]>
Commit | Line | Data |
---|---|---|
53a42e62 JP |
1 | #!/bin/bash |
2 | ||
3 | set -e | |
4 | set -x | |
5 | set -u | |
6 | ||
64d0f704 EV |
7 | # This should help to protect the systemd organization on Fuzzit from forks |
8 | # that are activated on Travis CI. | |
9 | [[ "$TRAVIS_REPO_SLUG" = "systemd/systemd" ]] || exit 0 | |
10 | ||
53a42e62 JP |
11 | REPO_ROOT=${REPO_ROOT:-$(pwd)} |
12 | ||
13 | sudo bash -c "echo 'deb-src http://archive.ubuntu.com/ubuntu/ xenial main restricted universe multiverse' >>/etc/apt/sources.list" | |
14 | sudo apt-get update -y | |
15 | sudo apt-get build-dep systemd -y | |
c4ae2704 | 16 | sudo apt-get install -y python3-pip python3-setuptools |
e65f29b4 | 17 | # The following should be dropped when debian packaging has been updated to include them |
0edd431e | 18 | sudo apt-get install -y libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev |
c4ae2704 | 19 | pip3 install ninja meson |
53a42e62 JP |
20 | |
21 | cd $REPO_ROOT | |
22 | export PATH="$HOME/.local/bin/:$PATH" | |
5057d73b | 23 | |
5057d73b | 24 | # TODO: figure out what to do about unsigned-integer-overflow: https://github.com/google/oss-fuzz/issues/910 |
9554b8d1 | 25 | export SANITIZER="address -fsanitize=undefined,unsigned-integer-overflow" |
53a42e62 JP |
26 | tools/oss-fuzz.sh |
27 | ||
20c9c29c | 28 | FUZZING_TYPE=${1:-regression} |
53a42e62 | 29 | if [ "$TRAVIS_PULL_REQUEST" = "false" ]; then |
b5e1f0bd | 30 | FUZZIT_BRANCH="${TRAVIS_BRANCH}" |
53a42e62 | 31 | else |
b5e1f0bd | 32 | FUZZIT_BRANCH="PR-${TRAVIS_PULL_REQUEST}" |
53a42e62 JP |
33 | fi |
34 | ||
86b52a39 | 35 | # Because we want Fuzzit to run on every pull-request and Travis/Azure doesn't support encrypted keys |
53a42e62 | 36 | # on pull-request we use a write-only key which is ok for now. maybe there will be a better solution in the future |
807f9a17 | 37 | export FUZZIT_API_KEY=af6992074353998676713818cc6435ef4a750439932dab58b51e9354d6742c54d740a3cd9fc1fc001db82f51734a24bc |
81f33199 | 38 | FUZZIT_ADDITIONAL_FILES="./out/src/shared/libsystemd-shared-*.so" |
f789e0b4 EV |
39 | |
40 | # ASan options are borrowed almost verbatim from OSS-Fuzz | |
41 | ASAN_OPTIONS=redzone=32:print_summary=1:handle_sigill=1:allocator_release_to_os_interval_ms=500:print_suppressions=0:strict_memcmp=1:allow_user_segv_handler=0:allocator_may_return_null=1:use_sigaltstack=1:handle_sigfpe=1:handle_sigbus=1:detect_stack_use_after_return=1:alloc_dealloc_mismatch=0:detect_leaks=1:print_scariness=1:max_uar_stack_size_log=16:handle_abort=1:check_malloc_usable_size=0:quarantine_size_mb=64:detect_odr_violation=0:handle_segv=1:fast_unwind_on_fatal=0 | |
b5e1f0bd | 42 | UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1:silence_unsigned_overflow=1 |
20c9c29c EV |
43 | FUZZIT_ARGS="--type ${FUZZING_TYPE} --branch ${FUZZIT_BRANCH} --revision ${TRAVIS_COMMIT} -e ASAN_OPTIONS=${ASAN_OPTIONS} -e UBSAN_OPTIONS=${UBSAN_OPTIONS}" |
44 | wget -O fuzzit https://github.com/fuzzitdev/fuzzit/releases/latest/download/fuzzit_Linux_x86_64 | |
53a42e62 JP |
45 | chmod +x fuzzit |
46 | ||
a8af7f6a FS |
47 | # Simple wrapper which retries given command up to three times if it fails |
48 | _retry() { | |
49 | local EC=1 | |
50 | ||
51 | for _ in {0..2}; do | |
52 | if "$@"; then | |
53 | EC=0 | |
54 | break | |
55 | fi | |
56 | ||
57 | sleep 1 | |
58 | done | |
59 | ||
60 | return $EC | |
61 | } | |
62 | ||
63 | find out/ -maxdepth 1 -name 'fuzz-*' -executable -type f -exec basename '{}' \; | while read -r fuzzer; do | |
64 | _retry ./fuzzit create job ${FUZZIT_ARGS} ${fuzzer}-asan-ubsan out/${fuzzer} ${FUZZIT_ADDITIONAL_FILES} | |
65 | done | |
688b142d | 66 | |
d4d74d0f | 67 | export SANITIZER="memory -fsanitize-memory-track-origins" |
688b142d EV |
68 | FUZZIT_ARGS="--type ${FUZZING_TYPE} --branch ${FUZZIT_BRANCH} --revision ${TRAVIS_COMMIT}" |
69 | tools/oss-fuzz.sh | |
70 | ||
a8af7f6a FS |
71 | find out/ -maxdepth 1 -name 'fuzz-*' -executable -type f -exec basename '{}' \; | while read -r fuzzer; do |
72 | _retry ./fuzzit create job ${FUZZIT_ARGS} ${fuzzer}-msan out/${fuzzer} ${FUZZIT_ADDITIONAL_FILES} | |
73 | done |