2016-11-07 21:08:44 +00:00
|
|
|
# Fuzzer environment on ClusterFuzz
|
|
|
|
|
2017-01-06 07:41:38 +00:00
|
|
|
Your fuzz targets will be run on a [Google Compute Engine](https://cloud.google.com/compute/) VM (Linux) with some security restrictions.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2017-02-07 16:39:14 +00:00
|
|
|
## Runtime Dependencies
|
2017-01-10 20:44:14 +00:00
|
|
|
|
|
|
|
You should not make any assumptions on the availability of dependent packages
|
2017-02-08 03:15:53 +00:00
|
|
|
in the execution environment. Packages that are installed via
|
2017-02-07 16:43:34 +00:00
|
|
|
[Dockerfile](https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md#dockerfile)
|
2017-02-07 17:14:23 +00:00
|
|
|
or built as part of
|
|
|
|
[build.sh](https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md#buildsh)
|
2017-02-08 03:15:53 +00:00
|
|
|
are not available on the bot runtime environment (where the fuzz targets run).
|
2017-02-07 17:14:23 +00:00
|
|
|
|
|
|
|
If you need these dependencies in the runtime environment, you can either
|
2017-02-08 03:15:53 +00:00
|
|
|
- Install the packages via Dockerfile
|
2017-02-07 17:14:23 +00:00
|
|
|
([example](https://github.com/google/oss-fuzz/blob/master/projects/tor/Dockerfile#L19))
|
|
|
|
and then link statically against them
|
|
|
|
([example](https://github.com/google/oss-fuzz/blob/master/projects/tor/build.sh#L40))
|
|
|
|
- Or build the dependencies statically in
|
|
|
|
[build.sh](https://github.com/google/oss-fuzz/blob/master/docs/new_project_guide.md#buildsh)
|
|
|
|
([example](https://github.com/google/oss-fuzz/blob/master/projects/ffmpeg/build.sh#L26)).
|
2017-02-07 16:43:34 +00:00
|
|
|
|
2017-02-08 03:15:53 +00:00
|
|
|
All build artifacts needed during fuzz target execution should be inside the `$OUT`
|
2017-02-07 17:14:23 +00:00
|
|
|
directory. Only those artifacts are archived and used on the bots. Everything else
|
|
|
|
is ignored (e.g. artifacts in `$WORK`, `$SRC`, etc) and hence is not available
|
|
|
|
in the execution environment.
|
2017-01-14 20:20:48 +00:00
|
|
|
|
2017-02-07 16:39:14 +00:00
|
|
|
You should ensure that the fuzz target works correctly by using `run_fuzzer` command
|
2017-01-14 20:20:48 +00:00
|
|
|
(see instructions [here](new_project_guide.md#testing-locally)). This command uses
|
|
|
|
a clean base-runner docker container and not the base-builder docker container
|
|
|
|
created during build-time.
|
2017-01-10 20:44:14 +00:00
|
|
|
|
2017-01-20 19:55:22 +00:00
|
|
|
## argv[0]
|
|
|
|
|
2018-04-02 05:28:18 +00:00
|
|
|
You must not modify `argv[0]`. It is required for certain things to work correctly.
|
2017-01-20 19:55:22 +00:00
|
|
|
|
2016-11-07 21:08:44 +00:00
|
|
|
## Current working directory
|
|
|
|
|
2016-11-26 23:59:29 +00:00
|
|
|
You should not make any assumptions about the current working directory of your
|
2017-01-06 07:41:38 +00:00
|
|
|
fuzz target. If you need to load data files, please use `argv[0]` to get the
|
|
|
|
directory where your fuzz target executable is located.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2016-11-29 19:47:37 +00:00
|
|
|
## File system
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2017-01-06 07:41:38 +00:00
|
|
|
Everything except `/tmp` is read-only, including the directory that your fuzz target
|
2017-01-10 20:44:14 +00:00
|
|
|
executable lives in.
|
2016-11-07 21:08:44 +00:00
|
|
|
|
2016-12-09 16:49:42 +00:00
|
|
|
`/dev` is also unavailable.
|
|
|
|
|
2017-08-01 16:31:29 +00:00
|
|
|
## Hardware
|
|
|
|
|
|
|
|
Your project should not be compiled with `-march=native` or `-mtune=native`
|
|
|
|
flags, as the build infrastructure and fuzzing machines may have different CPUs
|
|
|
|
as well as other hardware differences. You may however use `-mtune=generic`.
|