From e5249fb307875c376e04f763971c15c07f1beced Mon Sep 17 00:00:00 2001 From: MarcoFalke Date: Fri, 29 Jan 2021 07:43:05 +0100 Subject: [PATCH] Merge #21012: ci: Fuzz with integer sanitizer faff3991a9be0ea7be31685fb46d94c212c5da34 ci: Fuzz with integer sanitizer (MarcoFalke) Pull request description: Otherwise the suppressions file will go out of sync ACKs for top commit: practicalswift: cr ACK faff3991a9be0ea7be31685fb46d94c212c5da34: patch looks correct Tree-SHA512: 349216d071a2c5ccf24565fe0c52d7a570ec148d515d085616a284f1ab9992ce10ff82eb17962dddbcda765bbd3a9b15e8b25f34bdbed99fc36922d4161d307c --- .cirrus.yml | 2 +- Makefile.am | 4 ++++ ci/test/00_setup_env_native_fuzz.sh | 2 +- test/fuzz/test_runner.py | 20 +++++++++++++------- test/sanitizer_suppressions/ubsan | 1 + 5 files changed, 20 insertions(+), 9 deletions(-) diff --git a/.cirrus.yml b/.cirrus.yml index ab5893f054..04af90a764 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -124,7 +124,7 @@ task: FILE_ENV: "./ci/test/00_setup_env_native_asan.sh" task: - name: '[no depends, sanitizers: fuzzer,address,undefined] [focal]' + name: '[no depends, sanitizers: fuzzer,address,undefined,integer] [focal]' << : *GLOBAL_TASK_TEMPLATE container: image: ubuntu:focal diff --git a/Makefile.am b/Makefile.am index 2bc205a973..887f9ad4ec 100644 --- a/Makefile.am +++ b/Makefile.am @@ -45,8 +45,12 @@ OSX_PLIST=$(top_builddir)/share/qt/Info.plist #not installed DIST_CONTRIB = \ $(top_srcdir)/contrib/debian/copyright \ $(top_srcdir)/contrib/install_db4.sh \ + $(top_srcdir)/test/sanitizer_suppressions/lsan \ + $(top_srcdir)/test/sanitizer_suppressions/tsan \ + $(top_srcdir)/test/sanitizer_suppressions/ubsan \ $(top_srcdir)/contrib/linearize/linearize-data.py \ $(top_srcdir)/contrib/linearize/linearize-hashes.py + DIST_SHARE = \ $(top_srcdir)/share/genbuild.sh \ $(top_srcdir)/share/rpcauth diff --git a/ci/test/00_setup_env_native_fuzz.sh b/ci/test/00_setup_env_native_fuzz.sh index a6f7f629a8..ee87aed0c7 100755 --- a/ci/test/00_setup_env_native_fuzz.sh +++ b/ci/test/00_setup_env_native_fuzz.sh @@ -16,4 +16,4 @@ export RUN_UNIT_TESTS=false export RUN_FUNCTIONAL_TESTS=false export RUN_FUZZ_TESTS=true export GOAL="install" -export BITCOIN_CONFIG="--enable-zmq --disable-ccache --enable-fuzz --with-sanitizers=fuzzer,address,undefined --enable-suppress-external-warnings CC=clang-16 CXX=clang++-16 --with-boost-process" +export BITCOIN_CONFIG="--enable-zmq --disable-ccache --enable-fuzz --with-sanitizers=fuzzer,address,undefined,integer --enable-suppress-external-warnings CC=clang-16 CXX=clang++-16 --with-boost-process" diff --git a/test/fuzz/test_runner.py b/test/fuzz/test_runner.py index 61559c4cb4..581fb36c53 100755 --- a/test/fuzz/test_runner.py +++ b/test/fuzz/test_runner.py @@ -13,9 +13,12 @@ import os import subprocess import sys -def get_fuzz_env(*, target): + +def get_fuzz_env(*, target, source_dir): return { 'FUZZ': target, + 'UBSAN_OPTIONS': + f'suppressions={source_dir}/test/sanitizer_suppressions/ubsan:print_stacktrace=1:halt_on_error=1:report_error_type=1', 'ASAN_OPTIONS': # symbolizer disabled due to https://github.com/google/sanitizers/issues/1364#issuecomment-761072085 'symbolize=0:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1', } @@ -136,7 +139,7 @@ def