oss-fuzz icon indicating copy to clipboard operation
oss-fuzz copied to clipboard
verified publisher icon google

Centipede not enabled by default on ClusterFuzz

Open kasper93 opened this issue 1 year ago • 6 comments

Hi,

According to the docs and this line, Centipede should be enabled by default. Yet, looking at the build logs, it is not built for projects that do not explicitly enable it.

I checked only a few projects, but let's consider the following examples:

bitcoin-core centipede is explicitly enabled. The latest build log contains:

Starting Step #12 - "compile-centipede-address-x86_64"
...
Starting Step #21 - "compile-centipede-none-x86_64"

abseil-cpp No fuzzing_engines defined and no centipede in the latest build log.

kasper93 avatar May 16 '24 22:05 kasper93

Ok, it is indeed not enabled in ClusterFuzz. So while in this oss-fuzz repo it is tested/build by default, it likely is not propagated to final runners.

https://github.com/google/clusterfuzz/blob/22e11083b540518248d512141c45c25c7f560f2e/src/clusterfuzz/_internal/cron/project_setup.py#L204

kasper93 avatar May 31 '24 13:05 kasper93

@DonggeLiu Could you please look into this.

jonathanmetzman avatar Jun 17 '24 21:06 jonathanmetzman

Thanks @kasper93, fixing it in #4040.

DonggeLiu avatar Jun 20 '24 01:06 DonggeLiu

Thanks.

kasper93 avatar Jun 21 '24 15:06 kasper93

Thanks.

I wouldn't say this is quite fixed yet. I need to deploy it, and it might be a while before the main ClusterFuzz branch is safe to deploy in OSS-Fuzz.

jonathanmetzman avatar Jun 21 '24 15:06 jonathanmetzman

Ah, make sense. Let's keep it open until then.

kasper93 avatar Jun 21 '24 16:06 kasper93