diff options
author | Evgeny Vereshchagin <evvers@ya.ru> | 2022-06-08 22:15:27 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-06-08 15:15:27 -0400 |
commit | 79f4ed33d9ece2694593e0c7d8af63c936fa3dea (patch) | |
tree | b1b8db33e893e687925a1e9fea43c02fc8c15249 /infra | |
parent | 11f2e698c0d8521e501562535e2a801ba6335597 (diff) |
infra: allow passing architecture=i386 to CIFuzz (#7779)
to mostly make sure that fuzz targets are buildable with
architecture=i386. Ideally CIFuzz should also download the
latest corpora using the "clusterfuzz-builds-i386" links but
it kind of works even without that.
It was tested in https://github.com/evverx/oss-fuzz/pull/13
by pointing https://github.com/evverx/systemd/pull/110 to
that fork of the oss-fuzz repository. To judge from
https://github.com/evverx/systemd/actions/runs/2406321298 it
seems to be working more or less. The "i386" job failed there
because https://github.com/systemd/systemd/commit/89b6a3f13e5f3b8a375dc82cb2a1c2c204a5067e
to test "i386" as much as possible.
Diffstat (limited to 'infra')
-rw-r--r-- | infra/cifuzz/actions/build_fuzzers/action.yml | 4 | ||||
-rw-r--r-- | infra/cifuzz/base_runner_utils.py | 2 | ||||
-rw-r--r-- | infra/cifuzz/build_fuzzers.py | 2 | ||||
-rw-r--r-- | infra/cifuzz/config_utils.py | 17 | ||||
-rw-r--r-- | infra/cifuzz/continuous_integration.py | 2 | ||||
-rw-r--r-- | infra/cifuzz/docker.py | 12 | ||||
-rw-r--r-- | infra/cifuzz/docker_test.py | 12 |
7 files changed, 38 insertions, 13 deletions
diff --git a/infra/cifuzz/actions/build_fuzzers/action.yml b/infra/cifuzz/actions/build_fuzzers/action.yml index 750750a7..08e2d6b4 100644 --- a/infra/cifuzz/actions/build_fuzzers/action.yml +++ b/infra/cifuzz/actions/build_fuzzers/action.yml @@ -18,6 +18,9 @@ inputs: sanitizer: description: 'The sanitizer to build the fuzzers with.' default: 'address' + architecture: + description: 'The architecture used to build the fuzzers.' + default: 'x86_64' project-src-path: description: "The path to the project's source code checkout." required: false @@ -38,6 +41,7 @@ runs: DRY_RUN: ${{ inputs.dry-run}} ALLOWED_BROKEN_TARGETS_PERCENTAGE: ${{ inputs.allowed-broken-targets-percentage}} SANITIZER: ${{ inputs.sanitizer }} + ARCHITECTURE: ${{ inputs.architecture }} PROJECT_SRC_PATH: ${{ inputs.project-src-path }} LOW_DISK_SPACE: 'True' BAD_BUILD_CHECK: ${{ inputs.bad-build-check }} diff --git a/infra/cifuzz/base_runner_utils.py b/infra/cifuzz/base_runner_utils.py index 24637548..875ee2eb 100644 --- a/infra/cifuzz/base_runner_utils.py +++ b/infra/cifuzz/base_runner_utils.py @@ -27,7 +27,7 @@ def get_env(config, workspace): env['OUT'] = workspace.out env['CIFUZZ'] = 'True' env['FUZZING_ENGINE'] = config_utils.DEFAULT_ENGINE - env['ARCHITECTURE'] = config_utils.DEFAULT_ARCHITECTURE + env['ARCHITECTURE'] = config.architecture # Do this so we don't fail in tests. env['FUZZER_ARGS'] = '-rss_limit_mb=2560 -timeout=25' return env diff --git a/infra/cifuzz/build_fuzzers.py b/infra/cifuzz/build_fuzzers.py index 19a22dc5..ba746d71 100644 --- a/infra/cifuzz/build_fuzzers.py +++ b/infra/cifuzz/build_fuzzers.py @@ -80,7 +80,7 @@ class Builder: # pylint: disable=too-many-instance-attributes the fuzzers from that source code. Returns True on success.""" docker_args, docker_container = docker.get_base_docker_run_args( self.workspace, self.config.sanitizer, self.config.language, - self.config.docker_in_docker) + self.config.architecture, self.config.docker_in_docker) if not docker_container: docker_args.extend( _get_docker_build_fuzzers_args_not_container(self.host_repo_path)) diff --git a/infra/cifuzz/config_utils.py b/infra/cifuzz/config_utils.py index cf33433c..086bdfd3 100644 --- a/infra/cifuzz/config_utils.py +++ b/infra/cifuzz/config_utils.py @@ -31,7 +31,6 @@ SANITIZERS = ['address', 'memory', 'undefined', 'coverage'] # TODO(metzman): Set these on config objects so there's one source of truth. DEFAULT_ENGINE = 'libfuzzer' -DEFAULT_ARCHITECTURE = 'x86_64' # This module deals a lot with env variables. Many of these will be set by users # and others beyond CIFuzz's control. Thus, you should be careful about using @@ -45,6 +44,10 @@ def _get_sanitizer(): return os.getenv('SANITIZER', constants.DEFAULT_SANITIZER).lower() +def _get_architecture(): + return os.getenv('ARCHITECTURE', constants.DEFAULT_ARCHITECTURE).lower() + + def _is_dry_run(): """Returns True if configured to do a dry run.""" return environment.get_bool('DRY_RUN', False) @@ -106,6 +109,7 @@ class BaseConfig: self.dry_run = _is_dry_run() # Check if failures should not be reported. self.sanitizer = _get_sanitizer() + self.architecture = _get_architecture() self.language = _get_language() self.low_disk_space = environment.get_bool('LOW_DISK_SPACE', False) @@ -128,6 +132,7 @@ class BaseConfig: """Returns False if the configuration is invalid.""" # Do validation here so that unittests don't need to make a fully-valid # config. + # pylint: disable=too-many-return-statements if not self.workspace: logging.error('Must set WORKSPACE.') return False @@ -137,6 +142,16 @@ class BaseConfig: self.sanitizer, SANITIZERS) return False + if self.architecture not in constants.ARCHITECTURES: + logging.error('Invalid ARCHITECTURE: %s. Must be one of: %s.', + self.architecture, constants.ARCHITECTURES) + return False + + if self.architecture == 'i386' and self.sanitizer != 'address': + logging.error( + 'ARCHITECTURE=i386 can be used with SANITIZER=address only.') + return False + if self.language not in constants.LANGUAGES: logging.error('Invalid LANGUAGE: %s. Must be one of: %s.', self.language, constants.LANGUAGES) diff --git a/infra/cifuzz/continuous_integration.py b/infra/cifuzz/continuous_integration.py index 96a4d028..f3e93b7a 100644 --- a/infra/cifuzz/continuous_integration.py +++ b/infra/cifuzz/continuous_integration.py @@ -240,7 +240,7 @@ class InternalGithub(GithubCiMixin, BaseCi): bash_command = f'cp -r {image_repo_path} {host_repo_path}' docker_args, _ = docker.get_base_docker_run_args( self.workspace, self.config.sanitizer, self.config.language, - self.config.docker_in_docker) + self.config.architecture, self.config.docker_in_docker) docker_args.extend([ docker.get_project_image_name(self.config.oss_fuzz_project_name), '/bin/bash', '-c', bash_command diff --git a/infra/cifuzz/docker.py b/infra/cifuzz/docker.py