| Age | Commit message (Collapse) | Author |
|---|
|
Project image-rs uses cargo fuzz list
|
|
Have build_project.Project() take in project.yaml contents and parse
that.
|
|
Two of these changes that are important for the Ubuntu upgrade are
the changes to "compile" and write_labels.py"
|
|
* [cifuzz] Fix bug caused by Ubuntu upgrade.
systemd-detect-virt isn't being found.
* fix
|
|
Handle upgrade to Ubuntu 20.04
1. Don't do any special handling for MSAN anymore. It isn't needed.
2. Don't do any special handling for msan-libs-builder it doesn't
exist anymore.
Related: https://github.com/google/oss-fuzz/issues/6180
|
|
Related: #6180.
|
|
Related: #6180
|
|
Important functional changes involve mostly improvements to
the command line scripts (this doesn't affect the build infra, only
local use):
1. Make sure scripts use the same builder as builds requested by infra, otherwise builds
will be very slow and will fail for larger projects.
2. Allow users to specify --test-images to use base images with suffix "-testing"
3. Allow script users to specify --parallel for parallel builds.
4. Allow script users to specify --testing so that builds are uploaded to testing buckets.
5. Allow script users to specify --branch so that builds use specified branch instead of master.
6. Clone oss-fuzz with depth 1 for improved speed and space usage.
7. Use logging instead of writing to stderr or print.
8. Allow scripts to accept multiple projects.
9. Allow script to keep executing after failure to get build steps.
10. Change scripts to use python3.
11. Tag more so builds are easier to query.
12. Log the gcb page for each build.
Other changes include major refactoring:
1. Don't construct image names from scratch using format strings each time they are used.
Provide a helper function for this.
2. Provide a helper function, get_env instead of constructing the env from scratch each time.
3. Move compile step into its own function: get_compile_step.
4. Move upload steps into their own helper function get_upload_steps.
5. Don't misuse the name image_project when we really mean cloud project.
6. Move cleanup step into its own helper function: get_cleanup_step.
7. Exit with returncode of main function from build_project.
8. Add unittests for build_project.
9. Make request_build share run_build code with build_project.
10. Use proper spacing in comments.
11. Test builds other than libfuzzer-ASAN-x86_64. Test other sanitizers, fuzzers and architectures
12. Make build_and_run_coverage share more code with build_project.
13. Move tests for build_and_run_coverage_test.py out of requst_coverage_test.py into their own file.
14. Use single quotes for strings.
15. Store state for a build in Build object instead of passing it everywhere.
16. Don't abuse project_yaml dict for storing project state. Use a Project object instead.
17. Better variable naming.
18. Use more classes instead of passing around arguments.
19. Use more f-strings.
20. Make scripts share main function.
21. Begin comments with uppercase and end with period.
22. Don't import functions or classes as dictated by style guide.
23. Share more test code in test_utils
Related: #6180.
|
|
This is done in anticipation of the upgrade to Ubuntu 20.04 which wont support this.
We'll do this first so we can handle any breakages caused by this step before needing to handle breakages
caused by the upgrade. However, there shouldn't be any breakages due to #6281, but there may be some projects
we overlooked.
The only exception to this is libcxx.
Related: #6180.
|
|
/usr/bin/python3 doesn't exist and isn't pythonic. Change shebang
to "/usr/bin/env python3"
Related: #6180
|
|
Raise the threshold as honggfuzz builds in focal seem to have more
calls.
Related: #6180.
|
|
Signed-off-by: Asra Ali <asraa@google.com>
|
|
|
|
suffix and pushing them to gcr.io/oss-fuzz-base.
This is useful for testing changes to images.
I used it to test changes I made for #6180.
This does not support msan as that image is being removed.
Also lint.
|
|
Removes unnecessary stuff in base-builder image to create a base-builder-new, and then adds a base-builder-swift on top of this that swift projects can use (without JVM/Go/etc fuzzing).
|
|
The current way adds a lot of ordering assumptions, and doesn't fit too
well with parallel batch fuzzing either. Add a "upload-build" boolean action
input that can be added to "build_fuzzers" to upload latest builds
instead.
Builds are now uploaded by commit hash, rather than a fixed "latest" name.
ClusterFuzzLite's download_latest_build will check the last 3 commits and download the
first available build by git hash.
|
|
* Update fuzzers to new Atheris version
* Pin new atheris version
* Change = to ==
* Change path where Atheris fuzzers ld_preload from
* Update hypothesis fuzzer to work with new atheris
* Set version to 2.0.1
* Switch to Atheris 2.0.4
* Correct spelling of pygments_fuzzer decorator
* instrument yaml_reader
* Change to latest Atheris
* Set atheris version to 2.0.6
|
|
(#6198)
Also rename mock_ functions to have impl suffix so we can use mock_ in place of mocked_
|
|
|
|
Jazzer now links in the UBSan C++ runtime and thus support the vptr
and function sanitizer settings.
|
|
Fixes: #6064
|
|
|
|
|
|
Qt now requires 3.20 or higher.
|
|
|
|
Bumps [jinja2](https://github.com/pallets/jinja) from 2.10 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/2.10...2.11.3)
---
updated-dependencies:
- dependency-name: jinja2
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
This should fix #6173
|
|
|
|
Fixes: #5926
|
|
I started writing some important docs, such as overview, build_integration, and running_clusterfuzzlite. However, most important docs are still TODO.
This PR at least adds a skeleton for those docs.
|
|
* infra: add coverage sanitizer option
* fix lint
|
|
|
|
Do this only where it makes sense. For example, since CIFuzz doesn't
support dataflow, maintain a separate source of truth.
|
|
|
|
|
|
|
|
Add support to helper.py for external projects for all subcommands except `download_corpora`.
External users just need to specify `build_integration_path`, `project_src_path` and `external`.
Also do a big refactor to pass a project object as part of args instead of a string containing the name of the project or its
path.
Related: #6125
|
|
This removes need for non-OSS-Fuzz users to fake using OSS-Fuzz.
Fixes: #6129
|
|
|
|
|
|
In hindsight, it doesn't have a lot to do with the rest of
config_utils. And config_utils is getting crowded.
|
|
This test doesn't really do diffing or affected fuzzers properly.
Nor does it check the workspace for existence of certain things, nor
does check the filesystem for proof things happened. It is still
a WIP.
|
|
|
|
* [cifuzz] Create validate method on BaseConfig
Use it to validate that either OSS_FUZZ_PROJECT_NAME
or BUILD_INTEGRATION_PATH is set.
Also use it to validate that workspace is set
(rather than duplicate code).
Add tests.
* Use env var hack to bypass valdiation
* fix
* fix
* fmt
* fix
* tmp
* fix
|
|
We shouldn't delete it, because we need to use it again.
This saves about 13 seconds per run.
Fixes: #5982
|
|
Don't try to find unaffected fuzzers by diffing against a base commit as
they don't exist in those contexts.
For #6053.
|
|
|
|
Also delete useless TODOs.
|
|
Don't assume that path is relative to workspace if it is not absolute.
Only make this assumption on GitHub where it will always be true.
Also, add tests.
|
|
This should mostly complete support for affected fuzzers for external users.
This implementation is still imperfect however.
It relies on the name of the repo being the same as the name of the directory in $SRC/ that the repo is checked out in
(i.e. repo must be checked out in $SRC/$REPO_NAME).
|
