simplecpp/.github/workflows/fuzz.yml at 17201f6a3487eecaf314c913a6cf56331555e9e3 · cppcheck-opensource/simplecpp · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# Syntax reference https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions
# Environment reference https://help.github.com/en/actions/reference/virtual-environments-for-github-hosted-runners
name: fuzz
on: [pull_request]

permissions:
  contents: read

jobs:
  fuzz:
    runs-on: ubuntu-24.04
    if: ${{ github.repository_owner == 'danmar' }}

    steps:
      - uses: actions/checkout@v6
        with:
          persist-credentials: false

      # the man-db trigger causes package installations to stall for several minutes at times. so just drop the package.
      # see https://github.com/actions/runner/issues/4030
      - name: Remove man-db package
        run: |
          sudo apt-get update
          sudo apt-get remove man-db

      - name: Install missing software
        run: |
          sudo apt-get update
          sudo apt-get install -y make

      - name: Install clang
        if: false
        run: |
          wget https://apt.llvm.org/llvm.sh
          chmod +x llvm.sh
          sudo ./llvm.sh 21

      - name: Generate corpus
        run: |
          mkdir corpus_test
          make testrunner CXXOPTS="-DSTORE_INPUT_DIR=\"\\\"$(pwd)/corpus_test\\\"\""
          ./testrunner

      - name: Upload corpus (testrunner)
        uses: actions/upload-artifact@v6
        with:
          name: corpus_test
          path: ./corpus_test

      - name: Build fuzzer
        id: build
        run: |
          # TODO: test O/LTO for best speed
          # TODO: use -stdlib=libc++ -lc++
          make -j$(nproc) CXXOPTS="-O2 -fno-omit-frame-pointer -g -gline-tables-only -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION -fsanitize=address,undefined -fsanitize-address-use-after-scope -fno-sanitize=integer -fno-sanitize-recover=undefined" LIB_FUZZING_ENGINE="-fsanitize=fuzzer" fuzz
        env:
          CXX: clang++

      - name: Run fuzzer
        run: |
          mkdir corpus
          mkdir artifacts
          ./fuzz -only_ascii=1 -timeout=5 -fork=$(nproc) -use_value_profile=0 -max_total_time=60 -artifact_prefix=./artifacts/ corpus corpus_test

      - name: Upload corpus
        uses: actions/upload-artifact@v6
        if: (success() || failure()) && steps.build.outcome == 'success'
        with:
          name: corpus
          path: ./corpus

      - name: Upload artifacts
        uses: actions/upload-artifact@v6
        if: failure() && steps.build.outcome == 'success'
        with:
          name: artifacts
          path: ./artifacts