clusterfuzz
clusterfuzz copied to clipboard
google
Scalable fuzzing infrastructure.
It's user facing and should be as fast as possible. Probably the same should be done with any task requested from appengine since these are from users?
Not doing this very likely cost us a lot when TSAN became false positive machine
I think not doing this contributed to so many testcases being opened and wasting a lot of CPU. ``` [Environment] TSAN_OPTIONS=atexit_sleep_ms=200:external_symbolizer_path=/mnt/scratch0/clusterfuzz/resources/platform/linux/llvm-symbolizer:flush_memory_ms=2000:handle_abort=1:handle_segv=1:handle_sigbus=1:handle_sigfpe=1:handle_sigill=1:history_size=3:print_summary=1:print_suppressions=0:report_signal_unsafe=0:report_thread_leaks=0:stack_trace_format=DEFAULT:suppressions=/mnt/scratch0/clusterfuzz/src/appengine/config/suppressions/tsan_suppressions.txt:symbolize=1:symbolize_inline_frames=false:use_sigaltstack=1 [Command line] /mnt/scratch0/clusterfuzz/bot/builds/chromium-browser-tsan_linux-release_e1f0dbf462d779d5196ef318a224a998657a9c66/revisions/chrome --user-data-dir=/mnt/scratch0/tmp/user_profile_0 --js-flags="--expose-gc" --no-first-run --disable-gpu --no-sandbox --disable-in-process-stack-traces...
Maybe check for Fuzzer jobs if not too expensive (it's a lot cheaper than running a useless build). Or we could mark the job entity when creating the FuzzerJobs.
[Memory Tagging](https://googleprojectzero.blogspot.com/2023/11/first-handset-with-mte-on-market.html) has begun being used in Pixel 8s, and it's a good reminder that testing on other architectures is important. Clusterfuzz should support non-virtualised ARM fuzzing to allow for...
We will use a different approach Related: #3008
It has an interactive prompt that never resumes even when interacted with.