New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
migrate runner.py features into oss-fuzz/infra/helper.py #587
Comments
+1 to this! Note that we already have a Is the difference here just the ability to generate an introspector report? |
|
Apart from downloading public corpora automatically I think it is. Right now to build FI reports it's necessary to clone the |
Before I forget if it's decided that it should be possible to download public corpora via project_qualified_fuzz_target_name = target_name
qualified_name_prefix = self.config.oss_fuzz_project_name + '_'
if not target_name.startswith(qualified_name_prefix):
project_qualified_fuzz_target_name = qualified_name_prefix + target_name I don't think there are a lot of projects where it would be necessary but as far as I can remember |
I'd add that it would make it easier to fuzz projects that aren't integrated into OSS-Fuzz. For example I fuzzed a small library today so I put its fuzz target in the OSS-Fuzz repository to make it easier to fuzz it locally using the OSS-Fuzz toolchain. Once a couple of shallow bugs were fixed there I ran the fuzz target for a couple of hours to build up a corpora and was on the way to use them to build FI reports to figure out how it fared in general. I ended up cloning the FI repository, copying the OSS-Fuzz repository with that local project to the |
@evverx I'll start this in the coming days! |
@DavidKorczynski good to know. Thanks! FWIW I'm not sure how to fix that "infra/helper.py" bug where it can't be run a few times in a row with local build directories. Unfortunately the patch where I added the ":O" option to get it to destroy any changes to build directories works with |
Ref: ossf/fuzz-introspector#587 Signed-off-by: David Korczynski <david@adalogics.com>
Thanks for the link here. I got this started in google/oss-fuzz#9155 and will iterate over this issue in a few PRs on the oss-fuzz side incrementally! |
Ref: ossf/fuzz-introspector#587 CC @evverx Signed-off-by: David Korczynski <david@adalogics.com> Signed-off-by: David Korczynski <david@adalogics.com>
Make it possible to do a full run of introspector locally. This will make it a lot easier for users to integrate it into the fuzzer building workflow. To trigger, just run: `python3 infra/helper.py introspector PROJ_NAME` Other example commands: `python3 infra/helper.py introspector --public-corpora PROJ_NAME` : will download the latest public corpus for project PROJ_NAME and use that when collecting coverage `python3 infra/helper.py introspector --seconds=X PROJ_NAME`: will run the fuzzers for X seconds for corpus collection `python3 infra/helper.py introspector PROJ_NAME LOCAL_PATH` will do the introspector run using the LOCAL_PATH as source code folder (for testing modifications) Ref: ossf/fuzz-introspector#587 Signed-off-by: David Korczynski <david@adalogics.com>
@DavidKorczynski now that FI is integrated into |
Great! Am glad the recent additions improved things!
Sounds good! Let's track diffing of runs here #734 -- fyi this is in my todo list for the near future, and we should probably have some updates in mid january! |
Ref: ossf/fuzz-introspector#587 CC @evverx Signed-off-by: David Korczynski <david@adalogics.com> Signed-off-by: David Korczynski <david@adalogics.com>
Make it possible to do a full run of introspector locally. This will make it a lot easier for users to integrate it into the fuzzer building workflow. To trigger, just run: `python3 infra/helper.py introspector PROJ_NAME` Other example commands: `python3 infra/helper.py introspector --public-corpora PROJ_NAME` : will download the latest public corpus for project PROJ_NAME and use that when collecting coverage `python3 infra/helper.py introspector --seconds=X PROJ_NAME`: will run the fuzzers for X seconds for corpus collection `python3 infra/helper.py introspector PROJ_NAME LOCAL_PATH` will do the introspector run using the LOCAL_PATH as source code folder (for testing modifications) Ref: ossf/fuzz-introspector#587 Signed-off-by: David Korczynski <david@adalogics.com>
Making an issue of #525 (comment)
oss_fuzz_integration/runner.py has a few features that are convenient for building and running fuzzers by way of oss-fuzz, including:
python3 ../runner.py {coverage | introspector} proj_name exec_sec
which will build fuzzers ofproj_name
with the default sanitizer, run the fuzzers forexec_sec
seconds and then generate a coverage or introspector report.The features are useful when improving fuzzers for a given project as it makes the workflow fast.
Some of these features would make sense to add to OSS-Fuzz, in particular coverage generation using public corpus, generation of fuzz introspector reports for a given project and also generation just coverage for a given project.
The text was updated successfully, but these errors were encountered: