Skip to content

[pull] master from google:master#175

Merged
pull[bot] merged 4 commits into
threatcode:masterfrom
google:master
Jul 14, 2026
Merged

[pull] master from google:master#175
pull[bot] merged 4 commits into
threatcode:masterfrom
google:master

Conversation

@pull

@pull pull Bot commented Jul 14, 2026

Copy link
Copy Markdown

See Commits and Changes for more details.


Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

cary-ilm and others added 4 commits July 14, 2026 10:57
Change email for @cary-ilm to seabeepea@gmail.com. I'll be losing access
to cary@ilm.com at the end of July.

Signed-off-by: Cary Phillips <cary@ilm.com>
…rd_party from analysis (#15860)

**What**: Restores the Fuzz Introspector build for connectedhomeip,
which has failed every day since 2024-12-17 with `context deadline
exceeded` (#13153).

**Root cause**: `base-builder/compile` runs the introspector source
analysis before `build.sh`. On connectedhomeip it runs ~11h and times
out — ~4.3h in the initial whole-tree tree-sitter load (dominated by
files vendored under `third_party`) plus ~6h across 239 "harnesses",
~230 of which are fuzzers vendored by dependencies (mbedtls, openthread,
libdatachannel's bundled copy of LLVM's Fuzzer test suite, boringssl,
...) rather than connectedhomeip's own ~10 targets.

**Fix**: Because the analysis runs before `build.sh`, `third_party` is
moved out of the source tree in the `Dockerfile` (after `bootstrap.sh`,
which needs `third_party/pigweed`) and restored in `build.sh` before `gn
gen`. The real asan/msan/coverage builds are unaffected — they compile
with `third_party` restored; only the pre-build introspector analysis
sees the reduced tree. The dead `all-clusters-minimal-app` fuzzing
driver (compiled by no target) is also dropped.

**Effect**: The introspector report becomes scoped to connectedhomeip's
own code rather than descending into vendored dependency internals — the
useful scope here, and a report where there has been none for ~7 months.

**Testing**: Verified locally that (1) with `third_party` excluded the
analysis clears the tree-sitter load in seconds (was ~4.3h) and
processes connectedhomeip's own harnesses through to report generation,
and (2) `build_fuzzers --sanitizer address` still compiles all targets
with `third_party` restored by `build.sh`. The exact introspector
wall-clock will be confirmed by the periodic cloud build.

Fixes #13153
Objects should be freed as often as they are created.

This change was discussed with and approved by Derek B. Noonburg from
the Xpdf project.
Fixing a few Envoy project build issues, and cleaning up some old
tech-debt.
@pull pull Bot locked and limited conversation to collaborators Jul 14, 2026
@pull pull Bot added the ⤵️ pull label Jul 14, 2026
@pull pull Bot merged commit 80c56df into threatcode:master Jul 14, 2026
2 of 3 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants