* Update fuzzers to new Atheris version
* Pin new atheris version
* Change = to ==
* Change path where Atheris fuzzers ld_preload from
* Update hypothesis fuzzer to work with new atheris
* Set version to 2.0.1
* Switch to Atheris 2.0.4
* Correct spelling of pygments_fuzzer decorator
* instrument yaml_reader
* Change to latest Atheris
* Set atheris version to 2.0.6
I started writing some important docs, such as overview, build_integration, and running_clusterfuzzlite. However, most important docs are still TODO.
This PR at least adds a skeleton for those docs.
Add support to helper.py for external projects for all subcommands except `download_corpora`.
External users just need to specify `build_integration_path`, `project_src_path` and `external`.
Also do a big refactor to pass a project object as part of args instead of a string containing the name of the project or its
path.
Related: #6125
This test doesn't really do diffing or affected fuzzers properly.
Nor does it check the workspace for existence of certain things, nor
does check the filesystem for proof things happened. It is still
a WIP.
* [cifuzz] Create validate method on BaseConfig
Use it to validate that either OSS_FUZZ_PROJECT_NAME
or BUILD_INTEGRATION_PATH is set.
Also use it to validate that workspace is set
(rather than duplicate code).
Add tests.
* Use env var hack to bypass valdiation
* fix
* fix
* fmt
* fix
* tmp
* fix
Don't assume that path is relative to workspace if it is not absolute.
Only make this assumption on GitHub where it will always be true.
Also, add tests.
This should mostly complete support for affected fuzzers for external users.
This implementation is still imperfect however.
It relies on the name of the repo being the same as the name of the directory in $SRC/ that the repo is checked out in
(i.e. repo must be checked out in $SRC/$REPO_NAME).
While installing `libxext-dev` in `base-runner` makes it available for local fuzzing via `infra/helper.py run_fuzzer`, it is not installed in the image used by ClusterFuzz to run fuzz targets. Fuzz targets that rely on any JDK system dependency rather have to install it manually using the method described in https://google.github.io/oss-fuzz/further-reading/fuzzer-environment/#runtime-dependencies.
By removing this package from `base-runner`, a failure to do so will already be detected via a local `check_build` rather than only during fuzzer execution on ClusterFuzz.
- Add storage-repo, storage-repo-branch, and
storage-repo-branch-coverage fields to the actions, to indicate that
the Git filestore should be used.
- The CI provided filestore is still used for crashes and builds.
- Replace generic Filestore.upload_directory with typed upload methods
which matches the download methods.
- Rename upload_latest_build to upload_build to make it more generic.
- Make artifact name prefixes an implementation detail of the store.
For #6052.
This can be useful for artifacts we want to upload that we know
do not need to be tarred, such as crashes. It's important not
to tar these because they will need to be viewed by users.
Previously, the downloaded build was uploaded instead of the new build.
This regression was introduced when the big workspace change was made.
Also, add more logging.
Bitshift