main(): os.path.join(config["environment"]["BUILDDIR"], 'src', 'test', 'fuzz', 'fuzz'), '-help=1', ], - env=get_fuzz_env(target=test_list_selection[0]), + env=get_fuzz_env(target=test_list_selection[0], source_dir=config['environment']['SRCDIR']), timeout=20, check=True, stderr=subprocess.PIPE, @@ -153,6 +156,7 @@ def main(): if args.generate: return generate_corpus( fuzz_pool=fuzz_pool, + src_dir=config['environment']['SRCDIR'], build_dir=config["environment"]["BUILDDIR"], corpus_dir=args.corpus_dir, targets=test_list_selection, @@ -163,6 +167,7 @@ def main(): fuzz_pool=fuzz_pool, corpus=args.corpus_dir, test_list=test_list_selection, + src_dir=config['environment']['SRCDIR'], build_dir=config["environment"]["BUILDDIR"], merge_dir=args.m_dir, ) @@ -172,6 +177,7 @@ def main(): fuzz_pool=fuzz_pool, corpus=args.corpus_dir, test_list=test_list_selection, + src_dir=config['environment']['SRCDIR'], build_dir=config["environment"]["BUILDDIR"], use_valgrind=args.valgrind, ) @@ -191,7 +197,7 @@ def generate_corpus(*, fuzz_pool, src_dir, build_dir, corpus_dir, targets): ' '.join(command), subprocess.run( command, - env=get_fuzz_env(target=t), + env=get_fuzz_env(target=t, source_dir=src_dir), check=True, stderr=subprocess.PIPE, universal_newlines=True, @@ -212,7 +218,7 @@ def generate_corpus(*, fuzz_pool, src_dir, build_dir, corpus_dir, targets): future.result() -def merge_inputs(*, fuzz_pool, corpus, test_list, build_dir, merge_dir): +def merge_inputs(*, fuzz_pool, corpus, test_list, src_dir, build_dir, merge_dir): logging.info("Merge the inputs from the passed dir into the corpus_dir. Passed dir {}".format(merge_dir)) jobs = [] for t in test_list: @@ -232,7 +238,7 @@ def merge_inputs(*, fuzz_pool, corpus, test_list, build_dir, merge_dir): output = 'Run {} with args {}\n'.format(t, " ".join(args)) output += subprocess.run( args, - env=get_fuzz_env(target=t), + env=get_fuzz_env(target=t, source_dir=src_dir), check=True, stderr=subprocess.PIPE, universal_newlines=True, @@ -245,7 +251,7 @@ def merge_inputs(*, fuzz_pool, corpus, test_list, build_dir, merge_dir): future.result() -def run_once(*, fuzz_pool, corpus, test_list, build_dir, use_valgrind): +def run_once(*, fuzz_pool, corpus, test_list, src_dir, build_dir, use_valgrind): jobs = [] for t in test_list: corpus_path = os.path.join(corpus, t) @@ -262,7 +268,7 @@ def run_once(*, fuzz_pool, corpus, test_list, build_dir, use_valgrind): output = 'Run {} with args {}'.format(t, args) result = subprocess.run( args, - env=get_fuzz_env(target=t), + env=get_fuzz_env(target=t, source_dir=src_dir), stderr=subprocess.PIPE, universal_newlines=True, ) diff --git a/test/sanitizer_suppressions/ubsan b/test/sanitizer_suppressions/ubsan index a306ca62a6..e6ae66d275 100644 --- a/test/sanitizer_suppressions/ubsan +++ b/test/sanitizer_suppressions/ubsan @@ -89,6 +89,7 @@ implicit-signed-integer-truncation:streams.h implicit-signed-integer-truncation:test/arith_uint256_tests.cpp implicit-signed-integer-truncation:test/skiplist_tests.cpp implicit-signed-integer-truncation:torcontrol.cpp +implicit-unsigned-integer-truncation:*/include/c++/ implicit-unsigned-integer-truncation:crypto/ implicit-unsigned-integer-truncation:leveldb/ implicit-unsigned-integer-truncation:test/fuzz/crypto_diff_fuzz_chacha20.cpp