Non-halting cloud build instances

Question

Non-halting cloud build instances

Opened this issue 4 months ago · 1 comments

Some cloud-build instances run over 10 hours despite with a 30-minte fuzzing timeout:

It stuck on coverage measurement in step 14:

Starting Step #14
Step #14: Already have image (with digest): gcr.io/oss-fuzz-base/base-runner
Step #14: Running agent_fuzz

Answer 1 · 2024-05-17T01:48:29.000Z

This is not reproducible locally with OSS-Fuzz, here are the steps:

Patch the LLM-generated fuzz target to OSS-Fuzz:

diff --git a/projects/openssh/Dockerfile b/projects/openssh/Dockerfile
index e2cf25774..400d2fba7 100644
--- a/projects/openssh/Dockerfile
+++ b/projects/openssh/Dockerfile
@@ -21,3 +21,4 @@ RUN git clone --depth 1 https://github.com/openssh/openssh-portable openssh
 RUN git clone --depth 1 https://github.com/djmdjm/openssh-fuzz-cases
 WORKDIR openssh
 COPY build.sh $SRC/
+COPY target.cc /src/openssh/regress/misc/fuzz-harness/agent_fuzz.cc
diff --git a/projects/openssh/target.cc b/projects/openssh/target.cc
new file mode 100644
index 000000000..553dc0ec6

Where projects/openssh/target.cc is from:
https://llm-exp.oss-fuzz.com/Result-reports/scheduled/2024-05-16-weekly-all/sample/output-openssh-xxxmain/09#:~:text=fixed%20line.%0A%3Csolution%3E-,Code%20%231,-%60%60%60c%2B%2B%0A%23include%20%3Cfuzzer

Build and run fuzz target

python infra/helper.py build_image --pull openssh
python infra/helper.py build_fuzzers openssh
python infra/helper.py run_fuzzer --engine libfuzzer openssh agent_fuzz
python infra/helper.py build_fuzzers --sanitizer=coverage openssh
python infra/helper.py run_fuzzer --engine libfuzzer --sanitizer=coverage openssh agent_fuzz

Where python infra/helper.py run_fuzzer --engine libfuzzer openssh agent_fuzz produced a crash quickly and python infra/helper.py run_fuzzer --engine libfuzzer --sanitizer=coverage openssh agent_fuzz reproduced it.