RawSpeed: finish integration by adding fuzzing targets. (#685)
As discussed in the original PR#588, it may be better to
start with empty corpus, and see what happens. Even though
i have the full corpus set to get full (80%+) coverage, it
is quite likely to result in horrible performance.
Currently, the library is built with no external
dependencies - jpeg, zlib - not too sure if it makes sense
to fuzz those indirectly. And if i can built zlib in-tree,
building jpeg in-tree will be more complicated because it
does not have CMake build system.
As you can see, more than one fuzzing target is provided.
The RawSpeedFuzzer is the most global one, it will be
able to eventually cover all the code, others are more
fine-grained, and will only be able to cover some small
portion of the code. Thus, i suppose both the performance
and the coverage may win.
I did test this locally. Both the address and the undefined
configurations work.
2017-06-21 18:43:36 +00:00
|
|
|
#!/bin/bash -eu
|
|
|
|
# Copyright 2017 Google Inc.
|
|
|
|
#
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
#
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
#
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
# limitations under the License.
|
|
|
|
#
|
|
|
|
################################################################################
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
2017-11-27 19:23:07 +00:00
|
|
|
if [[ $SANITIZER = *undefined* ]]; then
|
|
|
|
CFLAGS="$CFLAGS -fsanitize=unsigned-integer-overflow -fno-sanitize-recover=unsigned-integer-overflow"
|
|
|
|
CXXFLAGS="$CXXFLAGS -fsanitize=unsigned-integer-overflow -fno-sanitize-recover=unsigned-integer-overflow"
|
|
|
|
fi
|
|
|
|
|
RawSpeed: finish integration by adding fuzzing targets. (#685)
As discussed in the original PR#588, it may be better to
start with empty corpus, and see what happens. Even though
i have the full corpus set to get full (80%+) coverage, it
is quite likely to result in horrible performance.
Currently, the library is built with no external
dependencies - jpeg, zlib - not too sure if it makes sense
to fuzz those indirectly. And if i can built zlib in-tree,
building jpeg in-tree will be more complicated because it
does not have CMake build system.
As you can see, more than one fuzzing target is provided.
The RawSpeedFuzzer is the most global one, it will be
able to eventually cover all the code, others are more
fine-grained, and will only be able to cover some small
portion of the code. Thus, i suppose both the performance
and the coverage may win.
I did test this locally. Both the address and the undefined
configurations work.
2017-06-21 18:43:36 +00:00
|
|
|
cd "$WORK"
|
|
|
|
mkdir build
|
|
|
|
cd build
|
|
|
|
|
|
|
|
cmake \
|
2017-07-31 23:56:23 +00:00
|
|
|
-G"Unix Makefiles" -DBINARY_PACKAGE_BUILD=ON \
|
RawSpeed: finish integration by adding fuzzing targets. (#685)
As discussed in the original PR#588, it may be better to
start with empty corpus, and see what happens. Even though
i have the full corpus set to get full (80%+) coverage, it
is quite likely to result in horrible performance.
Currently, the library is built with no external
dependencies - jpeg, zlib - not too sure if it makes sense
to fuzz those indirectly. And if i can built zlib in-tree,
building jpeg in-tree will be more complicated because it
does not have CMake build system.
As you can see, more than one fuzzing target is provided.
The RawSpeedFuzzer is the most global one, it will be
able to eventually cover all the code, others are more
fine-grained, and will only be able to cover some small
portion of the code. Thus, i suppose both the performance
and the coverage may win.
I did test this locally. Both the address and the undefined
configurations work.
2017-06-21 18:43:36 +00:00
|
|
|
-DWITH_PTHREADS=OFF -DWITH_OPENMP=OFF \
|
|
|
|
-DWITH_PUGIXML=OFF -DUSE_XMLLINT=OFF -DWITH_JPEG=OFF -DWITH_ZLIB=OFF \
|
|
|
|
-DBUILD_TESTING=OFF -DBUILD_TOOLS=OFF -DBUILD_BENCHMARKING=OFF \
|
|
|
|
-DCMAKE_BUILD_TYPE=FUZZ -DBUILD_FUZZERS=ON \
|
2017-11-18 15:21:59 +00:00
|
|
|
-DLIB_FUZZING_ENGINE:FILEPATH="$LIB_FUZZING_ENGINE" \
|
RawSpeed: finish integration by adding fuzzing targets. (#685)
As discussed in the original PR#588, it may be better to
start with empty corpus, and see what happens. Even though
i have the full corpus set to get full (80%+) coverage, it
is quite likely to result in horrible performance.
Currently, the library is built with no external
dependencies - jpeg, zlib - not too sure if it makes sense
to fuzz those indirectly. And if i can built zlib in-tree,
building jpeg in-tree will be more complicated because it
does not have CMake build system.
As you can see, more than one fuzzing target is provided.
The RawSpeedFuzzer is the most global one, it will be
able to eventually cover all the code, others are more
fine-grained, and will only be able to cover some small
portion of the code. Thus, i suppose both the performance
and the coverage may win.
I did test this locally. Both the address and the undefined
configurations work.
2017-06-21 18:43:36 +00:00
|
|
|
-DCMAKE_INSTALL_PREFIX:PATH="$OUT" -DCMAKE_INSTALL_BINDIR:PATH="$OUT" \
|
|
|
|
"$SRC/librawspeed/"
|
|
|
|
|
|
|
|
make -j$(nproc) all && make -j$(nproc) install
|
|
|
|
|
|
|
|
cd "$SRC"
|
|
|
|
rm -rf "$WORK/build"
|