From: Michael Niedermayer <michael@niedermayer.cc>
To: FFmpeg development discussions and patches <ffmpeg-devel@ffmpeg.org>
Subject: Re: [FFmpeg-devel] [OSS-Fuzz] Have you considered enabling memory sanitizer?
Date: Sun, 14 Jul 2024 21:55:41 +0200
Message-ID: <20240714195541.GE4991@pb2> (raw)
In-Reply-To: <CABPLASSdSS0T3AAkDK+8+0B-XuFwM88XzH8wpmBpUENhJ1nb7g@mail.gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 2652 bytes --]
On Sat, Jul 13, 2024 at 11:12:40PM +0200, Kacper Michajlow wrote:
> On Thu, 27 Jun 2024 at 02:50, Kacper Michajlow <kasper93@gmail.com> wrote:
> >
> > On Thu, 27 Jun 2024 at 00:45, Michael Niedermayer
> > <michael@niedermayer.cc> wrote:
> > >
> > > On Wed, Jun 26, 2024 at 09:07:42PM +0200, Kacper Michajlow wrote:
> > > > Hi,
> > > >
> > > > Like in the topic. I think it would be useful to enable MSAN on
> > > > OSS-Fuzz. We get some tiny issues and it would be probably good to
> > > > have them tracked upstream. All infra is here, so enabling it is as
> > > > simple as adding it to the project.yaml. Except libbz2.so and libz.so
> > > > would have to be built inline instead, looking at the build.sh, they
> > > > are prebuilt. The rest should just work (TM), but needs to be tested.
> > > > You can set an "experimental' flag to have it not create issues on
> > > > monorail, initially.
> > >
> > > I assumed ossfuzz would enable all sanitizers by default
> >
> > They do not do that by default, because MSAN requires all dependencies
> > to be instrumented too. See
> > https://google.github.io/oss-fuzz/getting-started/new-project-guide/#sanitizers
> >
> > Looking at build.sh for ffmpeg, it should be fine to enable it.
> > Obviously I have not tested everything, but I was running some tests
> > locally with MSAN and also tested it with mpv oss-fuzz builds where we
> > build ffmpeg too with MSAN.
> >
> > - Kacper
>
> I've sent a PR to enable MSAN and a few other build improvements.
> Please take a look https://github.com/google/oss-fuzz/pull/12211
>
> Also, would it be ok to add myself to auto_ccs for ffmpeg? Mostly to
> monitor what issues are reported upstream, as we get some reports in
> mpv fuzzing and I never know if I should report it upstream (ffmpeg)
> or it is already found by first-party fuzzing and I shouldn't make
> more noise.
you are welcome to submit bug reports, you are welcome to submit bug fixes
if you find issues in FFmpeg.
If someones work in FFmpeg or rather FFmpeg benefits from someone having
access to the reports, then (s)he should receive access. This seems not
to apply here
Also i expect the number of outstanding ossfuzz issues to decrease now
after the bulk of coverity issues has been dealt with
thx
[...]
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
The real ebay dictionary, page 1
"Used only once" - "Some unspecified defect prevented a second use"
"In good condition" - "Can be repaird by experienced expert"
"As is" - "You wouldnt want it even if you were payed for it, if you knew ..."
[-- Attachment #1.2: signature.asc --]
[-- Type: application/pgp-signature, Size: 195 bytes --]
[-- Attachment #2: Type: text/plain, Size: 251 bytes --]
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
next prev parent reply other threads:[~2024-07-14 19:55 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-26 19:07 Kacper Michajlow
2024-06-26 22:45 ` Michael Niedermayer
2024-06-27 0:50 ` Kacper Michajlow
2024-07-13 21:12 ` Kacper Michajlow
2024-07-14 19:55 ` Michael Niedermayer [this message]
2024-07-15 11:32 ` Kacper Michajlow
2024-07-16 12:14 ` Michael Niedermayer
2024-07-17 0:16 ` Kacper Michajlow
2024-07-17 9:54 ` Anton Khirnov
2024-07-17 12:22 ` Nicolas George
2024-07-17 12:26 ` Vittorio Giovara
2024-07-17 12:39 ` Nicolas George
2024-07-17 13:15 ` Vittorio Giovara
2024-07-15 12:36 ` Vittorio Giovara
2024-07-16 12:25 ` Michael Niedermayer
2024-07-16 13:18 ` Andrew Sayers
2024-07-16 18:52 ` Vittorio Giovara
2024-07-15 13:01 ` epirat07
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240714195541.GE4991@pb2 \
--to=michael@niedermayer.cc \
--cc=ffmpeg-devel@ffmpeg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git