]>
Commit | Line | Data |
---|---|---|
53a42e62 JP |
1 | #!/bin/bash |
2 | ||
3 | set -e | |
4 | set -x | |
5 | set -u | |
6 | ||
64d0f704 EV |
7 | # This should help to protect the systemd organization on Fuzzit from forks |
8 | # that are activated on Travis CI. | |
9 | [[ "$TRAVIS_REPO_SLUG" = "systemd/systemd" ]] || exit 0 | |
10 | ||
53a42e62 JP |
11 | REPO_ROOT=${REPO_ROOT:-$(pwd)} |
12 | ||
13 | sudo bash -c "echo 'deb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted universe multiverse' >>/etc/apt/sources.list" | |
14 | sudo apt-get update -y | |
15 | sudo apt-get build-dep systemd -y | |
c4ae2704 | 16 | sudo apt-get install -y python3-pip python3-setuptools |
e65f29b4 | 17 | # The following should be dropped when debian packaging has been updated to include them |
0edd431e | 18 | sudo apt-get install -y libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev |
c4ae2704 | 19 | pip3 install ninja meson |
53a42e62 JP |
20 | |
21 | cd $REPO_ROOT | |
22 | export PATH="$HOME/.local/bin/:$PATH" | |
5057d73b EV |
23 | |
24 | # We use a subset of https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html#available-checks instead of "undefined" | |
0772b11c | 25 | # because our fuzzers crash with "pointer-overflow" and "float-cast-overflow": |
28025ba8 EV |
26 | # https://github.com/systemd/systemd/pull/12771#issuecomment-502139157 |
27 | # https://github.com/systemd/systemd/pull/12812#issuecomment-502780455 | |
5057d73b | 28 | # TODO: figure out what to do about unsigned-integer-overflow: https://github.com/google/oss-fuzz/issues/910 |
0772b11c | 29 | export SANITIZER="address -fsanitize=alignment,array-bounds,bool,bounds,builtin,enum,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unreachable,unsigned-integer-overflow,vla-bound,vptr -fno-sanitize-recover=alignment,array-bounds,bool,bounds,builtin,enum,float-divide-by-zero,function,integer-divide-by-zero,nonnull-attribute,null,object-size,return,returns-nonnull-attribute,shift,signed-integer-overflow,unreachable,vla-bound,vptr" |
53a42e62 JP |
30 | tools/oss-fuzz.sh |
31 | ||
20c9c29c | 32 | FUZZING_TYPE=${1:-regression} |
53a42e62 | 33 | if [ "$TRAVIS_PULL_REQUEST" = "false" ]; then |
b5e1f0bd | 34 | FUZZIT_BRANCH="${TRAVIS_BRANCH}" |
53a42e62 | 35 | else |
b5e1f0bd | 36 | FUZZIT_BRANCH="PR-${TRAVIS_PULL_REQUEST}" |
53a42e62 JP |
37 | fi |
38 | ||
86b52a39 | 39 | # Because we want Fuzzit to run on every pull-request and Travis/Azure doesn't support encrypted keys |
53a42e62 | 40 | # on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future |
807f9a17 | 41 | export FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc |
81f33199 | 42 | FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so" |
f789e0b4 EV |
43 | |
44 | # ASan options are borrowed almost verbatim from OSS-Fuzz | |
45 | ASAN_OPTIONS=redzone=32:print_summary=1:handle_sigill=1:allocator_release_to_os_interval_ms=500:print_suppressions=0:strict_memcmp=1:allow_user_segv_handler=0:allocator_may_return_null=1:use_sigaltstack=1:handle_sigfpe=1:handle_sigbus=1:detect_stack_use_after_return=1:alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=64:detect_odr_violation=0:handle_segv=1:fast_unwind_on_fatal=0 | |
b5e1f0bd | 46 | UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1:silence_unsigned_overflow=1 |
20c9c29c EV |
47 | FUZZIT_ARGS="--type ${FUZZING_TYPE} --branch ${FUZZIT_BRANCH} --revision ${TRAVIS_COMMIT} -e ASAN_OPTIONS=${ASAN_OPTIONS} -e UBSAN_OPTIONS=${UBSAN_OPTIONS}" |
48 | wget -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64 | |
53a42e62 JP |
49 | chmod +x fuzzit |
50 | ||
a8af7f6a FS |
51 | # Simple wrapper which retries given command up to three times if it fails |
52 | _retry() { | |
53 | local EC=1 | |
54 | ||
55 | for _ in {0..2}; do | |
56 | if "$@"; then | |
57 | EC=0 | |
58 | break | |
59 | fi | |
60 | ||
61 | sleep 1 | |
62 | done | |
63 | ||
64 | return $EC | |
65 | } | |
66 | ||
67 | find out/ -maxdepth 1 -name 'fuzz-*' -executable -type f -exec basename '{}' \; | while read -r fuzzer; do | |
68 | _retry ./fuzzit create job ${FUZZIT_ARGS} ${fuzzer}-asan-ubsan out/${fuzzer} ${FUZZIT_ADDITIONAL_FILES} | |
69 | done | |
688b142d | 70 | |
d4d74d0f | 71 | export SANITIZER="memory -fsanitize-memory-track-origins" |
688b142d EV |
72 | FUZZIT_ARGS="--type ${FUZZING_TYPE} --branch ${FUZZIT_BRANCH} --revision ${TRAVIS_COMMIT}" |
73 | tools/oss-fuzz.sh | |
74 | ||
a8af7f6a FS |
75 | find out/ -maxdepth 1 -name 'fuzz-*' -executable -type f -exec basename '{}' \; | while read -r fuzzer; do |
76 | _retry ./fuzzit create job ${FUZZIT_ARGS} ${fuzzer}-msan out/${fuzzer} ${FUZZIT_ADDITIONAL_FILES} | |
77 | done |