ci/oss-fuzz: switch to Ubuntu 24.04#39371
Conversation
github-actions
bot
added
the
please-review
|
cc @evverx |
| jobs: | ||
| Fuzzing: | ||
| # FIXME: Figure out why 32-bit applications fail to run in docker on Ubuntu 24.04. | ||
| runs-on: ubuntu-22.04 |
There was a problem hiding this comment.
For the record it failed because of https://bugs.launchpad.net/ubuntu/+source/linux-signed-azure/+bug/2071445 and was addressed in actions/runner-images#9977
Those changes should make it possible to switch the base builder/runner images from Ubuntu 20.04 to Ubuntu 24.04 but they aren't ready yet unfortunately (the LLVM and rust toolchain haven't been updated there yet and things like that).
I think 32-bit systemd builds are going to be broken because of libcrypt once systemd switches to Ubuntu 24.04 on OSS-Fuzz.
There was a problem hiding this comment.
Just to clarify this PR makes sense of course. But under the hood CIFuzz/OSS-Fuzz still uses Ubuntu 20.04 to build/run the fuzz targets. To switch to Ubuntu 24.04 it should be necessary to change project.yaml and Dockerfile in the OSS-Fuzz repository but it hasn't been officially announced that it's supported yet. The images are already built though.
There was a problem hiding this comment.
Thank you for the references for the background of the removed comment!
I think 32-bit systemd builds are going to be broken because of libcrypt once systemd switches to Ubuntu 24.04 on OSS-Fuzz.
Are they still uses libcrypt instead of libxcrypt?
At least our CIs are green even on 32-bit.
Just to clarify this PR makes sense of course. But under the hood CIFuzz/OSS-Fuzz still uses Ubuntu 20.04 to build/run the fuzz targets. To switch to Ubuntu 24.04 it should be necessary to change
project.yamlandDockerfilein the OSS-Fuzz repository but it hasn't been officially announced that it's supported yet. The images are already built though.
OK. Let's bump the image for the CIs now, and update OSS-Fuzz repository later when they are ready.
There was a problem hiding this comment.
Are they still uses libcrypt instead of libxcrypt?
I haven't looked at that closely but given that 32-bit builds are just 64-bit builds in a trench coat (with -m32 and i386 packages) I'm guessing some i386 packages are missing and should be brought to the environment by the systemd build script or something like that.
There was a problem hiding this comment.
BTW, if you think this is ok to go, then please push the approval button.
There was a problem hiding this comment.
I do think it should be good to go (though I think the commit message should point to https://bugs.launchpad.net/ubuntu/+source/linux-signed-azure/+bug/2071445 and actions/runner-images#9977) but as far as I understand it should be approved by "at least one project maintainer who is not the author" so my approval doesn't make any difference here. Though in this case it can probably fall into trivial changes and can be merged without additional approvals.
There was a problem hiding this comment.
Updated the commit message.
but as far as I understand it should be approved by "at least one project maintainer who is not the author" so my approval doesn't make any difference here. Though in this case it can probably fall into trivial changes and can be merged without additional approvals.
Strictly speaking, we recently explicitly documented so. But, still approval from non-maintainer is meaningful and welcome, especially from the one who knows well about the change. E.g. in this case, you are much familiar about the infra than me and other maintainers. So, your approval and comments are highly appreciated.
With google/oss-fuzz#14112 and google/oss-fuzz#14128, we can now use Ubuntu 24.04. Let's bump the image version. Note, the i386 build failure mentioned in the removed comment is related to https://bugs.launchpad.net/ubuntu/+source/linux-signed-azure/+bug/2071445 actions/runner-images#9977 and has been already fixed.
|
(I manually stopped several unrelated CIs, to reduce pressure to CI infra.) |
|
Setting the green label based on the @evverx's approval comment above. |
yuwata
added
good-to-merge/waiting-for-ci 👍
|
Before I forget ClusterFuzzLite (https://github.com/systemd/systemd/tree/main/.clusterfuzzlite) should be bumped too eventually by updating Dockerfile and adding |
|
Thanks. I will see about clusterfuzz later. |
github-actions
bot
removed
the
good-to-merge/waiting-for-ci 👍
|
I think it all can wait until systemd starts to bump its dependencies. Given that it was postponed I think by then OSS-Fuzz should start officially supporting Ubuntu 24.04 images. |
2 participants
With google/oss-fuzz#14112 and google/oss-fuzz#14128, we can now use Ubuntu 24.04. Let's bump the image version.