Fuzz Tests Are Crashing at Start-up on ClusterFuzz · Issue #1905 · gitpython-developers/GitPython (original) (raw)
PR #1901 was successful in fixing the broken build but resurfaced another issue that is preventing the fuzzer from running.
The Problem
It appears that a Git executable is not available in the ClusterFuzz container environment where fuzz tests are executed, causing an error in the fuzz harnesses when GitPython attempts to initialize.
This issue has been previously seen and reported on the OSS-Fuzz issue tracker: google/oss-fuzz#10600
Relevant Portion of the ClusterFuzz Crash Logs from 2024-04-20
INFO: Instrumenting git.index.util INFO: Instrumenting git.remote INFO: Instrumenting git.repo.fun Traceback (most recent call last): File "git/init.py", line 296, in File "git/init.py", line 287, in refresh File "git/cmd.py", line 631, in refresh ImportError: Bad git executable. The git executable must be specified in one of the following ways: - be included in your $PATH - be set via $GIT_PYTHON_GIT_EXECUTABLE - explicitly set via git.refresh()
All git commands will error until this is rectified.
This initial message can be silenced or aggravated in the future by setting the $GIT_PYTHON_REFRESH environment variable. Use one of the following values: - quiet|q|silence|s|silent|none|n|0: for no message or exception - warn|w|warning|log|l|1: for a warning message (logging level CRITICAL, displayed by default) - error|e|exception|raise|r|2: for a raised exception
Example: export GIT_PYTHON_REFRESH=quiet
The above exception was the direct cause of the following exception:
Traceback (most recent call last): File "fuzz_config.py", line 26, in File "PyInstaller/loader/pyimod02_importers.py", line 419, in exec_module File "git/init.py", line 298, in ImportError: Failed to initialize: Bad git executable. The git executable must be specified in one of the following ways: - be included in your $PATH - be set via $GIT_PYTHON_GIT_EXECUTABLE - explicitly set via git.refresh()
All git commands will error until this is rectified.
This initial message can be silenced or aggravated in the future by setting the $GIT_PYTHON_REFRESH environment variable. Use one of the following values: - quiet|q|silence|s|silent|none|n|0: for no message or exception - warn|w|warning|log|l|1: for a warning message (logging level CRITICAL, displayed by default) - error|e|exception|raise|r|2: for a raised exception
Example: export GIT_PYTHON_REFRESH=quiet
[80625] Failed to execute script 'fuzz_config' due to unhandled exception! cf::fuzzing_strategies: fork:2,value_profile:1
Possible Solution
OSS-Fuzz uses Pyinstaller to bundle fuzz harnesses and their dependencies in the compile_python_fuzzers function called by build.sh. Arguments passed to compile_python_fuzzers after the fuzz harness are forwarded to Pyinstaller, which accepts an --add-binary flag to add arbitrary binaries to the bundle and are made available to the bundled program at runtime.
We should be able to:
Download a pre built Git binary from kernal.org in theNever mind, the downloadable archives are source, not builds.container-environment-bootstrap.shscript.- Bundle the
gitavailable in the OSS-Fuzz build container with the fuzz harness inbuild.sh - And use GitPython's
git.refresh(<full-path-to-git-executable>)method inside a Pyintaller runtime check to initialize GitPython with the bundled Git executable when running from the bundled application.
Next Steps
I'll test out the possible solution described above and open a PR if it works as expected.Done in Fix Fuzzer Crash in ClusterFuzz Due to Missing Git Executable #1906If it doesn't work, I'll document the outcome in this issue.