[FFmpeg-devel] [OSS-Fuzz] Have you considered enabling memory sanitizer?
Kacper Michajlow
kasper93 at gmail.com
Thu Jun 27 03:50:54 EEST 2024
On Thu, 27 Jun 2024 at 00:45, Michael Niedermayer
<michael at niedermayer.cc> wrote:
>
> On Wed, Jun 26, 2024 at 09:07:42PM +0200, Kacper Michajlow wrote:
> > Hi,
> >
> > Like in the topic. I think it would be useful to enable MSAN on
> > OSS-Fuzz. We get some tiny issues and it would be probably good to
> > have them tracked upstream. All infra is here, so enabling it is as
> > simple as adding it to the project.yaml. Except libbz2.so and libz.so
> > would have to be built inline instead, looking at the build.sh, they
> > are prebuilt. The rest should just work (TM), but needs to be tested.
> > You can set an "experimental' flag to have it not create issues on
> > monorail, initially.
>
> I assumed ossfuzz would enable all sanitizers by default
They do not do that by default, because MSAN requires all dependencies
to be instrumented too. See
https://google.github.io/oss-fuzz/getting-started/new-project-guide/#sanitizers
Looking at build.sh for ffmpeg, it should be fine to enable it.
Obviously I have not tested everything, but I was running some tests
locally with MSAN and also tested it with mpv oss-fuzz builds where we
build ffmpeg too with MSAN.
- Kacper
More information about the ffmpeg-devel
mailing list