Rooba
/
oss-fuzz
mirror of https://github.com/google/oss-fuzz.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,994 Commits 195 Branches 0 Tags 125 MiB
Commit Graph

1484 Commits

Author SHA1 Message Date
Abhishek Arya 33ae18cc44
Enable generated dict in AFL++ (#5591) 
This was accidently disabled.
 2021-04-09 08:16:07 +10:00
priyawadhwa 18a05fce3d
Store triage party image in oss-fuzz-base repo (#5584) 2021-04-07 11:11:52 +10:00
Caolán McNamara 0f02ca5a56
retry sequentially if multiprocessing do_bad_build_check detects fail… (#5578) 
* retry sequentially if multiprocessing do_bad_build_check detects failures

https://github.com/google/oss-fuzz/issues/5441

The error seen in the build log is:

Whoops, the target binary crashed suddenly, before receiving any input
from the fuzzer!

suggesting that the fuzzer crashed before it got to do anything.
Debugging locally what I tend to see is that

a) in src/afl-forkserver.c afl_fsrv_start the read_s32_timed call
returns 0 and that triggers kill(fsrv->fsrv_pid, fsrv->kill_signal);
(SIGKILL)
b) read_s32_timed returns 0 because *stop_soon_p is non-zero at
restart_read:
c) *stop_soon_p becomes non-zero in handle_stop_sig of
src/afl-fuzz-init.c due to receiving SIGINT
d) that SIGINT is sent by the timeout script used in bad_build_check so
it is that "outer" timeout process which is sending SIGINT which then
triggers afl-forkserver's internal SIGKILL to kill the process

I get improved results if I retry the killed off fuzzers sequentially

* Remove unneeded semicolons to fix presubmit

Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-04-05 12:50:15 -07:00
Stefan Bucur 008c7ec1f5
Switch the cel-cpp project to the new Bazel build script. This reduces the build.sh file to a single line. (#5549) 2021-04-02 20:01:49 -07:00
van Hauser 4afd7f9c55
afl++: add CTX-2 coverage option (#5567) 2021-04-02 07:02:26 -07:00
priyawadhwa 2ef6b816b9
Add config and deploy script for triage party (#5557) 2021-04-02 07:01:09 -07:00
Stefan Bucur 8c1a588bef
Implement the Bazel building recipe as a stand-alone script that can be invoked from build.sh. (#5548) 2021-03-31 19:45:00 +00:00
jonathanmetzman 4cc3aa6343
[CIFuzz] Print crash stacktraces no matter what (#5474) 
Even if we don't want to report them, print the stacktrace.
Related: https://github.com/google/oss-fuzz/issues/5461
 2021-03-31 06:55:30 -07:00
dependabot[bot] 54f0985f8e
Bump pyyaml from 5.2 to 5.4 in /infra/build/functions (#5512) 
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.2 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.2...5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-03-25 20:44:10 -07:00
dependabot[bot] 2ee9dae19f
Bump pyyaml from 5.3.1 to 5.4 in /infra/ci (#5511) 
Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4.
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES)
- [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-03-25 20:43:57 -07:00
Oliver Chang 1ee46825bf
build_specified_commit: Add call to fetch_all_remotes on cleanup. (#5485) 
We need to redo fetch_all_remotes as we re-copy the repo from the docker
container.
 2021-03-24 08:59:33 +11:00
jonathanmetzman 8539aadb65
[CIFuzz] Fix repo detection for repos downloaded through "go get". (#5481) 
Superseeds: #5463
Fixes: #3670
 2021-03-23 11:01:02 -07:00
jonathanmetzman 00ad715801
[CIFuzz] Make it possible to skip bad build check. (#5475) 
This will mainly be useful for non-OSS-Fuzz users.
Though it can also be used by OSS-Fuzz users to speed things
up (very slightly in most cases).
Fixes #4377
 2021-03-23 09:22:53 -07:00
jonathanmetzman 6de9a3b187
[helper] Fix handling of gsutil's 2FA (#5482) 
gsutil recently started asking daily for a security key jiggle for accounts
using it. This means if we don't print stderr in real time, users won't see
why a corpus isn't downloading and helper will hang until 2FA request times out.
 2021-03-23 09:14:48 -07:00
Oliver Chang e8646d25ec
Fix bisection when the original checkout is for a single branch. (#5478) 
Repos cloned with `--branch BRANCH` will only track that branch, even
when we unshallow. If we provide a git SHA from another branch, it will
not be recognized.

To fix, this, we update the remote tracking config and fetch them.

For google/osv#88.
 2021-03-23 14:17:37 +11:00
jonathanmetzman e34a03385f
Delete unneeded files from cargo-fuzz install (100MB) (#5436) 2021-03-22 12:29:23 -07:00
jonathanmetzman 8a67befa1c
[infra/helper.py] Unittest shell base-runner-debug (#5470) 
Make sure shell-base-runner-debug works.
 2021-03-22 10:39:27 -07:00
Fabian Meumertzheim 6ca344a446
Generate badges for projects without coverage (#5459) 
Generate badges also for projects with no coverage builds at all (e.g.
JVM and Python projects). For these projects, the badge only has the two
possible states "build passing" and "build failing".
 2021-03-21 18:52:02 -07:00
jonathanmetzman 0fba276516
[NFC][base-builder] Fix order so comment is in right place (#5445) 2021-03-21 07:02:30 -07:00
jonathanmetzman 5792e5c529
[NFC][CIFuzz] Rename test_files to test_data and delete unneeded testcases directory (#5448) 2021-03-19 11:49:38 -07:00
van Hauser 2b4af8f24a
[AFL++] llvm 13 fix (#5454) 2021-03-19 18:45:54 +00:00
jonathanmetzman cb083cb365
[base-builder] Fix temp dir deletion for atheris (#5434) 
Add back /tmp dir deletion that was accidentally removed before #5344 was committed.
 2021-03-19 08:36:14 -07:00
Catena cyber 58d5848b0f
Fix typo in path equilavence for golang coverage (#5444) 2021-03-19 06:34:21 -07:00
van Hauser df6dc548a9
remove map size for afl++ (#5433) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix

* update commit id

* update and enhance afl++

* update afl++ commit id, better run asan options

* fix linter

* add debug_afl script

* Update debug_afl

* Update compile_afl

* fix for karchive

* put debug_afl in the docker container

* asan poison fix

* fix asan settings for zeek

* update afl++ commit id

* fix

* update afl++ commit id

* final touches

* remove map size

* remove old comment

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2021-03-18 14:49:58 +00:00
jonathanmetzman ccea7f4ad9
[base-clang] Reduce base-clang size by deleting unneeded binaries+libraries (#5282) 
Delete unneeded LLVM tools, clang libraries and testing tools.

This reduces the image size from 1.71 GB to 901 MB.
It may be possible to improve on this by deleting some LLVM
libraries though I don't know which ones we should delete
because AFL++ might use some).

Related https://github.com/google/oss-fuzz/issues/5170
 2021-03-18 06:38:46 -07:00
jonathanmetzman 62fce2a587
[CIFuzz] Give testcases unique names. (#5424) 2021-03-17 10:21:49 -07:00
Catena cyber 8b15e28751
Go coverage : use gofuzz tag by default (#5425) 
as is done by gofuzz build
 2021-03-17 07:42:12 -07:00
Catena cyber e71e49d721
Golang coverage summary updated to version 2.0.1 (#5346) 2021-03-17 06:53:19 -07:00
van Hauser a1135d001e
update afl++ commit id (#5402) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix

* update commit id

* update and enhance afl++

* update afl++ commit id, better run asan options

* fix linter

* add debug_afl script

* Update debug_afl

* Update compile_afl

* fix for karchive

* put debug_afl in the docker container

* asan poison fix

* fix asan settings for zeek

* update afl++ commit id

* fix

* update afl++ commit id

* final touches

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2021-03-16 20:05:21 +00:00
Catena cyber 5c174c7e36
Golang coverage: use absolute paths (#5407) 2021-03-16 12:19:02 -07:00
jonathanmetzman 5ca736fe00
[CIFuzz] Fix issue deleting corpus (#5391) 
Sometimes deleting the corpus in free_disk_if_needed exceptions.
Pass ignore_errors=True to fix this.
Related: #5383
 2021-03-15 16:20:13 +00:00
Catena cyber 92cea13c5d
Rust coverage : do not trigger debug assertions (#5385) 2021-03-14 15:53:16 -07:00
Catena cyber b000f70a7a
Golang coverage: build binary instead of bash script (#5377) 2021-03-14 08:29:13 -07:00
Catena cyber be203e38a5
More generic target directory for rust coverage (#5366) 
* More generic target directory for rust coverage

* Rust coverage cargo does not change PATH
 2021-03-12 08:52:54 -08:00
jonathanmetzman 3465403f30
[CIFuzz] Add functionality to save diskspace (#5342) 
* [CIFuzz] Add functionality to save diskspace.

Add a LOW_DISK_SPACE env/config var. When this is specified
(always true for Github actions) run_fuzzers will delete
base-builder and the project builder image before fuzzing.
After it finishes fuzzing with a target, it will also
delete the targets, its seed corpus and its corpus.

Related: #4879
 2021-03-12 07:27:07 -08:00
Abhishek Arya 53e9531551
Don't rpath patch llvm-symbolizer. (#5357) 
Should fix https://github.com/google/oss-fuzz/issues/5349
 2021-03-10 12:24:57 -08:00
Abhishek Arya 90b3d55f36
Fix unzip regression on base-runner. (#5356) 
* Fix unzip regression on base-runner.

* Dont rpath patch llvm-symbolizer.

Should fix https://github.com/google/oss-fuzz/issues/5349

* Revert "Dont rpath patch llvm-symbolizer."

