[Envoy] Add project. #1130
[Envoy] Add project. #1130
Conversation
Following the steps at https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md. Signed-off-by: Harvey Tuch <[email protected]>
|
@jonathanmetzman - can you please help to review. |
There was a problem hiding this comment.
I have a few nits about Dockerfile, but more importantly something weird is going on with coverage when using ASan.
If I build a coverage build of the fuzzer I see coverage reported as 10148 but when I do an ASan build I see it reported as 34.
I don't know what is causing this but I will need to look into it further. It's hard to tell how the fuzzer's performance is affected by this since the target appears pretty simple.
projects/envoy/Dockerfile
Outdated
| RUN apt-get update && apt-get install -y software-properties-common python-software-properties | ||
| RUN add-apt-repository ppa:webupd8team/java | ||
| RUN apt-get update && apt-get -y install \ | ||
| vim \ |
There was a problem hiding this comment.
Do you actually need vim?
projects/envoy/Dockerfile
Outdated
| curl \ | ||
| autoconf \ | ||
| libtool | ||
| RUN apt-get -y install cmake wget golang |
There was a problem hiding this comment.
Nit: can you add these to the apt-get -y install command started on line 22 (like curl, autoconf , libtool etc.)?
projects/envoy/Dockerfile
Outdated
| MAINTAINER [email protected] | ||
|
|
||
| RUN apt-get update && apt-get install -y software-properties-common python-software-properties | ||
| RUN add-apt-repository ppa:webupd8team/java |
There was a problem hiding this comment.
I don't think this line is needed. openjdk-8-jdk isn't downloaded from there.
I think line 20 is only needed for line 21 so please remove that as well if you remove this line.
|
Yep, the Docker stuff is largely because we started with a copy+paste of On coverage, this is similar to my local experience, I was a bit confused about how I'm supposed to validate locally with pure ASAN and without LLVM coverage generation; see #1126 for the thread. Any assistance here appreciated, it's a bit mysterious to me still how we get coverage without instrumentation. |
|
I've built the asan version and it looks fine.
I am bit lost. Which part doesn't work after the fix for #1126 ? |
|
Interesting. works and produces good asan binary. But then running fails: could this be caused by #1125 (edited) ? |
|
Yes, undoing #1125 helps. The coverage build also looks sane. Yes, it shows crazy |
|
Running and a working top-level coverage page, but then Looks like the local coverage collection is busted (apparently, noone have been using it for a while). Anyway, this PR currently looks good to me (modulo comments about docker above). |
|
The problem with coverage may also be caused by the pesky "/proc/self/cwd/" which is created by bazel and thus be specific to this PR (and also affect grpc, but not others) |
Signed-off-by: Harvey Tuch <[email protected]>
|
OK, great. Thanks for the review feedback @jonathanmetzman and @kcc. I've addressed the |
|
Build is failing @htuch - can you please take a look. |
|
I suspect this is related to my comment #1130 (comment) above: |
This reverts commit d0fc020.
|
#1133; this was just a convenience for local use, let's drop if broken on build machines. |
* Revert "[Envoy] Add project. (#1130)" This reverts commit d0fc020. * Revert "Fix Skia compile (#1132)" This reverts commit 4bf9e7f. * Revert "Propose graphics magick for inclusion in OSS-Fuzz (#1131)" This reverts commit cb277cc. * Revert "[json-c] Add project (#1123)" This reverts commit 31b0046. * Revert "[infra] Update upload URL timeout to be the same as build timeout (#1112)" This reverts commit 9215296. * Revert "infra/helper: persist /root directory via bind mount. (#1125)" This reverts commit b77745a.
|
ubsan build fails (--sanitizer undefined): This is a common problem. We probably need to fix it eventually in the clang driver. |
|
@htuch - build is still failing, please take a look on Monday. we need to get a first working build, otherwise it raises a ton of exceptions on our infrastructure. |
|
@inferno-chromium is it failing on ASAN or UBSAN? I noticed that you've set the project.yaml to only ASAN now. I built with Beyond what I can see locally, are there any build debug artifacts you can point me at? |
|
@htuch - i looked at wrong log incorrectly, this seemed to be failure during coverage build (see https://oss-fuzz-build-logs.storage.googleapis.com/index.html), so i have reenabled ubsan now. Also, right now i can build coverage locally fine, so triggered another envoy build on builder, lets see if it succeeds. |
|
This looks like it's still failing. I think I understand the underlying issue. Our external dependencies are built outside of Bazel, and pick up on CFLAGS/CXXFLAGS. Our top-level build driver isn't smart enough right now to force a rebuild when they change. So, we do an ASAN build first, that's fine, then when we do UBSAN, we attempt to link a bunch of external deps built with the wrong flags. I will fix this in Envoy, it's a small change. Should be merged by later today or tomorrow. CC: @jmillikin-stripe |
|
@htuch - should we do bazel clean in build.sh ? |
|
As a temporary workaround, "bazel clean --expunge" would work, I think we
should fix this properly in Envoy though.
…On Mon, Feb 5, 2018 at 4:20 PM Abhishek Arya ***@***.***> wrote:
@htuch <https://github.com/htuch> - should we do bazel clean in build.sh ?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1130 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AKaLv6tb-mAXXorAXjBFVF6bZmlPhzYAks5tR3COgaJpZM4R2BXQ>
.
|
|
@htuch - ok upto you, we are fine to wait another day till this is fixed properly. |
This was a longstanding problem with external deps that manifested in google/oss-fuzz#1130. Signed-off-by: Harvey Tuch <[email protected]>
This was a longstanding problem with external deps that manifested in google/oss-fuzz#1130. Signed-off-by: Harvey Tuch <[email protected]>
|
@inferno-chromium can we kick off another run, now that envoyproxy/envoy#2534 has merged? |
|
@htuch - done and got first green build, yippee, build page should update in < 30 min, but i checked the results on builder. |
* [Envoy] Add project. Following the steps at https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md. Signed-off-by: Harvey Tuch <[email protected]> * Dockerfile review feedback. Signed-off-by: Harvey Tuch <[email protected]>
…e#1133) * Revert "[Envoy] Add project. (google#1130)" This reverts commit d0fc020. * Revert "Fix Skia compile (google#1132)" This reverts commit 4bf9e7f. * Revert "Propose graphics magick for inclusion in OSS-Fuzz (google#1131)" This reverts commit cb277cc. * Revert "[json-c] Add project (google#1123)" This reverts commit 31b0046. * Revert "[infra] Update upload URL timeout to be the same as build timeout (google#1112)" This reverts commit 9215296. * Revert "infra/helper: persist /root directory via bind mount. (google#1125)" This reverts commit b77745a.
Following the steps at
https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md.
Signed-off-by: Harvey Tuch [email protected]