index 30a08724..c74f9bb1 100644 --- a/infra/cifuzz/docker.py +++ b/infra/cifuzz/docker.py @@ -28,8 +28,7 @@ PROJECT_TAG_PREFIX = 'gcr.io/oss-fuzz/' # Default fuzz configuration. _DEFAULT_DOCKER_RUN_ARGS = [ - '-e', 'FUZZING_ENGINE=' + constants.DEFAULT_ENGINE, '-e', - 'ARCHITECTURE=' + constants.DEFAULT_ARCHITECTURE, '-e', 'CIFUZZ=True' + '-e', 'FUZZING_ENGINE=' + constants.DEFAULT_ENGINE, '-e', 'CIFUZZ=True' ] EXTERNAL_PROJECT_IMAGE = 'external-project' @@ -70,12 +69,14 @@ def delete_images(images): def get_base_docker_run_args(workspace, sanitizer=constants.DEFAULT_SANITIZER, language=constants.DEFAULT_LANGUAGE, + architecture=constants.DEFAULT_ARCHITECTURE, docker_in_docker=False): """Returns arguments that should be passed to every invocation of 'docker run'.""" docker_args = _DEFAULT_DOCKER_RUN_ARGS.copy() env_mapping = { 'SANITIZER': sanitizer, + 'ARCHITECTURE': architecture, 'FUZZING_LANGUAGE': language, 'OUT': workspace.out } @@ -95,11 +96,16 @@ def get_base_docker_run_args(workspace, def get_base_docker_run_command(workspace, sanitizer=constants.DEFAULT_SANITIZER, language=constants.DEFAULT_LANGUAGE, + architecture=constants.DEFAULT_ARCHITECTURE, docker_in_docker=False): """Returns part of the command that should be used everytime 'docker run' is invoked.""" docker_args, docker_container = get_base_docker_run_args( - workspace, sanitizer, language, docker_in_docker=docker_in_docker) + workspace, + sanitizer, + language, + architecture, + docker_in_docker=docker_in_docker) command = _DEFAULT_DOCKER_RUN_COMMAND.copy() + docker_args return command, docker_container diff --git a/infra/cifuzz/docker_test.py b/infra/cifuzz/docker_test.py index b3e6b993..045131c1 100644 --- a/infra/cifuzz/docker_test.py +++ b/infra/cifuzz/docker_test.py @@ -69,12 +69,12 @@ class GetBaseDockerRunArgsTest(unittest.TestCase): '-e', 'FUZZING_ENGINE=libfuzzer', '-e', - 'ARCHITECTURE=x86_64', - '-e', 'CIFUZZ=True', '-e', f'SANITIZER={SANITIZER}', '-e', + 'ARCHITECTURE=x86_64', + '-e', f'FUZZING_LANGUAGE={LANGUAGE}', '-e', f'OUT={WORKSPACE.out}', @@ -91,8 +91,8 @@ class GetBaseDockerRunArgsTest(unittest.TestCase): WORKSPACE, SANITIZER, LANGUAGE) self.assertEqual(docker_container, None) expected_docker_args = [ - '-e', 'FUZZING_ENGINE=libfuzzer', '-e', 'ARCHITECTURE=x86_64', '-e', - 'CIFUZZ=True', '-e', f'SANITIZER={SANITIZER}', '-e', + '-e', 'FUZZING_ENGINE=libfuzzer', '-e', 'CIFUZZ=True', '-e', + f'SANITIZER={SANITIZER}', '-e', 'ARCHITECTURE=x86_64', '-e', f'FUZZING_LANGUAGE={LANGUAGE}', '-e', f'OUT={WORKSPACE.out}', '-v', f'{WORKSPACE.workspace}:{WORKSPACE.workspace}' ] @@ -111,8 +111,8 @@ class GetBaseDockerRunCommandTest(unittest.TestCase): self.assertEqual(docker_container, None) expected_docker_command = [ 'docker', 'run', '--rm', '--privileged', '-e', - 'FUZZING_ENGINE=libfuzzer', '-e', 'ARCHITECTURE=x86_64', '-e', - 'CIFUZZ=True', '-e', f'SANITIZER={SANITIZER}', '-e', + 'FUZZING_ENGINE=libfuzzer', '-e', 'CIFUZZ=True', '-e', + f'SANITIZER={SANITIZER}', '-e', 'ARCHITECTURE=x86_64', '-e', f'FUZZING_LANGUAGE={LANGUAGE}', '-e', f'OUT={WORKSPACE.out}', '-v', f'{WORKSPACE.workspace}:{WORKSPACE.workspace}' ] |