Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 24, 2022

Bumps pylint from 2.5.3 to 2.12.2.

Release notes

Sourced from pylint's releases.

pylint-2.8.1

  • Add numversion back (temporarily) in __pkginfo__ because it broke Pylama and revert the unnecessary pylint.version breaking change.

    Closes #4399

pylint-2.8.0

  • New refactoring message consider-using-with. This message is emitted if resource-allocating functions or methods of the standard library (like open() or threading.Lock.acquire()) that can be used as a context manager are called without a with block.

    Closes #3413

  • Resolve false positives on unused variables in decorator functions

    Closes #4252

  • Add new extension ConfusingConsecutiveElifChecker. This optional checker emits a refactoring message (R5601 confusing-consecutive-elif) if if/elif statements with different indentation levels follow directly one after the other.

  • New option --output=<file> to output result to a file rather than printing to stdout.

    Closes #1070

  • Use a prescriptive message for unidiomatic-typecheck

    Closes #3891

  • Apply const-naming-style to module constants annotated with typing.Final

  • The packaging is now done via setuptools exclusively. doc, tests, man, elisp and Changelog are not packaged anymore - reducing the size of the package by 75%.

  • Debian packaging is now (officially) done in https://salsa.debian.org/python-team/packages/pylint.

  • The 'doc' extra-require has been removed.

  • __pkginfo__ now only contain __version__ (also accessible with pylint.__version__), other meta-information are still accessible with import importlib;metadata.metadata('pylint').

  • COPYING has been renamed to LICENSE for standardization.

  • Fix false-positive used-before-assignment in function returns.

    Closes #4301

  • Updated astroid to 2.5.3

... (truncated)

Changelog

Sourced from pylint's changelog.

What's New in Pylint 2.12.2?

Release date: 2021-11-25

  • Fixed a false positive for unused-import where everything was not analyzed properly inside typing guards.

  • Fixed a false-positive regression for used-before-assignment for typed variables in the body of class methods that reference the same class

    Closes #5342

  • Specified that the ignore-paths option considers "" to represent a windows directory delimiter instead of a regular expression escape character.

  • Fixed a crash with the ignore-paths option when invoking the option via the command line.

    Closes #5437

  • Fixed handling of Sphinx-style parameter docstrings with asterisks. These should be escaped with by prepending a "".

    Closes #5406

  • Add endLine and endColumn keys to output of JSONReporter.

    Closes #5380

  • Fixed handling of Google-style parameter specifications where descriptions are on the line following the parameter name. These were generating false positives for missing-param-doc.

    Closes #5452

  • Fix false negative for consider-iterating-dictionary during membership checks encapsulated in iterables or not in checks

    Closes #5323

  • unused-import now check all ancestors for typing guards

    Closes #5316

  • Allow usage of mccabe 0.7.x release

    Closes #5878

... (truncated)

Commits
  • eec287f Bump pylint to 2.12.2, update changelog
  • 7def527 Add Copyrite configuration for Yu Shao
  • 608ed32 Require \ for asterisks in Sphinx-style parameter docstrings (#5464)
  • f89a337 Deprecate is_inside_lambda from utils (#5447)
  • 765a0b7 Add endLine and endColumn keys to JSONReporter (#5456)
  • 28a33ef Update outdated class name in "How to Write a Checker" test example (#5449)
  • bce059a Move Sphinx docstrings out of TestParamDocChecker (#5450)
  • e14596e Move no-member tests from TestTypeChecker (#5453)
  • 4b70feb #5452: Fix false positive missing-doc-param from multi-line Google-st… (#5459)
  • 35813de Move various tests from TestTypeChecker to functional tests (#5455)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 24, 2022
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.5.3 to 2.12.2.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](pylint-dev/pylint@pylint-2.5.3...v2.12.2)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/infra/ci/pylint-2.12.2 branch from ba5f390 to 414de00 Compare March 24, 2022 17:00
evverx pushed a commit that referenced this pull request Dec 18, 2022
cc @oliverchang @alan32liu after google#9100 and google#8448

