Files
RedBear-OS/local/recipes/libs/glib/source/fuzzing/README.md
T
vasilito cee25393d8 fix: boot process improvements — dependency cycle, INIT_NOTIFY, probing loop, and log spam fixes
- Fix P15-8-init-cycle-detection.patch: replace visiting+error with seen+silent-skip
  to eliminate 11 false-positive 'dependency cycle detected' errors on shared deps
- Fix P0-daemon-fix-init-notify-unwrap.patch: remove eprintln! for missing
  INIT_NOTIFY (expected for oneshot_async services, ~7 daemons affected)
- Fix driver-manager hotplug loop: add PERMANENTLY_SKIPPED static set shared
  between hotplug handler and DriverConfig::probe() to stop infinite re-probing
  of Fatal/NotSupported/deferred-exhausted device+driver pairs (e.g. ided)
- Fix driver-manager log_timeline: suppress repeated EPIPE/ENOENT errors with
  AtomicI32 dedup and AtomicBool one-shot guards for boot timeline JSON
- Add driver-manager SIGTERM handler, ACPI bus registration, --status mode,
  driver reap loop, graceful shutdown, and reduced deferred retries (30→3)
2026-05-17 12:34:02 +03:00

52 lines
2.1 KiB
Markdown

Fuzz targets used by [oss-fuzz](https://github.com/google/oss-fuzz/).
Useful links: [Dashboard](https://oss-fuzz.com/) _(requires access)_, [Build logs](https://oss-fuzz-build-logs.storage.googleapis.com/index.html), [Coverage](https://oss-fuzz.com/coverage-report/job/libfuzzer_asan_glib/latest)
## How to add new targets
Add **fuzz_target_name.c** and edit `meson.build` accordingly.
New targets are picked up by oss-fuzz automatically within a day. Targets must not be renamed once added.
Add (optional) **fuzz_target_name.dict** containing keywords and magic bytes.
Add (optional) **fuzz_target_name.corpus** with file names on separate lines. Wildcards `?`, `*` and `**` are supported. Examples below.
```bash
glib/* # all files in directory glib
glib/** # all files in directory glib and sub-directories
**.xbel # all files ending with .xbel in the repository
```
Recommended reading: [Fuzz Target](https://llvm.org/docs/LibFuzzer.html#fuzz-target), [Dictionaries](https://llvm.org/docs/LibFuzzer.html#dictionaries), [Corpus](https://llvm.org/docs/LibFuzzer.html#corpus)
## How to reproduce oss-fuzz bugs locally
Build with at least the following flags, choosing a sanitizer as needed. A somewhat recent version of [clang](http://clang.llvm.org/) is recommended.
```bash
$ CC=clang CXX=clang++ meson DIR -Db_sanitize=<address|undefined> -Db_lundef=false
```
Afterwards run the affected target against the provided test case.
```bash
$ DIR/fuzzing/fuzz_target_name FILE
```
#### FAQs
###### What about Memory Sanitizer (MSAN)?
Correct MSAN instrumentation is [difficult to achieve](https://clang.llvm.org/docs/MemorySanitizer.html#handling-external-code) locally, so false positives are very likely to mask the actual bug.
If need be, [you can still reproduce](https://google.github.io/oss-fuzz/advanced-topics/reproducing/#building-using-docker) those bugs with the oss-fuzz provided docker images.
###### There are no file/function names in the stack trace.
`llvm-symbolizer` must be in `PATH`.
###### UndefinedBehavior Sanitizer (UBSAN) doesn't provide a stack trace.
Set environment variable `UBSAN_OPTIONS` to `print_stacktrace=1` prior to running the target.