Build OSS-Fuzz projects with FuzzBench fuzzers. (#13126)

Use fuzzbench.py for building OSS-Fuzz projects with FuzzBench fuzzers.

- Added a call to `fuzzbench.py`'s `get_build_steps` function in the
`oss_fuzz_on_demand.py` main function.
- Changed `FUZZ_TARGET` environment variable value to an empty string to
be able to find binary targets during the build.
- Added handling of command line arguments.
- Removed `OUT` environment variable overwrite on `fuzzbench.py` to make
code more understandable.

Related to b/401215144 .

Author: decoNR

infra/build/functions/build_project.py

@@ -76,6 +76,7 @@ class Config:
   # TODO(ochang): This should be different per engine+sanitizer combination.
   upload_build_logs: str = None
   build_type: str = None
+  fuzzing_engine: str = None
 
 
 # Allow the WORKDIR to be commented out for OSS-Fuzz-Gen, which creates new
@@ -607,9 +608,9 @@ def run_build(oss_fuzz_project,
                              experiment=experiment)
 
 
-def get_args(description):
-  """Parses command line arguments and returns them. Suitable for a build
-  script."""
+def parse_args(description, args):
+  """Parses command line arguments (or args if it is not None) and returns them.
+  Suitable for a build script."""
   parser = argparse.ArgumentParser(sys.argv[0], description=description)
   parser.add_argument('projects', help='Projects.', nargs='+')
   parser.add_argument('--testing',
@@ -621,6 +622,10 @@ def get_args(description):
                       required=False,
                       default=None,
                       help='Use testing base-images.')
+  parser.add_argument('--repo',
+                      required=False,
+                      default=DEFAULT_OSS_FUZZ_REPO,
+                      help='Use specified OSS-Fuzz repo.')
   parser.add_argument('--branch',
                       required=False,
                       default=None,
@@ -635,7 +640,11 @@ def get_args(description):
                       required=False,
                       default=False,
                       help='Configuration for experiments.')
-  return parser.parse_args()
+  parser.add_argument('--fuzzing-engine',
+                      required=False,
+                      default='libfuzzer',
+                      help='Fuzzing engine name.')
+  return parser.parse_args(args)
 
 
 def create_config(args, build_type):
@@ -647,15 +656,19 @@ def create_config(args, build_type):
                 parallel=args.parallel,
                 upload=upload,
                 experiment=args.experiment,
-                build_type=build_type)
+                build_type=build_type,
+                fuzzing_engine=args.fuzzing_engine)
 
 
-def build_script_main(script_description, get_build_steps_func, build_type):
+def build_script_main(script_description,
+                      get_build_steps_func,
+                      build_type,
+                      args=None):
   """Gets arguments from command line using |script_description| as helpstring
-  description. Gets build_steps using |get_build_steps_func| and then runs those
-  steps on GCB, tagging the builds with |build_type|. Returns 0 on success, 1 on
-  failure."""
-  args = get_args(script_description)
+  description or from args. Gets build_steps using |get_build_steps_func| and
+  then runs those steps on GCB, tagging the builds with |build_type|. Returns 0
+  on success, 1 on failure."""
+  args = parse_args(script_description, args)
   logging.basicConfig(level=logging.INFO)
 
   credentials = oauth2client.client.GoogleCredentials.get_application_default()

infra/build/functions/fuzzbench.py

@@ -41,11 +41,8 @@ def get_env(project, build):
   env.append('FORCE_LOCAL=1')
   env.append(f'PROJECT={project.name}')
   env.append('OSS_FUZZ_ON_DEMAND=1')
-  env.append('OUT=/workspace/out')
-  env.extend([
-      'FUZZ_TARGET=vulnerable', f'BENCHMARK={project.name}',
-      'EXPERIMENT_TYPE=bug'
-  ])
+  env.extend(
+      ['FUZZ_TARGET=', f'BENCHMARK={project.name}', 'EXPERIMENT_TYPE=bug'])
   return env
 
 
@@ -98,21 +95,19 @@ def get_build_fuzzers_step(fuzzing_engine, project, env, build):
 
 
 def get_build_steps(  # pylint: disable=too-many-locals, too-many-arguments
-    project_name, project_yaml, dockerfile_lines, image_project,
-    base_images_project, config):
+    project_name, project_yaml, dockerfile_lines, config):
   """Returns build steps for project."""
-  del base_images_project
-  project = build_project.Project(project_name, project_yaml, dockerfile_lines,
-                                  image_project)
+  project = build_project.Project(project_name, project_yaml, dockerfile_lines)
   if project.disabled:
     logging.info('Project "%s" is disabled.', project.name)
     return []
 
-  config = build_project.Config(config.testing, None, config.repo,
-                                config.branch, config.parallel, config.upload)
-
-  # TODO(metzman): Make this a command line argument
-  fuzzing_engine = 'libfuzzer'
+  config = build_project.Config(testing=config.testing,
+                                repo=config.repo,
+                                branch=config.branch,
+                                parallel=config.parallel,
+                                upload=config.upload,
+                                fuzzing_engine=config.fuzzing_engine)
 
   steps = [
       {
@@ -145,13 +140,14 @@ def get_build_steps(  # pylint: disable=too-many-locals, too-many-arguments
                                              project.fuzzing_language,
                                              config=config)
 
