Integrate Fuzz Introspector with coverage build#7060
Conversation
|
|
||
|
|
||
| def get_fuzz_introspector_steps(project, project_name, base_images_project, | ||
| config, coverage_url): |
There was a problem hiding this comment.
Please add a docstring.
| def get_fuzz_introspector_steps(project, project_name, base_images_project, | ||
| config, coverage_url): | ||
| build_steps = [] | ||
| FI_dir = '/workspace/fuzz-introspector/' |
There was a problem hiding this comment.
Use the full name. i.e. FUZZ_INTROSPECTOR_DIR, and put it above globally together with the other constants.
| config, coverage_url): | ||
| build_steps = [] | ||
| FI_dir = '/workspace/fuzz-introspector/' | ||
| oss_integration_dir = 'oss_fuzz_integration/' |
There was a problem hiding this comment.
Also, let's not hardcode '/' in the directory constants.
Use os.path.join where needed. In this case though, we can skip the separator completely and just do
oss_fuzz_integration_dir = 'oss_fuzz_integration'
| return build_steps | ||
|
|
||
|
|
||
| def get_fuzz_introspector_steps(project, project_name, base_images_project, |
There was a problem hiding this comment.
Please write a test for this as well. See the existing build_and_run_coverage_test.py file for examples.
| 'args': [ | ||
| 'bash', '-c', | ||
| (f'cd {FI_dir} && cd {oss_integration_dir}' | ||
| ' && sed -i \'s/\.\/infra\/base\-images\/all.sh/#\.\/infra\/base\-images\/all.sh/\'' |
There was a problem hiding this comment.
This is very hacky and fragile.
Let's upstream changes and do things in the main oss-fuzz repo where we can rather than using sed.
Also is this actually still needed when we are building the customized build images in the base images build function?
There was a problem hiding this comment.
+++1.
Also I don't like that this is relying on all.sh. As far as I know all.sh is meant for local development.
| #adjust coverage url | ||
| cov_url_escaped = coverage_url.replace("/", "\/").replace(":", "\:") | ||
| set_cov_url = ( | ||
| f'sed -i \'s/http\:\/\/localhost\:8008\/covreport\/linux/{cov_url_escaped}/\'' |
There was a problem hiding this comment.
Why is this needed? Good to explain with a comment in cases like this.
Also, is there a better way to do this that doesn't involve using sed?
| 'HOME': '/root', | ||
| 'OUT': build.out, | ||
| } | ||
|
|
There was a problem hiding this comment.
nit: remove unnecessary change.
| def get_compile_step(project, build, env, parallel): | ||
| """Returns the GCB step for compiling |projects| fuzzers using |env|. The type | ||
| of build is specified by |build|.""" | ||
| set_git_repo_env = '' #do nothing |
There was a problem hiding this comment.
no need for the comment here.
| set_git_repo_env = '' #do nothing | ||
| if build.sanitizer == 'instrumentor': | ||
| set_git_repo_env = ( | ||
| ' && export GITHUB_REPO=$(grep -P -o "\S+github.com\S+" /workspace/oss-fuzz/projects/' |
There was a problem hiding this comment.
Can we do this in a less hacky way?
It's used by the helper.py script right?
We can instead modify the helper.py script to set this based on the main_repo property in project.yaml. e.g.
This is slightly different from how the existing patch does it: https://github.com/ossf/fuzz-introspector/blob/a49f0ca54103e6dc0177700d22a166a727683334/oss_fuzz_integration/oss-fuzz-patches.diff#L194 but it's less hacky.
| latest_report_info_url, | ||
| LATEST_REPORT_INFO_CONTENT_TYPE)) | ||
|
|
||
| #currently fuzz introspector only supports c and c++ |
There was a problem hiding this comment.
add a space after all '#'
There was a problem hiding this comment.
And start every comment with a capital letter and end them with punctuation marks.
|
|
||
| #currently fuzz introspector only supports c and c++ | ||
| if project.fuzzing_language in ['c', 'c++']: | ||
| #removes index.html from the end of url |
| #currently fuzz introspector only supports c and c++ | ||
| if project.fuzzing_language in ['c', 'c++']: | ||
| #removes index.html from the end of url | ||
| coverage_url = bucket.html_report_url[:-11] |
There was a problem hiding this comment.
what is -11? either calculate this from a len(CONSTANT) or do a CONSTANT = 11
|
Also please fix the lint failures in https://github.com/google/oss-fuzz/runs/4622563959?check_suite_focus=true |
|
CI is failing because of test and presubmit failures. Please fix them. |
jonathanmetzman
left a comment
jonathanmetzman
left a comment
There was a problem hiding this comment.
I think this PR needs some redesigning at a high-level before we proceed on fixing individual issues.
