use SYS_PTRACE capability #212

caolanm · 2016-12-21T12:11:59Z

I'm finding that with e.g.

python infra/helper.py build_fuzzers libpng

all builds fail for me with...

configure:3443: checking whether we are cross compiling
configure:3451: clang -o conftest -g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters conftest.c >&5
configure:3455: $? = 0
configure:3462: ./conftest
==1014==LeakSanitizer has encountered a fatal error.
==1014==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1
==1014==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc)
configure:3466: $? = 1
configure:3473: error: in `/src/libpng':
configure:3475: error: cannot run C compiled programs.

with the defaults of...
CC=clang
CXX=clang++
CFLAGS=-g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters
CXXFLAGS=-g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters -stdlib=libc++

but adding --cap-add SYS_PTRACE makes it work

I'm finding that with e.g. python infra/helper.py build_fuzzers libpng all builds fail for me with... configure:3443: checking whether we are cross compiling configure:3451: clang -o conftest -g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters conftest.c >&5 configure:3455: $? = 0 configure:3462: ./conftest ==1014==LeakSanitizer has encountered a fatal error. ==1014==HINT: For debugging, try setting environment variable LSAN_OPTIONS=verbosity=1:log_threads=1 ==1014==HINT: LeakSanitizer does not work under ptrace (strace, gdb, etc) configure:3466: $? = 1 configure:3473: error: in `/src/libpng': configure:3475: error: cannot run C compiled programs. with the defaults of... CC=clang CXX=clang++ CFLAGS=-g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters CXXFLAGS=-g -fsanitize=address -fsanitize-coverage=edge,indirect-calls,8bit-counters -stdlib=libc++ but adding --cap-add SYS_PTRACE makes it work

inferno-chromium · 2016-12-21T14:36:04Z

This could be fixed by #211. And also i don't see it locally (maybe rooted docker). I will let @mikea to review this.

Dor1s · 2016-12-21T14:41:19Z

+1, doesn't reproduce on my machine.
@caolanm, does python infra/helper.py build_image libpng work fine for you?

caolanm · 2016-12-21T16:00:42Z

@Dor1s yes, build_image libpng works fine, failure is just on running the first thing built with -fsanitize (docker is being run by root)

Dor1s · 2016-12-21T16:06:17Z

Thanks for clarification, @caolanm. I think your PR is good, since we add --cap-add SYS_PTRACE in

oss-fuzz/infra/libfuzzer-pipeline.groovy

Line 42 in 274fb85

def dockerRunOptions = "--user $dockerUid --cap-add SYS_PTRACE"

, but let's wait for @mikea for the final judgement :)

Enables #11789

Similar to #212 but for local experiments.

Dor1s approved these changes Dec 21, 2016

View reviewed changes

mikea merged commit b57371a into google:master Dec 21, 2016

caolanm deleted the add_sys_ptrace branch December 21, 2016 21:16

DavidKorczynski pushed a commit that referenced this pull request Jul 9, 2024

Download jcc err.log (#212)

f62b887

Enables #11789

DavidKorczynski pushed a commit that referenced this pull request Jul 9, 2024

Retrieve jcc err.log in local experiments (#225)

c857bed

Similar to #212 but for local experiments.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

use SYS_PTRACE capability #212

use SYS_PTRACE capability #212

caolanm commented Dec 21, 2016

inferno-chromium commented Dec 21, 2016

Dor1s commented Dec 21, 2016

caolanm commented Dec 21, 2016

Dor1s commented Dec 21, 2016

use SYS_PTRACE capability #212

use SYS_PTRACE capability #212

Conversation

caolanm commented Dec 21, 2016

inferno-chromium commented Dec 21, 2016

Dor1s commented Dec 21, 2016

caolanm commented Dec 21, 2016

Dor1s commented Dec 21, 2016