* [opus] Build with -D_FORTIFY_SOURCE=0 to avoid msan false positives
Without this, a silk_memcpy call could resolve to __memcpy_chk,
which does not have an msan intercept, leading to false use-of-uninitialized-value errors.
* [opus] Consolidate cflags
* [opus] Fix typo
Temporary fix for sanitizer validation.
Our sanitizer validation is hacky and isn't using pyyaml to actually
parse the project.yaml file. Temporarily work around #3996 by not
validating sanitizers if no sanitizers are specified in project.yaml.
* Link against `libc++` with proper config in `.bazelrc`
* Add support for `undefined` build, link against proper `clang_rt` library
* Don't rsync in verbose mode.
* Support `undefined` and `memory` sanitizers
* Support more fuzzers than just `libfuzzer`.
The oss-fuzz documentation states that listing supported sanitizers in a project's yaml [is optional](https://google.github.io/oss-fuzz/getting-started/new-project-guide/#sanitizers). It appears that CIFuzz requires supported sanitizers to be included in this file ([ref](26e8d7c772/infra/cifuzz/cifuzz.py (L508-L529))). I believe this causes the CIFuzz Github Action to fail for projects that have not listed support for address sanitizer explicitly in their respective project YAML.
This PR explicitly defines support for asan and ubsan with a goal of fixing h2o's CIFuzz build
This got a bit messy as a change, but it's basically all that topic. I
had to go squint at python3-libraries to figure out the modern
incantation for getting python3 to build under the fuzzer, but victory
is mine and this is probably substantially cleaner.
* Need to manually install numpy now as it is used in the toolchain
* Handle review
* Remove bazel install since we install bazelisk
* Force symlink python3 -> python
* Refactor build script
* Remove `-stdlib=libc++` as that causes link errors
* Remove `identity_fuzz` as it results in a huge fuzzer. Will work on reducing size and then enable back
* Copy fuzzer to `$OUT`, not move
* Handle coverage support
* Added new fuzzer to xpdf.
* Updated sanitizers.
* Limit sanitizer to address as this is the only one that allows us to fuzz the pdf core parser.
* Disable logging and go further into the API.
By default a cmake based build puts user provided flags at the beginning
of a compiler invocation, giving them lowest priority. This makes it
quite difficult to add the required -fno-sanitize=vptr flag since it
will be placed before -fsanitize=undefined in a SWIFTSHADER_UBSAN build.
To make this work will require upstream changes to SwiftShader's build.
However, it is not necessary to build SwiftShader with the undefined
behavior sanitizer in order to fuzz Skia for issues. (This is only
required for the memory sanitizer which fortunately works.) As a result,
build SwiftShader without the sanitizer in the Skia undefined sanitizer
fuzzer build.
* [skia] Update diff for upstream change.
SkReadBuffer::getArrayCount() implementation changed, so update the
diff.
* [skia] Build fix for upstream build changes.
Skia is changing its build a little bit. 'skia_enable_fontmgr_custom'
has become 'skia_enable_fontmgr_custom_directory' (since that is what
it actually did) and skia_enable_fontmgr_custom_embedded has been added.
* [skia] Update SwiftShader to something not so old.
Skia builds it without submodules. Only build libGLESv2 and libEGL
instead of building everything, which isn't needed and takes a long
time. SwiftShader already has a checked-in build/ directory, so use a
different directory for building. Limit the number of make jobs to avoid
'Cannot allocate memory' errors. To build SwiftShader with a sanitizer,
the cmake define is now like SWIFTSHADER_XSAN.
* Revert "Revert "[CIFuzz] Add support for different sanitizers (#3516)""
This reverts commit c580d0d626.
* cifuzz: pass "sanitizer" to the "run fuzzer" step
It's a follow-up to https://github.com/google/oss-fuzz/pull/3516 that
should fix https://github.com/google/oss-fuzz/issues/3727.
* [cifuzz] drop a $
That's another follow-up to #3516 that should help to pass sanitizer correctly.
Otherwise, it always falls back to address with:
2020-06-11 21:10:14,852 - root - INFO - $address is not a project sanitizer, defaulting to address.
werdnaH