This reverts commit fdd881dea2.
 2021-03-10 10:46:58 -08:00
jonathanmetzman 0475bfa16a
[base-builder] Remove unnecessary python files (58 MB) (#5348) 
Related: #5170
 2021-03-09 18:30:31 -08:00
Catena cyber 632f5ec0cb
Rust coverage : source remap after changing dir (#5345) 2021-03-09 20:57:46 +00:00
jonathanmetzman 1233505600
[base-builder] Delete unneeded files from atheris install (#5344) 2021-03-09 12:08:09 -08:00
jonathanmetzman 92bb205b50
[infra] Remove minijail. (#5343) 
We don't need minijail tooling anymore since we aren't using it
on OSS-Fuzz.
 2021-03-09 19:57:33 +00:00
jonathanmetzman c3124a0843
[base-runner] Reduce size by ~200 MB by using apt better (#5339) 
Don't install recommended packages if it means installing an
entire gcc toolchain. We don't need it in the runner.
 2021-03-09 18:06:44 +00:00
jonathanmetzman 39483b8403
[CIFuzz][cifuzz-base] Slim down cifuzz-base (#5288) 
Reduce cifuzz-base size from 846MB to 444MB.

1. Don't install parts of docker that aren't necessary.
2. Use .dockerignore properly.
 2021-03-09 08:32:50 -08:00
Catena cyber fb8b2e25bf
Golang coverage ok with package in $SRC (#5325) 2021-03-09 06:07:33 -08:00
van Hauser 498b771b72
fix afl++ asan options (#5336) 2021-03-09 06:05:13 -08:00
Catena cyber be915129e1
Golang coverage with go 1.16 and modules (#5321) 
* Fixes go coverage with modules

* Golang coverage html report turning off modules

Otherwise, we get the error
working directory is not part of a module
 2021-03-08 21:26:19 +00:00
jonathanmetzman 8fe74c1f72
[base-runner] Fix go issue and remove uneeded rust stuff. (#5319) 
Go needs the toolchain for now, so add it back to base-runner.
We don't actually need the rust toolchain so get rid of it
(saving about 1GB).
 2021-03-08 09:43:44 -08:00
Catena cyber c41e46ffc8
Rust coverage report (for Suricata) (#4697) 
* Rust coverage test

* Workaround to get rust coverage for Suricata
 2021-03-08 07:05:35 -08:00
van Hauser 6f19531812
add asan poison check to afl++ cmplog (#5311) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix

* update commit id

* update and enhance afl++

* update afl++ commit id, better run asan options

* fix linter

* add debug_afl script

* Update debug_afl

* Update compile_afl

* fix for karchive

* put debug_afl in the docker container

* asan poison fix

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2021-03-06 07:02:29 -08:00
Sebastian Rasmussen 16d66c9da4
[infra] Avoid adding fuzzing language for shell subcommand. (#5300) (#5301) 2021-03-05 07:31:58 -08:00
van Hauser 7bd9da63c8
fix karchive build for afl++ (#5305) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix

* update commit id

* update and enhance afl++

* update afl++ commit id, better run asan options

* fix linter

* add debug_afl script

* Update debug_afl

* Update compile_afl

* fix for karchive

* put debug_afl in the docker container

Co-authored-by: jonathanmetzman <31354670+jonathanmetzman@users.noreply.github.com>
 2021-03-05 07:10:34 -08:00
jonathanmetzman 5e207cb607
[base-runner] Reduce image size by 45% (645 MB). (#5283) 
Reduce image size by:
1. Not installing go toolchain in final image. Build go tools in
seperate image that doesn't become base-runner.
2. Download the JVM zip in the same step we remove it.
 2021-03-04 06:33:27 -08:00
van Hauser c243108b6a
update afl++ commit id plus add afl++ debug script (#5297) 2021-03-04 14:19:53 +00:00
jonathanmetzman db02d9252e
[AFL++][base-builder] Precompile afl++ (#5290) 
Precompile AFL like we already do for honggfuzz.
This saves about a minute in compilation time of AFL targets by doing it in base-builder
It only adds about 30 MB to the image size.
 2021-03-03 19:10:35 -08:00
jonathanmetzman 2cc07015ef
[base-clang] Reduce build time by ~65% (#5280) 
Reduce build time by doing the following:
1. Building the second stage clang build with a clang binary we download
from chromium.
2. Changing NPROC to be half of the cores instead of assuming it's 16
cores. This still addresses the OOM when building on GCB but speeds up
local building.
3. Don't install recommended packages and use --depth 1 when possible
(very minor improvements compared to the above).

In all this reduces local build time of base-clang from 32 minutes
to 11 minutes.

Because build times are reduced, it will be easier to
iteratively develop changes needed for #5170
 2021-03-03 14:57:29 -08:00
jonathanmetzman c8ca07752f
[CIFuzz][coverage] Fix bug in getting coverage reports (#5284) 
Also add tests.
 2021-03-03 14:46:51 -08:00
jonathanmetzman f5901265d1
[TSAN] Support TSAN (#5266) 
We aren't planning on suppoting TSAN on ClusterFuzz.
But we can support in CIFuzz since Skia wants it.
 2021-03-02 09:20:40 -08:00
van Hauser fee28b9695
update afl++ commit id (#5273) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix

* update commit id
 2021-03-02 08:25:29 -08:00
van Hauser a6f244e9c5
afl++ commit id update (#5271) 
* output afl++ setup

* update commit id

* update afl++ commit id

* asan + cmplog fix
 2021-03-01 18:38:31 -08:00
van Hauser 697c0480dd
afl++ commit id update (#5258) 
* output afl++ setup

* update commit id

* update afl++ commit id
 2021-02-26 07:24:46 -08:00
jonathanmetzman f939fcfa6f
[base-builder] Use builtin libFuzzer instead of recompling. (#4682) 
Instead of recompiling libFuzzer each time we do a libFuzzer
build of a project, always use Clang's builtin version of libFuzzer.
Do this by copying the builtin libFuzzer to /usr/local/lib/FuzzingEngine.a.
This means that the projects that aren't using -fsanitize=fuzzer now also
use the builtin libFuzzer. And we no longer need to compile a sanitized
libFuzzer for them.

This change improves fuzzing performance and developer experience.
1. It improves developer experience by saving time spent compiling libFuzzer
when recompiling fuzzers.
The time saved is about 25 seconds on my machine.
This will make iterating on fuzzer integration much easier.
2. It improves fuzzer performance. The builtin libFuzzer isn't sanitized so it is faster.
In some cases (see [here](https://bugs.chromium.org/p/chromium/issues/detail?id=934639))
sanitized libFuzzers can waste 37% of the time running non-performant implementations
of code that the builtin-libFuzzer can do almost instantaneously (assembly vs C code).

The consequences of improving developer experience and 
fuzzer performance aren't so easy to measure (though 
we will look for perf consequences on ClusterFuzz).

But some of the consequences of saving time compiling libFuzzer 
are easy to figure out and quite important. They are:
1. Saving $14646 a year on build costs. Based on the following:
build time saved (on GCB): ~38 seconds
libFuzzer builds per day: 990
builds per year: >365
price per build-minute (32 core instance, https://cloud.google.com/build/pricing): 0.064
38/60*.064*990*365 = 14,646

2. Speeding up infra-tests.
Many of the integration tests build fuzzers and so building libFuzzer 
was a considerable bottleneck.
On my many-core machine the savings were good and noticeable 
(and are probably larger on the less performant CI machines).

|                            | With compiling libfuzzer | Without compiling libfuzzer |
| ---------------------- | ------------------------------- | ----------------------------------- |
| Parallel tests       | 45                                  | 34                                       | 
| Sequential tests  | 276                                | 190                                     | 

3. Speeding up CIFuzz.
CIFuzz needs to be fast but it spends about 40 seconds compiling libFuzzer.
In a run where no bugs are discovered which is intended to take about 20 minutes
compiling libFuzzer takes about 3% of the time (40/(20*60)*100).
Now we don't need to waste that time.
See https://github.com/google/oss-fuzz/issues/5180, which this partially fixes.

This bug fixes https://github.com/google/oss-fuzz/issues/2312 and  https://github.com/google/oss-fuzz/issues/4677.
 2021-02-24 11:36:03 -08:00
Catena cyber e14bf4735a
Go 1.16 local builds (#5241) 
* Makes vitess build local

As it uses vitess.io instead of github

* Completes minify project

* Completes quic-go

* Local build for nats project

* Completes ipfs

* run go mod tidy after adding go module

* Right bash sequence for go mod tidy
 2021-02-23 07:35:32 -08:00
Catena cyber 1e03eb94af
Go 1.16 more fixes (#5239) 
* Fixes cilium build

* Fixes dragonfly build

* Fixes fasthttp build

* Fixes fastjson build

* golang build: change directory only temporary

* Fixes gitea build

* Fixes grpc-gateway build

* Fixes hugo project build

* Fixes ipfs build

* Fixes jsonparser build

* Fixes kubernetes build

* Fixes loki build

* Fixes minify build

* Fixes nats build

* Removes go get from the docs

* Fixes quic-go build

* Fixes radon build

* Fixes syzkaller build

* Fixes tidb build

* Fixes vitess build
 2021-02-22 15:25:47 -08:00
jonathanmetzman 1b0115eefd
Fix spuriously failing test (#5218) 2021-02-22 10:55:15 -08:00
Catena cyber 90164f397e
Fixes go coverage build with go 1.16 (#5237) 2021-02-22 09:06:53 -08:00
van Hauser b5de0307a7
Fixes for afl++ (#5235) 
* output afl++ setup

* update commit id
 2021-02-22 07:41:49 -08:00
DavidKorczynski ab55c8eeef
infra: update the timeout of AFL (#5223) 
* Updated the timeout for AFL.

* Updated the AFL timeout.
 2021-02-21 16:06:29 -08:00
Catena cyber 60e9a661f9
Go 1.16 build fix with right parentheses (#5228) 
* go: right bash condition for changing directory

* go-json-iterator: uses git clone

So as to copy fuzz target in right directory

* go: uses tags when running go list

* go-redis: uses git clone and builds local fuzz target

* cascadia: uses git clone instead of go get
 2021-02-21 07:40:36 -08:00
jonathanmetzman 28b35e36fe
[CIFuzz] Support languages non-C++ projects (e.g. Python projects) (#5222) 
Allow use of non-C++ projects by specifying the language in the workflow file.
Fixes #5195
 2021-02-19 11:54:15 -08:00
Catena cyber 18500c17d7
golang: compatibility with go 1.16 modules (#5221) 2021-02-19 10:03:22 -08:00
van Hauser 4bb61df790
Final afl++ integration (#5191) 
* final afl++ integration

* remove afl++ cmplog tests

* update afl++ commit id

* support rebuild

* llvm 13 workaround

* apply fix for llvm 13

* fix nits

* Fix nits.

* Fix name nit.

* update commit id

* update commit id

* update commit id to stable

Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-02-18 12:55:07 -08:00
jonathanmetzman e93f222966
[CIFuzz] Fix handling of sanitizer artifacts (#5182) 
Fixes #5175
1. Put sanitizer in artifact name.
2. Fix parsing of non-ASAN stacks.
 2021-02-18 09:57:34 -08:00
jonathanmetzman d7164ef352
[infra] Remove unneeded binaries, docs from CMake install (#5161) 
This should reduce the image layer size from 127 MB to 57 MB
 2021-02-18 09:49:41 -08:00
Fabian Meumertzheim 481280c650
[jazzer] Adapt infra scripting to JVM fuzz targets (#5176) 
compile, bad_build_check, and presubmit.py require small tweaks to
support JVM fuzz targets, most of which are similar to those required
for Python. The following additional changes are required:

* Since the Jazzer driver binary already links in libFuzzer, it should
  not be built as a static library.
* It is not clear how to do architecture checks as JVM fuzz targets can
  load their native dependencies dynamically at runtime. For now, the
  check is disabled.
* The Jazzer binaries are moved into $OUT and need to be skipped over in
  find_fuzz_targets.
 2021-02-16 07:06:58 -08:00
Fabian Meumertzheim 427f63c93c
Add Jazzer to base-builder and base-runner (#5166) 
Jazzer is built from HEAD using Bazel and the clang toolchain provided
by base-clang. While it could be built with OpenJDK 8, which is
available as a package, JVM fuzz targets should not be forced to be
compatible with Java 8. For this reason, the official binary release of
OpenJDK 15 is pulled into both base-builder and base-runner and set as
JAVA_HOME. It is trimmed down in size by removing src.zip and the jmods
directory.

Jazzer consists of the following four components:

* The API (`jazzer_api_deploy.jar`), which is required for fuzz targets
  that use FuzzedDataProvider or custom method hooks, is made available
  in /usr/local/lib in base-builder.
* The driver (`jazzer_driver`), which links in libFuzzer and is reused
  across fuzz targets. Since it is used to run fuzz targets, it is
  included into base-runner.
* The ASanified driver (`jazzer_driver_asan`), which is obtained from
  `jazzer_driver` by linking in ASan.
* The agent (`jazzer_agent_deploy.jar`), which bundles the runtime
  instrumentation agent with the Jazzer API. It is loaded by the driver
  and thus also included into base-runner.

The changes to the infra scripts required by JVM fuzz targets will be
submitted as a separate PR.
 2021-02-16 06:56:36 -08:00
jonathanmetzman a98d7f1ca4
[base-runner][NFC] Replace test_one with test_one.py (#5179) 2021-02-16 06:14:53 -08:00
jonathanmetzman f3fd5289e9
[NFC][[infra] Remove unnecessary files. (#5177) 
These files don't appear to be used anymore.
 2021-02-15 11:07:02 +11:00
jonathanmetzman ae802f3017
[presubmit] Make sure to run build tests even if nonbuild tests fail (#5183) 
Previously "and" shortcircuiting caused the build tests not to be
run if the non-build tests (which are run first) failed.
 2021-02-12 09:24:13 -08:00
Evgeny Vereshchagin 4af2cfe3cf
bad_build_check: also look for call on x86_64 (#5159) 
It should make the script compatible with binutils-2.36.1 (where
"callq" is no longer present in the output of objdump)

It was spotted in https://github.com/systemd/systemd/pull/18528
 2021-02-10 09:43:18 -08:00
Abhishek Arya 2a0efd9c44
Downgrade llvm to clang-12 for a few weeks. (#5131) 
Needed due to
https://github.com/google/fuzzbench/issues/1077#issuecomment-774727055
 2021-02-07 10:49:07 -08:00
van Hauser 458dd61bbb
afl++ CMPLOG test (#5130) 
* afl++ CMPLOG test

* fixes
 2021-02-07 09:42:13 -08:00
Abhishek Arya bae8dd8b5c
Fix unbound var. 2021-02-06 15:41:22 -08:00
van Hauser 380687236a
optimal afl++ defaults (#5129) 
* optimal afl++ defaults

* fixes
 2021-02-06 22:58:58 +00:00
jonathanmetzman 6e38a76220
[infra] Improve test speed (#5118) 
Make unittests take 20 seconds to run instead of 35.
Make integration tests take 50 seconds to run instead of 6 minutes.
Make CI take 6 minutes instead of 12 minutes.

1. Allow running tests in parallel. Locally this takes the time for running all tests (including integration tests) from 6 minutes to ~50 seconds. We don't do parallel by default since it doesn't really save any time unless running integration tests on my machine (probably due to overhead of starting ~70 processes). This also speeds up CI from about 12 minutes to 6 minutes  (since github actions has 2 cores per machine).
2. Fix how we run tests. I'm not exactly sure why, but the method we used for discovering tests, recursing through every directory and passing to unittest caused the build/infra tests to execute twice. Fixing this makes running unittests take ~20 seconds instead of ~35.

This change also uses pytest for running tests since it's easy to use it to run tests in parallel.
This change was made possible by #5113
 2021-02-05 06:10:42 -08:00
jonathanmetzman 9f4d0e5360
[CIFuzz][NFC] Ensure more tests don't modify the repo (#5114) 
Ensure more tests dont modify the repo by using a temporary directory.
Also, use setUp to create a tempdir to save code repitition.
 2021-02-04 09:07:45 -08:00
jonathanmetzman 5fc28a9d86
[cifuzz][NFC] Use a temporary directory in a test of check_fuzzer_build (#5113) 
This ensures that the test doesn't modify the repo.
 2021-02-04 08:23:41 -08:00
jonathanmetzman 21b47a7a22
[cifuzz][NFC] Handle TODOs (#5104) 
Handle some TODOs
1. Get rid of multiple return values and replace with a more sensible
return value.
2. Eliminate some useless TODOs.
 2021-02-04 07:15:51 -08:00
jonathanmetzman a21e218511
[cifuzz][NFC] Rename cifuzz.py to build_fuzzers.py (#5107) 
Since cifuzz.py now only deals with building fuzzers, change the
name to build_fuzzers.py
 2021-02-04 06:52:22 -08:00
jonathanmetzman 43c9e9138c
[cifuzz][NFC] Refactor tests (#5106) 
1. Use pyfakefs when possible instead of tempdir
2. Favor decorators instead of contextmanagers when mocking for less indentation and greater consistency.
 2021-02-03 15:18:56 -08:00
jonathanmetzman 7f150fe75e
[cifuzz] Abstract-away OSS-Fuzz specific bits (#5088) 
Abstract away OSS-Fuzz specific bits into the OSSFuzz implementation
of the ClusterFuzzDeployment class. This will make it easier to implement
support for other deployments of ClusterFuzz (including ClusterFuzzLite).
 2021-02-03 12:46:19 -08:00
Stefan Bucur 50cb57808e
Simplify the Envoy integration by using the new rules_fuzzing primitives. (#5062) 
* Simplify the Envoy integration by using the new rules_fuzzing primitives.

* Tweak ASAN instrumentation.
 2021-02-03 08:09:04 -08:00
Abhishek Arya 0af227644e
Update afl++ to 1f71b85426f837ebcae8381897d44a3a67c73a4f (#5095) 
For https://github.com/google/oss-fuzz/issues/4280#issuecomment-771495411
 2021-02-02 08:37:12 -08:00
Abhishek Arya ebe4848a52
Properly fix stripping of -fsanitize=fuzzer-no-link for afl++ (#5090) 
Fixes several builds - ibmswtpm2, tpm2-tss, etc
 2021-02-01 21:16:56 -08:00
van Hauser 05cac485d3
Fixes afl++ installation (#5087) 
* fix afl++ installation

* update to experimental afl++ checkout, setting afl-clang-fast

* update afl++ commit id to prevent unnecessary compile warnings

* Remove dictionary links addition.

Co-authored-by: Abhishek Arya <inferno@chromium.org>
 2021-02-01 16:20:18 -08:00
jonathanmetzman 95d3905ec9
[cifuzz] Support a batch fuzzing mode (#5073) 
In this mode, CIFuzz will keep fuzzing until the time limit is reached, even if a crash was found.
 2021-02-01 10:49:33 -08:00
Abhishek Arya b19e700192
Revert "Switch to using afl-clang-fast for afl++. (#5074)" (#5086) 
This reverts commit 42018eeb1c.
 2021-02-01 07:44:13 -08:00
Abhishek Arya 93eb6024f4
Add AFL_MAP_SIZE in run_fuzzer 
Otherwise get errors like these for libsass.

[+] All right - fork server is up.

[-] PROGRAM ABORT : AFL_MAP_SIZE is not set and fuzzing target reports that the required size is very large. Solution: Run the fuzzing target stand-alone with the environment variable AFL_DEBUG=1 set and set the value for __afl_final_loc in the AFL_MAP_SIZE environment variable for afl-fuzz.
         Location : report_error_and_exit(), src/afl-forkserver.c:321
 2021-01-31 10:48:04 -08:00
Abhishek Arya 42018eeb1c
Switch to using afl-clang-fast for afl++. (#5074) 2021-01-31 09:11:42 -08:00
jonathanmetzman 4c4b137a70
[cifuzz][external] Use ssh_url and fix affected fuzzers (#5072) 
1. Use ssh_url.

This only affects external (non-oss-fuzz) users.
Since there are none, it doesn't affect anyone.
Even if it did, exploitation would require owning the network
Github actions runs on.
This is to prevent MITM attacks.

2. Affected fuzzers bug:
We accidentally were skipping the remove unaffected functionality.
 2021-01-29 10:33:36 -08:00
jonathanmetzman de2ecf8553
[cifuzz] Allow specifying corpus for run_fuzzer (#5064) 2021-01-28 15:04:43 -08:00
jonathanmetzman f2756d7321
[CIFuzz] Move run_fuzzers to new config system (#5063) 
Also, decide is_github based on something not used/faked by Skia.
 2021-01-29 09:49:03 +11:00
jonathanmetzman d7e85a20b0
[CIFuzz] Fix diffing + Refactor (#5032) 
* [CIFuzz] Fix diffing + Refactor

Make diffing work in two scenarios where it previously failed:
1. Commit fuzzing. In this case, we diff $COMMIT against
$COMMIT^1 because the intent here is to fuzz the commit.
2. Fuzzing PRs that aren't to master. In this case, we previously
were diffing against origin/master. Instead, diff against the local
version of the base repo. This also has the nice effect of handling
PRs that havent pulled from master recently enough.

Also do refactoring.
1. Move code that is different for differenct CI systems to continuous_integration.py
2. Change how configuration in build_fuzzers is handled.
Previously configuration was gotten in build_fuzzers_entrypoint
and passed as individual params. This made code ugly and hard to
read. Instead, move code dealing with config to it's own module
config_utils. This module implements a config class which can
be used to create objects that are passed around to code that needs
it. Making the code much easier to read.
TODO: Move run_fuzzers code to new config system.
 2021-01-28 12:10:57 -08:00
Abhishek Arya d45336243a
Simplify changed files logic. (#5056) 2021-01-27 17:43:15 -08:00
Abhishek Arya aeb1be4b6e
Fix get_changed_files in infra/ci. (#5055) 
Fixes https://github.com/google/oss-fuzz/issues/5022
 2021-01-28 11:06:04 +11:00
Abhishek Arya 23e24a4bac
Get list of changed files from branch head, instead of master. (#5048) 
* Get list of changed files from branch head, instead of master.

Fixes https://github.com/google/oss-fuzz/issues/5022

* Add debug with subprocess.call.

* Try again debugginig.

* Try again

* Fix works!
 2021-01-27 14:28:27 -08:00
Abhishek Arya 89603f367a
Use afl++ in docs. (#5049) 2021-01-26 15:28:08 -08:00
jonathanmetzman d6ff0bfcdc
[CIFuzz] Seperate code for running fuzzers into own module: run_fuzzers.py (#5031) 
TODO: Rename cifuzz.py to build_fuzzers.py
 2021-01-26 08:32:41 -08:00
jonathanmetzman 665e489821
[afl++] Use AFL++ instead of AFL for fuzzing. (#5046) 2021-01-25 09:14:11 -08:00
jonathanmetzman 0ac841a1a4
Replace terms that are uninclusive. (#5045) 2021-01-25 08:41:34 -08:00
Oliver Chang 20b7246eae
Use more inclusive "blocklist" in code we control. (#5044) 2021-01-25 15:22:50 +11:00
Oliver Chang 8fcb4659e3
Add a missing requirement for CI. (#5036) 2021-01-22 12:45:11 +11:00
jonathanmetzman 648242fdb4
[pylint] Enable no-member check (#5034) 2021-01-21 16:21:17 -08:00
Oliver Chang 5b51cfb00f
Fix build functions tests when invoked from unittest.TestSuite. (#5027) 2021-01-21 07:43:42 -08:00
Abhishek Arya 0dc7c358d8
Remove unneeded ADD layers in base-builder. (#5028) 
See https://github.com/google/oss-fuzz/issues/5012#issue-789981845
 2021-01-20 22:18:03 -08:00
jonathanmetzman 492a4f2a1d
Run all tests when infra-tests is run from presubmit (#5026) 
The previous approach of only running tests in changed directories is broken.
Tests can fail even when files outside of their directory are modified.
Also blocklist failing tests (see https://github.com/google/oss-fuzz/issues/5025) for why build tests are blocklisted.
 2021-01-20 18:17:33 -08:00
Jonathan Metzman c5397ce3df fix nits 2021-01-20 18:00:33 -08:00
Jonathan Metzman e4195808a8 Explain why blacklisting base-sanitizer-libs-builder 2021-01-20 17:58:06 -08:00
jonathanmetzman f913f61129
[CIFuzz][coverage] Fix bug where unaffected fuzzers not removed + refactor 
Previously region count was used instead of region covered.
This means that unaffected fuzzers only worked when a file wasn't linked 
into a fuzzer build (i.e. it was mostly broken).
Add tests to ensure this doesn't happen again.

Fixes: #5013

Also refactor.
1. Create a coverage module and move coverage functionality there.
2. Remove some overly-defensive programming. We probably aren't going to be given an invalid repo dir in coverage module.
3. Convert integration test to unittest.
4. Add helpers for: normalizing paths, getting coverage per file, determining if file is covered (which was done incorrectly before), and getting fuzzer stats dir url to make code easier to understand.
5. Add a class for getting coverage info.
6. Create an affected_fuzz_targets module and move functionality dealing with affected_fuzz_targets there.
7. Add is_fuzz_target_affected helper and log more.
8. Refer to fuzz targets as fuzz targets instead of fuzzers.
9. Move `url_join` to `utils`.
10. Move `GSUTIL_BASE_URL` to `utils`.
11. Add a util function for converting gs:// URLs into https:// urls.
12. Add a util function for removing prefixes (instead of using `.replace` which operates on the whole string not just the prefix).
13. Use more common style of mocking in unittests.
14. Delete unnecessary tests like '' when an invalid fuzzer is already tested.
15. Make constants capitalized in tests.
16. Better variable naming and consistency also reuse variables in tests.
17. Leave TODOs around code that looks suspicious.
18. Cleanup pylint directives.
19. Use single instead of double quotes.
 2021-01-20 16:00:35 -08:00
Jonathan Metzman 0dbdeae5d2 fmt/lnt 2021-01-20 15:55:25 -08:00
Jonathan Metzman adebf8ece3 implement blocklist 2021-01-20 15:52:20 -08:00
Jonathan Metzman 9ce539763f fix 2021-01-20 15:18:18 -08:00
Jonathan Metzman 1193e419a3 Disable linting on dataflow_tracer 2021-01-20 13:40:50 -08:00
Jonathan Metzman 4184718c61 undo changes 2021-01-20 13:34:26 -08:00
Jonathan Metzman 05dc963d03 add license 2021-01-20 13:31:16 -08:00
Jonathan Metzman b3e30e5170 Fix lint function and add pylint directive 2021-01-20 13:29:47 -08:00
Jonathan Metzman a5ad91c7f5 Fix docstring 2021-01-20 13:25:56 -08:00
Jonathan Metzman 2b26c5446f Lint everything (and test everything too? 2021-01-20 13:25:56 -08:00
jonathanmetzman b998058ef3
Move entrypoints for CIFuzz to cifuzz folder. (#5020) 
Move entrypoints for CIFuzz to cifuzz.
This allows us to reduce some complexity by getting rid of
an unnecessary copy in docker and a hack to making importing work.
 2021-01-20 13:23:55 -08:00
Abhishek Arya 9d7f4f3100
Bump up llvm version to fix compile failure regression (old gcc) 2021-01-20 13:06:56 -08:00
Jonathan Metzman 5a48e9109a Merge branch 'master' of github.com:google/oss-fuzz into cifuzz-cov 2021-01-20 13:05:35 -08:00
Jonathan Metzman 63925e0e0d match behavior of removeprefix 2021-01-20 12:59:11 -08:00
Jonathan Metzman 64aeebf94f json.load -> json.loads 2021-01-20 12:53:47 -08:00
Jonathan Metzman 3a9668edd0 remove newline 2021-01-20 12:52:44 -08:00
Andrew Lytvynov 687187f07e
compile_go_fuzzer: pass build tags to `go list` (#5008) 
`go list` will fail if all files in the fuzzed package use a build tag
restriction (like the common `gofuzz` tag).

Also, pass the `gofuzz` tag in the teleport build to plumb it through.
 2021-01-20 11:44:15 -08:00
Jonathan Metzman d7049a82f2 fmt/lnt 2021-01-20 11:40:55 -08:00
Abhishek Arya 26dd144e52
Build modified projects as well when infra is modified. (#5019) 2021-01-20 11:37:37 -08:00
Jonathan Metzman cf0c702ee8 fix 2021-01-20 11:33:16 -08:00
Jonathan Metzman a5a1504477 add tests back 2021-01-20 11:24:25 -08:00
Jonathan Metzman aa815fc33b Fix unittests and make sure functionality stays same 2021-01-20 11:19:15 -08:00
Jonathan Metzman 0c26e0e2c8 fmt 2021-01-20 10:31:18 -08:00
Jonathan Metzman 2800e4eefa Add test 2021-01-20 10:31:03 -08:00
Jonathan Metzman 1647e41bef fmt 2021-01-20 10:18:39 -08:00
Jonathan Metzman 453253c427 fmt/lnt 2021-01-20 10:16:02 -08:00
Jonathan Metzman c136dd660b Fix bug where region count was used to determine if file was covered 
instead of region coverage.
Add a test for this.
Add a remove_prefix util function.
 2021-01-20 10:13:42 -08:00
Abhishek Arya c3087b7018
Install rust in base-builder with minimal profile. (#5015) 
Remove docs and other unneeded stuff.
https://blog.rust-lang.org/2019/10/15/Rustup-1.20.0.html
 2021-01-20 08:59:05 -08:00
Jonathan Metzman fe7b56af48 fmt/lnt 2021-01-20 08:48:29 -08:00
Jonathan Metzman 95f1089d7a fmt 2021-01-20 08:48:02 -08:00
Jonathan Metzman a00890cb73 more tests 2021-01-20 08:46:38 -08:00
Jonathan Metzman dafddab431 move more tests 2021-01-20 08:22:24 -08:00
Jonathan Metzman 8cda07fb9f move over test 2021-01-20 07:59:32 -08:00