I'm most concerned with the interface between oss-fuzz and fuzz-introspector (as is, this code (which lives in oss-fuzz) clones fuzz-introspector, which clones oss-fuzz again.
I'm also concerned with the frequent use of sed here. I think it probably doens't need to be used at all.
| f'/{upload_type}/{self.date}') | ||
|
|
||
|
|
||
| class IntrospectorBucket: # pylint: disable=too-few-public-methods |
There was a problem hiding this comment.
Let's make a BaseBucket class that Bucket (which should be named CoverageBucket) and IntrospectorBucket can inherit from (or maybe we don't need 3 classes, maybe we can just have a bucket class and set the attributes that need to be different. Either way as is, this isn't good, it's basically duplicated code.
| latest_report_info_url, | ||
| LATEST_REPORT_INFO_CONTENT_TYPE)) | ||
|
|
||
| #currently fuzz introspector only supports c and c++ |
There was a problem hiding this comment.
And start every comment with a capital letter and end them with punctuation marks.
|
|
||
| # Where code coverage reports need to be uploaded to. | ||
| COVERAGE_BUCKET_NAME = 'oss-fuzz-coverage' | ||
| INTROSPECTOR_BUCKET_NAME = 'oss-fuzz-introspector' |
There was a problem hiding this comment.
Why are these constants necessary?
We set these strings to be equal to them on lines 53 and 84 anyway.
Reuse them on lines 53 and 84 please.
| @@ -36,6 +36,7 @@ | |||
|
|
|||
| # Where code coverage reports need to be uploaded to. | |||
There was a problem hiding this comment.
This comment doesn't apply to the constant you added.
| config.test_image_suffix), | ||
| 'env': | ||
| coverage_env, | ||
| 'name': 'gcr.io/oss-fuzz-base/base-runner:introspector', |
There was a problem hiding this comment.
- Why did you make this change?
- Your change breaks testing, see how the actual function you get rid of is implemented
- It just seems very weird that a tag is used for the introspector version instead of base-introspector.
- Our current code allows changing oss-fuzz-base to something else (that's why base_images_project (defined here) is passed around. This breaks that. @oliverchang is this a feature worth keeping?
| config.test_image_suffix), | ||
| 'args': [ | ||
| 'bash', '-c', | ||
| (f'cd {FI_dir} && cd {oss_integration_dir}' |
There was a problem hiding this comment.
This is very difficult to understand.
Instead of defining oss_integration_dir to implicitly be a subdir of FI_DIR make it an absolute path like so:
oss_integration_dir = os.path.join(FI_DIR, 'oss_fuzz_integration')
And then you will only have to cd once here.
| config, coverage_url): | ||
| build_steps = [] | ||
| FI_dir = '/workspace/fuzz-introspector/' | ||
| oss_integration_dir = 'oss_fuzz_integration/' |
There was a problem hiding this comment.
Could you explain what oss_integration_dir is in a comment?
I had to figure out what it is by going to the fuzz_introspector repo, can't expect readers to do this.
| (f'cd {FI_dir} && cd {oss_integration_dir}' | ||
| ' && sed -i \'s/\.\/infra\/base\-images\/all.sh/#\.\/infra\/base\-images\/all.sh/\'' | ||
| ' build_patched_oss_fuzz.sh' | ||
| ' && ./build_patched_oss_fuzz.sh') |
There was a problem hiding this comment.
Where is this file?
| ' && ./build_patched_oss_fuzz.sh') | ||
| ] | ||
| }) | ||
|
|
||
| build_steps.append({ | ||
| 'name': | ||
| build_project.get_runner_image_name(base_images_project, | ||
| config.test_image_suffix), | ||
| 'args': [ | ||
| 'bash', '-c', | ||
| ('sed -i s/base-builder/base-builder:introspector/g ' | ||
| f'{FI_dir}{oss_integration_dir}oss-fuzz/projects/{project_name}/Dockerfile' |
There was a problem hiding this comment.
OK, I think I figured out what this is doing and I think this isn't well designed.
If I understand correctly, the highlighted lines calls build_patched_oss_fuzz.sh from our cloned copy of fuzz-introspector which then clones oss-fuzz again.
I think before we continue with this PR we should go back to the drawing board and describe at a high-level how this should work and then implement based on that spec.
There was a problem hiding this comment.
To follow on this, there are some other thoughts on fuzz-introspector that I think makes sense to consider when integrating fuzz-introspector to oss-fuzz: #7059 (comment)
| '-m', | ||
| 'cp', | ||
| '-r', | ||
| os.path.join(build.out, 'inspector-tmp'), |
There was a problem hiding this comment.
What's inspector-tmp? Where does this come from?
|
Thanks for all the comments, closing this as #7162 is the one to move forward with. |
4 participants
Added build steps to the coverage build to integrate fuzz intrsopsector.