Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[wasmtime] Try fixing delivery of SIGILL/SIGSEGV to JIT #3335

Merged
merged 1 commit into from
Feb 5, 2020
Merged

[wasmtime] Try fixing delivery of SIGILL/SIGSEGV to JIT #3335

merged 1 commit into from
Feb 5, 2020

Conversation

alexcrichton
Copy link
Contributor

This is an attempt to apply the suggestions from #3316 to the fuzzing
infrastructure for the wasmtime target. This will hopefully allow the
delivery of SIGSEGV and SIGILL signals to the wasmtime program itself.
These are expected signals when executing wasm code so we don't want the
fuzzer to treat all forms of the signal as a fatal error.

Unfortunately I'm not entirely sure how to test this locally, using the reproduction workflow this doesn't seem to have any effect, but it looks like this *.options file may not be picked up during the reproduce workflow? I figure a shot in the dark could hopefully help here and I'm trusting @Dor1s as well :)

@alexcrichton
[wasmtime] Try fixing delivery of SIGILL/SIGSEGV to JIT
574692c 
This is an attempt to apply the suggestions from google#3316 to the fuzzing
infrastructure for the `wasmtime` target. This will hopefully allow the
delivery of SIGSEGV and SIGILL signals to the `wasmtime` program itself.
These are expected signals when executing wasm code so we don't want the
fuzzer to treat all forms of the signal as a fatal error.
@Dor1s
Copy link
Contributor

Dor1s commented Feb 5, 2020

Unfortunately I'm not entirely sure how to test this locally

yeah, sorry about that, this is pretty much an undocumented feature which exists but is used by <0.1% fuzz targets running on ClusterFuzz.

We would need to add support for .options file parsing in infra/base-images/base-runner/run_fuzzer.

There is a convenient way to parse it in Python https://github.com/google/clusterfuzz/blob/5e9b02204428cb1a81993d512844966d2bee0a80/src/python/bot/fuzzers/options.py#L96

but run_fuzzer is a bash script, so I guess we would need a small python script such as env_setup.py that would read a corresponding .options file (if exists) and set up the variables like:

  export ASAN_OPTIONS="$ASAN_OPTIONS:<whatever_parsed_in_the_options_file>"
  export MSAN_OPTIONS="$MSAN_OPTIONS:<whatever_parsed_in_the_options_file>"
  export UBSAN_OPTIONS="$UBSAN_OPTIONS:<whatever_parsed_in_the_options_file>"

but in Python :) That script would be called from run_fuzzer, and eventually run_fuzzer may be re-written into Python as well. If could upload a pull request with such script, that'd be appreciated :)

Dor1s
Dor1s approved these changes Feb 5, 2020
View reviewed changes
Copy link
Contributor

@Dor1s Dor1s left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change LGTM, waiting for Travis to finish

@alexcrichton
Copy link
Contributor Author

Aha that makes sense! And no worries, just wanted to provide a warning that this was somewhat untested, but if anything goes awry can always have a follow-up PR.

Thanks so much for your help with this!

@TravisBuddy
Copy link

Hey @alexcrichton,
Your changes look good to me!

View build log

TravisBuddy Request Identifier: d061e430-483e-11ea-adaa-75531245892f

@Dor1s Dor1s merged commit 94d0c3a into google:master Feb 5, 2020
alexcrichton added a commit to alexcrichton/oss-fuzz that referenced this pull request Feb 6, 2020
@alexcrichton
[wasmtime] Fix default asan options
b8adb0f 
This fixes typo mistakes from google#3335 where we actually want the opposite
of the current defaults, not the current set of defaults!
@alexcrichton alexcrichton mentioned this pull request Feb 6, 2020
Merged
@alexcrichton alexcrichton deleted the try-fix-signals branch February 6, 2020 18:03
inferno-chromium pushed a commit that referenced this pull request Feb 6, 2020
@alexcrichton
[wasmtime] Fix default asan options (#3350)
ec58a65 
This fixes typo mistakes from #3335 where we actually want the opposite
of the current defaults, not the current set of defaults!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Dor1s Dor1s Dor1s approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alexcrichton @Dor1s @TravisBuddy