google
[systemd] migrate systemd to Ubuntu 24.04
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).
View this failed invocation of the CLA check for more information.
For the most up to date status, view the checks section at the bottom of the pull request.
![google-cla[bot] avatar](https://avatars.githubusercontent.com/in/42202?v=4 "Published by a pub.dev verified publisher"){kind=small}
yuwata is either the primary contact or is in the CCs list of projects/systemd.
yuwata is a new contributor to projects/systemd. The PR must be approved by known contributors before it can be merged. The past contributors are: evverx, DonggeLiu, keszybz, bluca, cvediver, Dor1s
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
I experimented with Ubuntu 24.04 and ClusterFuzzLite in https://github.com/evverx/systemd/commit/c3b3d3257d940c018c6796fb07413c6e10a261a6 and given that it failed with
BAD BUILD: /tmp/not-out/tmptarym8hf/fuzz-varlink seems to have either startup crash or exit:
sysctl: setting key "vm.mmap_rnd_bits", ignoring: Read-only file system
/tmp/not-out/tmptarym8hf/fuzz-varlink -- -rss_limit_mb=2560 -timeout=25 -seed=1337 -runs=4 < /dev/null
/tmp/not-out/tmptarym8hf/fuzz-varlink: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.38' not found (required by /tmp/not-out/tmptarym8hf/fuzz-varlink)
/tmp/not-out/tmptarym8hf/fuzz-varlink: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.32' not found (required by /tmp/not-out/tmptarym8hf/fuzz-varlink)
in https://github.com/evverx/systemd/actions/runs/19235575333/job/54984473542 it seems ClusterFuzzLite and CIFuzz still come with the Ubuntu 20.04 base-runner and base_os_version doesn't affect that.
@hunsche is there any chance CIFuzz/ClusterFuzzLite can be adjusted too? Without that the upstream systemd CI (where CIFuzz is used) is going to fail probably as soon as this PR is merged.
FWIW if all else fails it should be possible to point the systemd CIFuzz action to a fork of the OSS-Fuzz repository where the Dockerfiles used by the action like https://github.com/google/oss-fuzz/blob/master/infra/run_fuzzers.Dockerfile are changed to use the ubuntu-24-04 images instead of base-runner https://github.com/google/oss-fuzz/blob/31df0781d931780746a63a1a6d7de4e9798dda5a/infra/cifuzz/cifuzz-base/Dockerfile#L17
It would be better if Ubuntu 24.04 was supported by CIFuzz/ClusterFuzzLite out of the box of course.
CIFuzz/CFLite should be addressed in https://github.com/google/oss-fuzz/pull/14350 as far as I understand.
https://github.com/google/oss-fuzz/pull/14382 was merged so Ubuntu 24.04 got a bit closer. It isn't exactly supported out of the box yet but I ran the CFLite action with duct tape and popsicle sticks. fuzz-lldp failed under MSan in https://github.com/evverx/systemd/actions/runs/19847307482/job/56867168383?pr=114 (I haven't looked at it closely. it can be a false positive)
==2375==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7f15f7b64cb8 in process_epoll /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4628:48
#1 0x7f15f7b64cb8 in sd_event_wait /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4722:21
#2 0x7f15f7b6985e in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4871:21
#3 0x56003d07563b in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/libsystemd-network/fuzz-lldp-rx.c:44:9
#4 0x56003d0a08dd in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#5 0x56003d09ff15 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:516:7
#6 0x56003d0a20b2 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile>>&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:834:7
#7 0x56003d0a23b8 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile>>&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:872:3
#8 0x56003d091505 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:917:6
#9 0x56003d0bc132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#10 0x7f15f70181c9 (/lib/x86_64-linux-gnu/libc.so.6+0x2a1c9) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
#11 0x7f15f701828a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2a28a) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
#12 0x56003cfe7bf4 in _start (build-out/fuzz-lldp-rx+0x40bf4)
DEDUP_TOKEN: process_epoll--sd_event_wait--sd_event_run
Uninitialized value was created by a heap allocation
#0 0x56003d016b1a in realloc /src/llvm-project/compiler-rt/lib/msan/msan_interceptors.cpp:1035:3
#1 0x7f15f78b1c0b in greedy_realloc /work/build/../../src/systemd/src/basic/alloc-util.c:65:13
#2 0x7f15f7b5f36c in process_epoll /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4589:14
#3 0x7f15f7b5f36c in sd_event_wait /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4722:21
#4 0x7f15f7b6985e in sd_event_run /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4871:21
#5 0x56003d07563b in LLVMFuzzerTestOneInput /work/build/../../src/systemd/src/libsystemd-network/fuzz-lldp-rx.c:44:9
#6 0x56003d0a08dd in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:619:13
#7 0x56003d09ff15 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:516:7
#8 0x56003d0a20b2 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile>>&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:834:7
#9 0x56003d0a23b8 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile>>&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:872:3
#10 0x56003d091505 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:917:6
#11 0x56003d0bc132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#12 0x7f15f70181c9 (/lib/x86_64-linux-gnu/libc.so.6+0x2a1c9) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
#13 0x7f15f701828a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2a28a) (BuildId: 274eec488d230825a136fa9c4d85370fed7a0a5e)
#14 0x56003cfe7bf4 in _start (build-out/fuzz-lldp-rx+0x40bf4)
DEDUP_TOKEN: __interceptor_realloc--greedy_realloc--process_epoll
SUMMARY: MemorySanitizer: use-of-uninitialized-value /work/build/../../src/systemd/src/libsystemd/sd-event/sd-event.c:4628:48 in process_epoll
Thanks. The failure should be false-positive. But we can workaround it. If the failure is consistent even after the CIFuzz can run without your 'duct tape', then let's workaround our source.
The failure is consistent and the duct type is reliable in that it isn't the first MSan issue I've seen today (https://github.com/avahi/avahi/issues/787). That one I tracked down though.
FWIW CIFuzz appears to work out of the box (at least in fluent-bit where ubuntu-24-04 is already used) it's green now https://github.com/fluent/fluent-bit/actions/workflows/pr-fuzz.yaml). It's CFLite that needs some tweaks but it should be addressed soon.