuzz/issues/5441
The error seen in the build log is:
Whoops, the target binary crashed suddenly, before receiving any input
from the fuzzer!
suggesting that the fuzzer crashed before it got to do anything.
Debugging locally what I tend to see is that
a) in src/afl-forkserver.c afl_fsrv_start the read_s32_timed call
returns 0 and that triggers kill(fsrv->fsrv_pid, fsrv->kill_signal);
(SIGKILL)
b) read_s32_timed returns 0 because *stop_soon_p is non-zero at
restart_read:
c) *stop_soon_p becomes non-zero in handle_stop_sig of
src/afl-fuzz-init.c due to receiving SIGINT
d) that SIGINT is sent by the timeout script used in bad_build_check so
it is that "outer" timeout process which is sending SIGINT which then
triggers afl-forkserver's internal SIGKILL to kill the process
I get improved results if I retry the killed off fuzzers sequentially
* Remove unneeded semicolons to fix presubmit
Co-authored-by: Abhishek Arya <inferno@chromium.org>
This makes it easier to build the fuzzer using a locally checked
out git repo without having to manually copy the fuzzer glue code
into the locally checked out git repo first.
- Eliminate unnecessary packages from Docker image (Autotools has not
been required since libjpeg-turbo 1.5.x.)
- Obtain seed corpora from a new Git repository maintained by The
libjpeg-turbo Project. (This new repo contains the old corpora from
https://lcamtuf.coredump.cx, with duplicates removed, and some new
corpora curated from historical libjpeg-turbo bug reports.)
- Remove build.sh. (The libjpeg-turbo Project is now maintaining its
own build script in order to facilitate the future creation of new
fuzz targets.)
- Remove fuzz target source code. (The libjpeg-turbo Project is now
maintaining its own fuzz targets with better code coverage.)
- Update the project home page in project.yaml.
- Change the project language to C in project.yaml. (The new fuzz
targets are written in pure C rather than C++, since libjpeg-turbo is
a C-only project.)
The JVM uses custom SIGSEGV handlers, which leads to fuzzer crashes on
ClusterFuzz when running with ASAN likely due to the
allow_user_segv_handler=1 default on the platform.
jonathanmetzman