From 9798f727360b27020d22cd3c4996cb642a84877f Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Fri, 21 Jan 2022 03:09:57 +0000 Subject: [PATCH 1/4] cflite: no longer download OSS-Fuzz corpus --- scripts/build-fuzzers.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/build-fuzzers.sh b/scripts/build-fuzzers.sh index cd738d2dd..26cacbe0d 100755 --- a/scripts/build-fuzzers.sh +++ b/scripts/build-fuzzers.sh @@ -55,6 +55,4 @@ make -C src -j$(nproc) CFLAGS="-I$elfutils/libelf $CFLAGS" BUILD_STATIC_ONLY=y V $CC $CFLAGS -Isrc -Iinclude -Iinclude/uapi -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -c .clusterfuzzlite/bpf-object-fuzzer.c -o bpf-object-fuzzer.o $CXX $CXXFLAGS $LIB_FUZZING_ENGINE bpf-object-fuzzer.o src/libbpf.a "$elfutils/libelf/libelf.a" -l:libz.a -o "$OUT/bpf-object-fuzzer" -wget -O "$OUT/bpf-object-fuzzer_seed_corpus.zip" https://storage.googleapis.com/libbpf-backup.clusterfuzz-external.appspot.com/corpus/libFuzzer/libbpf_bpf-object-fuzzer/public.zip - rm -rf "$elfutils" From 7f9b50ed7344ce982316af0b41cc3876525baf40 Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Fri, 21 Jan 2022 03:15:50 +0000 Subject: [PATCH 2/4] cflite: no longer clone libbpf --- .clusterfuzzlite/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/.clusterfuzzlite/Dockerfile b/.clusterfuzzlite/Dockerfile index 1617da29f..88aaa3fcf 100644 --- a/.clusterfuzzlite/Dockerfile +++ b/.clusterfuzzlite/Dockerfile @@ -7,7 +7,5 @@ RUN sed -i -e '/^#\s*deb-src.*\smain\s\+restricted/s/^#//' /etc/apt/sources.list # libbpf build dependencies \ apt-get install -y --no-install-recommends libz-dev libz-dev:i386 COPY .clusterfuzzlite/build.sh $SRC -RUN git clone --depth 1 https://github.com/libbpf/libbpf -WORKDIR libbpf COPY . $SRC/libbpf WORKDIR $SRC/libbpf From fc37e57896f37117c981380bf810d95ad2c9cd6b Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Fri, 21 Jan 2022 03:34:55 +0000 Subject: [PATCH 3/4] cflite: add the "prune" job --- .github/workflows/cflite_prune.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/cflite_prune.yml diff --git a/.github/workflows/cflite_prune.yml b/.github/workflows/cflite_prune.yml new file mode 100644 index 000000000..4274d59ce --- /dev/null +++ b/.github/workflows/cflite_prune.yml @@ -0,0 +1,19 @@ +name: ClusterFuzzLite prune +on: + schedule: + - cron: '0/10 0 * * *' +permissions: read-all +jobs: + Pruning: + runs-on: ubuntu-latest + steps: + - name: Build Fuzzers + id: build + uses: google/clusterfuzzlite/actions/build_fuzzers@v1 + - name: Run Fuzzers + id: run + uses: google/clusterfuzzlite/actions/run_fuzzers@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + fuzz-seconds: 180 + mode: 'prune' From 8c4fb0f1a6d7f13c35d162b85c7084f6aeb058e5 Mon Sep 17 00:00:00 2001 From: Evgeny Vereshchagin Date: Fri, 21 Jan 2022 03:40:31 +0000 Subject: [PATCH 4/4] cflite: run batch fuzzing every two hours now that the corpus has been updated --- .github/workflows/cflite_batch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cflite_batch.yml b/.github/workflows/cflite_batch.yml index 645b6c57b..d0b0dc2b2 100644 --- a/.github/workflows/cflite_batch.yml +++ b/.github/workflows/cflite_batch.yml @@ -1,7 +1,7 @@ name: ClusterFuzzLite batch fuzzing on: schedule: - - cron: '0/10 * * * *' + - cron: '0 0/2 * * *' permissions: read-all jobs: BatchFuzzing: