#!/bin/bash -eu # Copyright 2018 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # ################################################################################ # Disable UBSan vptr since target built with -fno-rtti. export CFLAGS="$CFLAGS -fno-sanitize=vptr" export CXXFLAGS="$CXXFLAGS -fno-sanitize=vptr" declare -r FUZZER_TARGETS_CC=$(find . -name *_fuzz_test.cc) declare -r FUZZER_TARGETS="$(for t in ${FUZZER_TARGETS_CC}; do echo "${t:2:-3}"; done)" FUZZER_DICTIONARIES="\ " # Skip gperftools, ASAN runs don't use tcmalloc. export DISABLE_GPERFTOOLS_BUILD=1 sed -i 's#envoy_dependencies()#envoy_dependencies(skip_targets=["tcmalloc_and_profiler"])#' WORKSPACE # Copy $CFLAGS and $CXXFLAGS into Bazel command-line flags, for both # compilation and linking. # # Some flags, such as `-stdlib=libc++`, generate warnings if used on a C source # file. Since the build runs with `-Werror` this will cause it to break, so we # use `--conlyopt` and `--cxxopt` instead of `--copt`. declare -r EXTRA_BAZEL_FLAGS="$( for f in ${CFLAGS}; do echo "--conlyopt=${f}" "--linkopt=${f}" done for f in ${CXXFLAGS}; do echo "--cxxopt=${f}" "--linkopt=${f}" done )" declare BAZEL_BUILD_TARGETS="" declare FILTERED_FUZZER_TARGETS="" for t in ${FUZZER_TARGETS} do declare BAZEL_PATH="//"$(dirname "$t")":"$(basename "$t") declare TAGGED=$(bazel query "attr('tags', 'no_fuzz', ${BAZEL_PATH})") if [ -z "${TAGGED}" ] then FILTERED_FUZZER_TARGETS+="$t " BAZEL_BUILD_TARGETS+="${BAZEL_PATH}_driverless " fi done # Build driverless libraries. bazel build --verbose_failures --dynamic_mode=off --spawn_strategy=standalone \ --genrule_strategy=standalone --strip=never \ --copt=-fno-sanitize=vptr --linkopt=-fno-sanitize=vptr --linkopt=-lc++fs \ --define tcmalloc=disabled --define signal_trace=disabled \ --define ENVOY_CONFIG_ASAN=1 --copt -D__SANITIZE_ADDRESS__ \ --define force_libcpp=enabled \ --build_tag_filters=-no_asan \ ${EXTRA_BAZEL_FLAGS} \ --linkopt="-lFuzzingEngine" \ ${BAZEL_BUILD_TARGETS[*]} # Profiling with coverage requires that we resolve+copy all Bazel symlinks and # also remap everything under proc/self/cwd to correspond to Bazel build paths. if [ "$SANITIZER" = "coverage" ] then # The build invoker looks for sources in $SRC, but it turns out that we need # to not be buried under src/, paths are expected at out/proc/self/cwd by # the profiler. declare -r REMAP_PATH="${OUT}/proc/self/cwd" mkdir -p "${REMAP_PATH}" # For .cc, we only really care about source/ today. rsync -av "${SRC}"/envoy/source "${REMAP_PATH}" rsync -av "${SRC}"/envoy/test "${REMAP_PATH}" rsync -avLk "${SRC}"/envoy/bazel-envoy/external "${REMAP_PATH}" # For .h, and some generated artifacts, we need bazel-out/. Need to heavily # filter out the build objects from bazel-out/. Also need to resolve symlinks, # since they don't make sense outside the build container. rsync -avLk --include '*.h' --include '*.cc' --include '*.hpp' \ --include '*/' --exclude '*' \ "${SRC}"/envoy/bazel-out "${REMAP_PATH}" # As above, but for /root/.cache. # TODO(htuch): disabled for now, this would mostly be useful for .build # artifact, e.g. # /builder/home/.cache/bazel/_bazel_root/4e9824db8e7d11820cfa25090ed4ed10/external/envoy_deps_cache_b22e04bff96538ea37e715942da6315c/yaml-cpp.dep.build/yaml-cpp-0f9a586ca1dc29c2ecb8dd715a315b93e3f40f79/src/parse.cpp # but, we don't know how to recover them today, as they are gone by this # phase. # # rsync -avLk --relative --include '*.h' --include '*.cc' --include '*.c' \ # --include '*/' --exclude '*' \ # /root/.cache "${OUT}" fi # Copy out test driverless binaries from bazel-bin/ and zip up related test # corpuses. for t in ${FILTERED_FUZZER_TARGETS} do TARGET_CORPUS=$(python "${SRC}"/find_corpus.py "$t") TARGET_BASE="$(expr "$t" : '.*/\(.*\)_fuzz_test')" TARGET_DRIVERLESS=bazel-bin/"${t}"_driverless echo "Copying fuzzer $t and corpus" cp "${TARGET_DRIVERLESS}" "${OUT}"/"${TARGET_BASE}"_fuzz_test zip "${OUT}/${TARGET_BASE}"_fuzz_test_seed_corpus.zip \ "$(dirname "${t}")"/"${TARGET_CORPUS}"/* done # Copy dictionaries and options files to $OUT/ for d in $FUZZER_DICTIONARIES; do cp "$d" "${OUT}"/ done # Cleanup bazel- symlinks to avoid oss-fuzz trying to copy out of the build # cache. rm -f bazel-*