Test new fuzzing

google · Jul 6, 2023 · 39afdb0 · 39afdb0
1 parent 413b098
commit 39afdb0
Show file tree

Hide file tree

Showing 8 changed files with 83 additions and 2 deletions.
diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml
@@ -13,6 +13,10 @@ on:
   pull_request:
     types: [opened, reopened, labeled, synchronize]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   ubuntu_build:
     name: Build and test ${{ matrix.name }}
@@ -288,8 +292,15 @@ jobs:
     - name: Quick Fuzz
       if: ${{ matrix.build_system == 'fuzz' }}
       run: |
-        export ASAN_OPTIONS=detect_leaks=0
-        ./c/fuzz/test_fuzzer.sh
+        mkdir ${RUNNER_TEMP}/decode_corpora
+        unzip java/org/brotli/integration/fuzz_data.zip -d ${RUNNER_TEMP}/decode_corpora
+        cd ${GITHUB_WORKSPACE}/c/fuzz
+        bazelisk build --config=asan-libfuzzer :decode_fuzzer
+        for f in `ls ${RUNNER_TEMP}/decode_corpora`
+        do
+          echo "Testing $f"
+          ./bazel-bin/decode_fuzzer_bin ${RUNNER_TEMP}/decode_corpora/$f
+        done
 
     - name: Build with Bazel
       if: ${{ matrix.build_system == 'bazel' }}

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -9,6 +9,10 @@ on:
   schedule:
     - cron: '18 15 * * 0'
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   analyze:
     name: Analyze

diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml
@@ -7,6 +7,11 @@
 
 name: CIFuzz
 on: [pull_request]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   Fuzzing:
     runs-on: ubuntu-latest

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -14,6 +14,10 @@ on:
   release:
     types: [ published ]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 jobs:
   windows_build:
     name: Windows Build (vcpkg / ${{ matrix.triplet }})

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -14,6 +14,10 @@ on:
   push:
     branches: [ "master" ]
 
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
 # Declare default permissions as read only.
 permissions: read-all
 

diff --git a/c/fuzz/.bazelrc b/c/fuzz/.bazelrc
@@ -0,0 +1,18 @@
+# Force the use of Clang for C++ builds.
+build --action_env=CC=clang
+build --action_env=CXX=clang++
+
+# Define the --config=asan-libfuzzer configuration.
+build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing//fuzzing/engines:libfuzzer
+build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_instrumentation=libfuzzer
+build:asan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_sanitizer=asan
+
+# Define the --config=msan-libfuzzer configuration.
+build:msan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing//fuzzing/engines:libfuzzer
+build:msan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_instrumentation=libfuzzer
+build:msan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_sanitizer=msan
+
+# Define the --config=ubsan-libfuzzer configuration.
+build:ubsan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine=@rules_fuzzing//fuzzing/engines:libfuzzer
+build:ubsan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_instrumentation=libfuzzer
+build:ubsan-libfuzzer --@rules_fuzzing//fuzzing:cc_engine_sanitizer=ubsan
diff --git a/c/fuzz/BUILD b/c/fuzz/BUILD
@@ -0,0 +1,12 @@
+load("@rules_fuzzing//fuzzing:cc_defs.bzl", "cc_fuzz_test")
+
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])  # MIT
+
+# To start fuzzing run: bazel run --config=asan-libfuzzer //:fuzz_config_run
+cc_fuzz_test(
+    name = "decode_fuzzer",
+    srcs = ["decode_fuzzer.c"],
+    deps = ["@org_brotli//:brotlidec"],
+)
diff --git a/c/fuzz/WORKSPACE b/c/fuzz/WORKSPACE
@@ -0,0 +1,23 @@
+workspace(name = "org_brotli_fuzz")
+
+local_repository(
+    name = "org_brotli",
+    path = "../..",
+)
+
+load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
+
+http_archive(
+    name = "rules_fuzzing",
+    sha256 = "d9002dd3cd6437017f08593124fdd1b13b3473c7b929ceb0e60d317cb9346118",
+    strip_prefix = "rules_fuzzing-0.3.2",
+    urls = ["https://github.com/bazelbuild/rules_fuzzing/archive/v0.3.2.zip"],
+)
+
+load("@rules_fuzzing//fuzzing:repositories.bzl", "rules_fuzzing_dependencies")
+
+rules_fuzzing_dependencies()
+
+load("@rules_fuzzing//fuzzing:init.bzl", "rules_fuzzing_init")
+
+rules_fuzzing_init()