-  build = build_project.Build(fuzzing_engine, 'address', 'x86_64')
+  build = build_project.Build(config.fuzzing_engine, 'address', 'x86_64')
   env = get_env(project, build)
 
-  steps += get_build_fuzzers_step(fuzzing_engine, project, env, build)
+  steps += get_build_fuzzers_step(config.fuzzing_engine, project, env, build)
+
   run_fuzzer_step = {
       'name':
-          get_engine_project_image(fuzzing_engine, project),
+          get_engine_project_image(config.fuzzing_engine, project),
       'env':
           env,
       'volumes': [{
@@ -166,20 +162,6 @@ def get_build_steps(  # pylint: disable=too-many-locals, too-many-arguments
       ],
   }
   steps.append(run_fuzzer_step)
-
-  build = build_project.Build('coverage', 'address', 'x86_64')
-  env = get_env(project, build)
-  env.append(f'FUZZER={fuzzing_engine}')
-  steps += get_build_fuzzers_step('coverage', project, env, build)
-  steps += [{
-      'args': ['fuzzbench_measure'],
-      'env': env,
-      'name': get_engine_project_image('coverage', project),
-      'volumes': [{
-          'name': 'fuzzbench_path',
-          'path': FUZZBENCH_PATH,
-      }],
-  }]
   return steps
 
 

infra/build/functions/gcb.py

@@ -67,7 +67,8 @@ def get_latest_gcbrun_command(comments):
 
 def exec_command_from_github(pull_request_number, repo, branch):
   """Executes the gcbrun command for trial_build.py or oss_fuzz_on_demand.py in
-  the most recent command on |pull_request_number|."""
+  the most recent command on |pull_request_number|. Returns True on success,
+  False on failure."""
   comments = get_comments(pull_request_number)
   full_command = get_latest_gcbrun_command(comments)
 
@@ -85,7 +86,7 @@ def exec_command_from_github(pull_request_number, repo, branch):
   logging.info('Command: %s.', command)
 
   if command_file == OSS_FUZZ_ON_DEMAND_COMMAND_STR.split(' ')[1]:
-    return oss_fuzz_on_demand.oss_fuzz_on_demand_main(command)
+    return oss_fuzz_on_demand.oss_fuzz_on_demand_main(command) == 0
   return trial_build.trial_build_main(command, local_base_build=False)
 
 

infra/build/functions/gcb_test.py

@@ -131,3 +131,29 @@ def test_exec_command(self):
               mock_trial_build_trial_build_main.assert_not_called()
               mock_oss_fuzz_on_demand.assert_called_once_with(
                   test_case["expected_command"])
+
+  @mock.patch('gcb.get_comments',
+              return_value=[('/gcbrun oss_fuzz_on_demand.py aiohttp --sanitizer'
+                             'coverage address --fuzzing-engine libfuzzer')])
+  @mock.patch('gcb.get_latest_gcbrun_command',
+              return_value=[
+                  'oss_fuzz_on_demand.py', 'aiohttp', '--fuzzing-engine',
+                  'libfuzzer'
+              ])
+  @mock.patch('trial_build.trial_build_main')
+  @mock.patch('build_project.build_script_main', return_value=0)
+  def test_build_script_main_args(self, mock_build_script_main,
+                                  mock_trial_build_main,
+                                  mock_get_latest_gcbrun_command,
+                                  mock_gcb_get_comments):
+    """Tests for build_script_main args on oss_fuzz_on_demmand call."""
+    gcb.exec_command_from_github(0, "test_repo", "test_branch")
+
+    mock_trial_build_main.assert_not_called()
+
+    build_script_main_args = [
+        'aiohttp', '--fuzzing-engine', 'libfuzzer', '--repo', 'test_repo',
+        '--branch', 'test_branch'
+    ]
+    mock_build_script_main.assert_called_once_with(mock.ANY, mock.ANY, mock.ANY,
+                                                   build_script_main_args)

infra/build/functions/oss_fuzz_on_demand.py

@@ -18,9 +18,16 @@
 import sys
 import logging
 
+import fuzzbench
+import build_project
+
 
 def oss_fuzz_on_demand_main(args=None):
-  """Main function for OSS-Fuzz on demand."""
+  """Main function for OSS-Fuzz on demand. Returns 0 on success, 1 on
+  failure."""
+  return build_project.build_script_main('Does a FuzzBench run.',
+                                         fuzzbench.get_build_steps,
+                                         fuzzbench.FUZZBENCH_BUILD_TYPE, args)
 
 
 def main():

infra/build/functions/trial_build/Dockerfile

@@ -21,4 +21,5 @@ COPY . /opt/oss-fuzz
 RUN pip install -r /opt/oss-fuzz/infra/build/functions/requirements.txt
 
 WORKDIR /opt/oss-fuzz/infra/build/functions/
+
 ENTRYPOINT ["python3", "/opt/oss-fuzz/infra/build/functions/gcb.py"]