Skip to content

Commit

Permalink
Make CI fuzzing a container task
Browse files Browse the repository at this point in the history
  • Loading branch information
tgross35 committed Feb 20, 2024
1 parent d87eed2 commit 159e866
Show file tree
Hide file tree
Showing 3 changed files with 9,618 additions and 7,682 deletions.
33 changes: 19 additions & 14 deletions .github/workflows/fuzz.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,23 +22,28 @@ jobs:
name: Parser fuzzing
runs-on: ubuntu-latest
timeout-minutes: 25
# Run in a container because we had some issues reproducing failures
container:
image: node:lts-slim
env:
# Just 10 minutes as a sanity check, should run longer locally.
# For whatever reason, this time is always wayyyy exceeded
# (hence the longer workflow timeout)
FUZZ_TOTAL_TIME: 600
steps:
- uses: actions/checkout@v4
- uses: taiki-e/install-action@just
- name: Get npm cache directory
id: npm-cache-dir
shell: bash
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- uses: actions/cache@v4
id: npm-cache
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-node-
- run: |
npm --version
npx --version
clang --version
if [ -f /.dockerenv ]; then
echo "Running in docker"
else
echo "Not in a docker container!"
exit 1
fi
apt-get update
apt-get install -y clang curl make g++ git
curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh |
bash -s -- --to /usr/bin
- run: just setup
- run: just fuzz
- name: Print failures
Expand Down
9 changes: 7 additions & 2 deletions justfile
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ general_cflags := "-Wall -Werror --pedantic -Wno-format-pedantic"

# FIXME: there are errors running with ASAN, we ideally want `,address` here
fuzzer_flags := env("FUZZER_FLAGS", "-fsanitize=fuzzer,undefined")
fuzz_time := env("FUZZ_TOTAL_TIME", "1200")

# Source files needed to build a parser
parser_sources := src + "/scanner.c " + src + "/parser.c " + ts_src + "/lib/src/lib.c"
Expand Down Expand Up @@ -53,7 +54,11 @@ setup:
check_installed clang-tidy
check_installed clang-format

npm install --include=dev
if which npm > /dev/null; then
npm install --include=dev
else
echo "npm not found: skipping install"
fi

# Lint with more minimal dependencies that can be run during pre-commit
_lint-min: tree-sitter-clone configure-compile-database
Expand Down Expand Up @@ -312,7 +317,7 @@ fuzz *extra-args: (gen "--debug-build") tree-sitter-clone _out-dirs

printf "$cache_key" > "$keyfile"

fuzzer_flags="-artifact_prefix=$artifacts -timeout=20 -max_total_time=1200 -jobs={{ nproc }}"
fuzzer_flags="-artifact_prefix=$artifacts -timeout=20 -max_total_time={{ fuzz_time }} -jobs={{ nproc }}"

echo "Starting fuzzing at $(date -u -Is)"
LD_LIBRARY_PATH="{{ts_src}}" "{{ fuzz_out }}" "$corpus" $fuzzer_flags {{ extra-args }}
Expand Down
Loading

0 comments on commit 159e866

Please sign in to comment.