After compiling locally, I can see that
`./SystemSan ./target_dns -dict=vuln.dict`
crashes in a few seconds with
```
===BUG DETECTED: Arbitrary domain name resolution===
===Domain resolved: .f.z===
===DNS request type: 0, class: 256===
==315== ERROR: libFuzzer: deadly signal
    #0 0x539131 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3
    #1 0x457c48 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5
    #2 0x43c923 in fuzzer::Fuzzer::CrashCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:3
    #3 0x7fa57940041f  (/lib/x86_64-linux-gnu/libpthread.so.0+0x1441f) (BuildId: 7b4536f41cdaa5888408e82d0836e33dcf436466)
    #4 0x7fa5793ff7db in send (/lib/x86_64-linux-gnu/libpthread.so.0+0x137db) (BuildId: 7b4536f41cdaa5888408e82d0836e33dcf436466)
    #5 0x503ba4 in __interceptor_send /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:6802:17
    #6 0x7fa578abf462  (/lib/x86_64-linux-gnu/libresolv.so.2+0xb462) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94)
    #7 0x7fa578abbc43 in __res_context_query (/lib/x86_64-linux-gnu/libresolv.so.2+0x7c43) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94)
    #8 0x7fa578abc8ed in __res_context_search (/lib/x86_64-linux-gnu/libresolv.so.2+0x88ed) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94)
    #9 0x7fa578ad2cc1  (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2cc1) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130)
    #10 0x7fa578ad2e8b in _nss_dns_gethostbyname3_r (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2e8b) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130)
    #11 0x7fa578ad2f41 in _nss_dns_gethostbyname2_r (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2f41) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130)
    #12 0x7fa5792fdc9d in gethostbyname2_r (/lib/x86_64-linux-gnu/libc.so.6+0x130c9d) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
    #13 0x7fa5792d179e  (/lib/x86_64-linux-gnu/libc.so.6+0x10479e) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
    google#14 0x7fa5792d2f58 in getaddrinfo (/lib/x86_64-linux-gnu/libc.so.6+0x105f58) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
    google#15 0x4d93ac in getaddrinfo /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:2667:13
    google#16 0x56c8d9 in LLVMFuzzerTestOneInput /out/SystemSan/target_dns.cpp:35:11
    google#17 0x43dec3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15
    google#18 0x43d6aa in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3
    google#19 0x43ed79 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19
    google#20 0x43fa45 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5
    google#21 0x42edaf in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6
    google#22 0x458402 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    google#23 0x7fa5791f1082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee)
    google#24 0x41f7ed in _start (/out/SystemSan/target_dns+0x41f7ed)

NOTE: libFuzzer has rudimentary signal handlers.
      Combine libFuzzer with AddressSanitizer or similar for better crash reports.
SUMMARY: libFuzzer: deadly signal
MS: 2 CrossOver-ManualDict- DE: "f.z"-; base unit: ac3478d69a3c81fa62e60f5c3696165a4e5e6ac4
0x66,0x2e,0x7a,
f.z
artifact_prefix='./'; Test unit written to ./crash-926813b2d6adde373f96a10594a5314951588384
Base64: Zi56
```

You can also try
```
echo -n f.z > toto
./SystemSan ./target_dns toto  
```

Co-authored-by: Oliver Chang <[email protected]>
Co-authored-by: jonathanmetzman <[email protected]>
evverx pushed a commit that referenced this pull request Apr 22, 2023
We've still got an issue with crashes on the urllib3 requests test that
uses the mock HTTP server.

Fix google#9958 to handle port mapping errors didn't resolve it.

I got a feeling there's an ordering issue. Looking at the error logs
[https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56500#c2](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56500#c2)
there appears to be an issue where we're throwing exceptions before the
coverage completes.

```
=== Uncaught Python exception: ===
--
  | MaxRetryError: HTTPConnectionPool(host='localhost', port=8011): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4cdf33d1f0>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
  | Traceback (most recent call last):
  | File "fuzz_requests.py", line 109, in TestOneInput
  | File "urllib3/_request_methods.py", line 118, in request
  | File "urllib3/_request_methods.py", line 217, in request_encode_body
  | File "urllib3/poolmanager.py", line 433, in urlopen
  | File "urllib3/connectionpool.py", line 874, in urlopen
  | File "urllib3/connectionpool.py", line 874, in urlopen
  | File "urllib3/connectionpool.py", line 874, in urlopen
  | File "urllib3/connectionpool.py", line 844, in urlopen
  | File "urllib3/util/retry.py", line 505, in increment
  | MaxRetryError: HTTPConnectionPool(host='localhost', port=8011): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4cdf33d1f0>: Failed to establish a new connection: [Errno 101] Network is unreachable'))
  |  
  | INFO: Instrumenting 3854 functions...
  | INFO: Instrumentation complete.
  | ==10674== ERROR: libFuzzer: fuzz target exited
  | #0 0x7f4ce0bac694 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/ubsan/ubsan_diag_standalone.cpp:31:3
  | #1 0x7f4ce0b2df48 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5
  | #2 0x7f4ce0b12cdc in fuzzer::Fuzzer::ExitCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:250:3
  | #3 0x7f4ce09068a6 in __run_exit_handlers /build/glibc-SzIz7B/glibc-2.31/stdlib/exit.c:108:8
  | #4 0x7f4ce0906a5f in exit /build/glibc-SzIz7B/glibc-2.31/stdlib/exit.c:139:3
  | #5 0x7f4ce03b2c78 in libpython3.8.so.1.0
  | #6 0x7f4ce03b76cf in libpython3.8.so.1.0
  | #7 0x403ad2 in fuzz_requests.pkg
  | #8 0x403e67 in fuzz_requests.pkg
  | #9 0x7f4ce08e4082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/libc-start.c:308:16
  | #10 0x40249d in fuzz_requests.pkg
  |  
  | SUMMARY: libFuzzer: fuzz target exited
```

This is an attempted fix inspired by the requests
[fuzz_server.py](https://github.com/google/oss-fuzz/blob/master/projects/requests/fuzz_server.py)
where the lifecycle of the test thread is managed within the server.
Since the web server is created at the start of `TestOneInput` I don't
expect there to be any timing issues or thread initialisation issues.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants